网友您好, 请在下方输入框内输入要搜索的题目:

题目内容 (请给出正确答案)
单选题
Your company uses a Windows 2008 Enterprise certificate authority (CA) to issue certificates. You need to implement key archival. What should you do()
A

Archive the private key on the server.

B

Apply the Hisecdc security template to the domain controllers.

C

Configure the certificate for automatic enrollment for the computers that store encrypted files.

D

Install an Enterprise Subordinate CA and issue a user certificate to users of the encrypted files.


参考答案

参考解析
解析: 暂无解析
更多 “单选题Your company uses a Windows 2008 Enterprise certificate authority (CA) to issue certificates. You need to implement key archival. What should you do()A Archive the private key on the server.B Apply the Hisecdc security template to the domain controllers.C Configure the certificate for automatic enrollment for the computers that store encrypted files.D Install an Enterprise Subordinate CA and issue a user certificate to users of the encrypted files.” 相关考题
考题 All servers on your company’s network run Windows Server 2008 R2. All client computers run Windows Vista.  The company is planning to virtualize an application that is CPU intensive and that runs only on Windows Vista and Windows 7. You need to recommend a virtualization solution that minimizes the use of CPU resources on the server.    Which technology should you recommend?()A、Remote Desktop Services (RDS)B、Microsoft Application Virtualization (App-V)C、Microsoft Virtual Desktop Infrastructure (VDI)D、Microsoft Enterprise Desktop Virtualization (MED-V)

考题 Your network consists of a single Active Directory domain. All domain controllers run Windows Server2008 R2. Your company and an external partner plan to collaborate on a project. The external partner has an Active Directory domain that contains Windows Server 2008 R2 domain controllers. You need to design a collaboration solution that meets the following requirements:   èAllows users to prevent sensitive documents from being forwarded to untrusted recipients or from being  printed.   èAllows users in the external partner organization to access the protected content to which they have been granted rights.   èSends all inter-organizational traffic over port 443.   èMinimizes the administrative effort required to manage the external users. What should you include in your design?()A、Establish a federated trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has Microsoft SharePoint Foundation 2010 installed.B、Establish a federated trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that runs Microsoft SharePoint 2010 and that has the Active Directory Rights  Management Services (AD?RMS) role installed.C、Establish an external forest trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has the Active Directory Certificate Services server role installed. Implement Encrypting File System (EFS).D、Establish an external forest trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has the Active Directory Rights Management Service (AD?RMS)role installed  and Microsoft SharePoint Foundation 2010 installed.

考题 Your company has an Active Directory domain. You plan to install the Active Directory Certificate Services (AD CS) server role on a member  server that runs Windows Server 2008 R2.     You need to ensure that members of the Account Operators group are able to issue smartcard  credentials. They should not be able to revoke certificates.     Which three actions should you perform()A、Install the AD CS server role and configure it as an Enterprise Root CA .B、Install the AD CS server role and configure it as a Standalone CA .C、Restrict enrollment agents for the Smartcard logon certificate to the Account Operator group.D、Restrict certificate managers for the Smartcard logon certificate to the Account Operator group.E、Create a Smartcard logon certificate.F、Create an Enrollment Agent certificate.

考题 Your company has an Active Directory domain. AlI servers run Windows Server 2008. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A、Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B、Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.C、Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D、Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.

考题 Your company has an Active Directory domain. All servers run Windows Server 2008 R2.  Your  company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA.  The Enterprise Intermediate CA certificate expires.    You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA  server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers  group policy object.D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy  object.

考题 Your company has an Active Directory domain. All servers run Windows Server 2008 R2.  Your  company runs an Enterprise Root certification authority (CA).   You need to ensure that only administrators can sign code. Which two task should you perform()A、Publish the code signing template.B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and  allow only administrators to apply the policy.C、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted  Publishers.D、Modify the security settings on the template to allow only administrators to request code signing  certificates.

考题 All servers on your companys network run Windows Server 2008 R2. Client computers run a Windows, Mac, or Linux operating system.  The company is planning to virtualize an enterprise application. You need to recommend a virtualization solution that allows the virtualized application to be accessed from all of the client computers.  Which technology should you recommend?()A、Windows Virtual PCB、Remote Desktop Services (RDS)C、Microsoft Application Virtualization (App-V)D、Microsoft Enterprise Desktop Virtualization (MED-V)

考题 Your company’s organization is authoritative for the contoso.com domai.Your network contains a Windows Server 2008 R2 certification authority (CA).You have an Exchange Server 2010 server named Server1.Server1 has the Client Access, Hub Transport, and Mailbox server roles installed. You plan to create a Federated Sharing relationship between your company and another company named Northwind Traders.Northwind Traders has an internal root CA.You need to install a certificate that can be used to create the federated trust.The solution must minimize costs. What should you do from Server1?()A、Generate a self-signed certificate.B、Request a Computer certificate from the contoso.com CAC、Create a computer certificate request and submit the request to a third-party trusted CAD、Create a computer certificate request and submit the request to the Northwind Traders CA

考题 Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. The network contains 100 servers and 5,000 client computers. The client computers run either Windows XP Service Pack 1 or Windows 7. You need to plan a VPN solution that meets the following requirements:   èStores VPN passwords as encrypted text  èSupports Suite B cryptographic algorithms èSupports automatic enrollment of certificates   èSupports client computers that are configured as members of a workgroup What should you include in your plan?() A、Upgrade the client computers to Windows XP Service Pack 3. Implement a stand-alone certification authority (CA). Implement an IPsec VPN that uses certificate-based authentication.B、Upgrade the client computers to Windows XP Service Pack 3. Implement an enterprise certification authority (CA) that is based on Windows Server?2008 R2. Implement an IPsec VPN that uses Kerberos  authentication.C、Upgrade the client computers to Windows 7. Implement an enterprise certification authority (CA) that is  based on Windows Server 2008 R2. Implement an IPsec VPN that uses pre-shared keys.D、Upgrade the client computers to Windows 7. Implement an enterprise certification authority (CA) that is  based on Windows Server 2008 R2. Implement an IPsec VPN that uses certificate-based authentication.

考题 Your company has 1,000 client computers that run Windows 7.   The company uses several custom line-of-business applications that are not compatible with Windows 7.    You need to distribute a Microsoft Enterprise Desktop Virtualization (MED-V) v2 virtual machine (VM) image that includes the custom applications to all Windows 7 client computers.   What should you do?()A、Deploy the VM image from the MED-V server.B、Mount the VM image from the MED-V workspace.C、Deploy the VM image by using Windows Deployment Services (WDS).D、Deploy the VM image by using Windows Server Update Services (WSUS).

考题 Your network contains an Active Directory forest. All domain controllers run Windows Server  2008 Standard. The functional level of the domain is Windows Server 2003. You have a  certification authority (CA).   The relevant servers in the domain are configured as shown in the following table:     Server name  Operating system  Server role   Server1  Windows Server 2003  Enterprise root CA  Server2  Windows Server 2008  Enterprise subordinate CA  Server3  Windows Server 2008 R2  Web Server   You need to ensure that you can install the Active Directory Certificate Services (AD CS)  Certificate Enrollment Web Service on the network.     What should you do()A、Upgrade Server1 to Windows Server 2008 R2.B、Upgrade Server2 to Windows Server 2008 R2.C、Raise the functional level of the domain to Windows Server 2008.D、Install the Windows Server 2008 R2 Active Directory Schema updates.

考题 单选题You work in a company which is named Wiikigo Corp. The company uses SQL Server 2008. You are the administrator of the company database. Now in a high security environment, you manage a SQL Server 2008 cluster. You intend to configure and use encrypted connections for the clustered virtual SQL Server. You have to install a certificate. The cetification will be used for encryption. What should you do?()A In the cluster quorum drive, install the encryption certificate B In the SQL Server shared disk, install the encryption certificate C in the cluster group, install the encryption certificate. D On each individual node, install the encryption certificate

考题 单选题Your network contains an Active Directory forest. All domain controllers run Windows Server 2008   Standard. The functional level of the domain is Windows Server 2003.  You have a certification authority (CA).   The relevant servers in the domain are configured as shown in the following table.  Server name  Operating system  Server role   Server1  Windows Server 2003  Enterprise root CA  Server2  Windows Server 2008  Enterprise subordinate CA    Server3  Windows Server 2008 R2    Web Server   You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate   Enrollment Web Service on the network.   What should you do()A Upgrade Server1 to Windows Server 2008 R2.B Upgrade Server2 to Windows Server 2008 R2.C Raise the functional level of the domain to Windows Server 2008.D Install the Windows Server 2008 R2 Active Directory Schema updates.

考题 单选题Your company has an Active Directory forest. The company has servers that run Windows Server 2008 amd client computers that run Windows Vista. The domain uses a set of GPO administrative templates that have been approved to support regulatory compliance requirements. Your partner company has an Active Directory forest that contains a single domain, The company has servers that run Windows Server 2008 and client computers that run Windows Vista. You need to configure your partner company’s domain to use the approved set of administrative templates. What should you do()A Use the Group Policy Management Console (GPMC) utility to back up the GPO to a file. In each site, import the GPO to the default domain policy.B Copy the ADMX files from your company’s PDC emulator to the PolicyDefinitions folder on the partner company’s PDC emulatorC Copy the ADML files from your company’s PDC emulator to the PolicyDefinitions folder on the partner company’s PDC emulatorD Download the conf.adm, system.adm, wuau.adm, and inetres.adm files from the Microsoft Updates Web site. Copy the ADM files to the PolicyDefinitions folder on thr partner company’s emulator.

考题 单选题Your company has an Active Directory domain. You have a two-tier PKI infrastructure that  contains an offline root CA and an online issuing CA. The Enterprise certification authority is  running Windows Server 2008 R2.   You need to ensure users are able to enroll new certificates.     What should you do()A Renew the Certificate Revocation List (CRL) on the root CA . Copy the CRL to the CertEnroll folder on the issuing CB Renew the Certificate Revocation List (CRL) on the issuing CA . Copy the CRL to the SystemCertificates folder in thC Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.D Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.

考题 单选题Certkiller .com has a domain controller that runs Windows Server 2008. The Certkiller .com network boosts 40 Windows Vista client machines. As an administrator at Certkiller .com, you want to deploy Active Directory Certificate service (AD CS) to authorize the network users by issuing digital certificates.  What should you do to manage certificate settings on all machines in a domain from one main location()A Configure Enterprise CA certificate settingsB Configure Enterprise trust certificate settingsC Configure Advance CA certificate settingsD Configure Group Policy certificate settingsE All of the above

考题 单选题You work as the enterprise exchange administrator at Company.com.The Company.com network consists of a single Active Directory domain named Company.com.Company.com has an Exchange Server 2010 organization.the Company.com contains an exchange server 2010 client access server named -ex13.The mobile clients at Company.com are configured to either run windows mobile 5.0, windows mobile 6.1 or windows mobile 6.5.the mobile users use the internet to connect to -ex13, using mail.Company.com.you have received instructions from the cio to equip -ex13 with a certificate.however, the mobile users need to connect to -ex13 from the internet via exchange activesync.What should you do?()A You should consider including Company.com in the certificate.B you should consider including -ex13.Company.com in the certificate.C You should consider including EAS.Company.com in the certificate.D You should consider including mail.Company.com in the certificate.

考题 单选题Your company has an Active Directory forest. The company has servers that run Windows Server  2008 R2 and client computers that run Windows 7. The domain uses a set of GPO administrative  templates that have been approved to support regulatory compliance requirements.     Your partner company has an Active Directory forest that contains a single domain. The company  has servers that run Windows Server 2008 R2 and client computers that run Windows 7.     You need to configure your partner company’s domain to use the approved set of administrative  templates.   What should you do()A Use the Group Policy Management Console (GPMC) utility to back up the GPO to a file. In each site, import the GPB Copy the ADMX files from your company’s PDC emulator to the PolicyDefinitions folder on the partner company’s PDCC Copy the ADML files from your company’s PDC emulator to the PolicyDefinitions folder on the partner company’s PDC D Download the conf.adm, system.adm, wuau.adm, and inetres.adm files from the Microsoft Updates Web site. 

考题 多选题Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your  company runs an Enterprise Root certification authority (CA).     You need to ensure that only administrators can sign code.     Which two tasks should you perform()APublish the code signing template.BEdit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only admiCEdit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.DModify the security settings on the template to allow only administrators to request code signing certificates.

考题 单选题Your network contains an Active Directory forest. The functional level of the forest is Windows Server 2008 R2.You plan to deploy DirectAccess.You need to configure the DNS servers on your network to support DirectAccess.What should you do?()A Modify the GlobalQueryBlockList registry key and restart the DNS Server service.B Modify the EnableGlobalNamesSupport registry key and restart the DNS Server service.C Create a trust anchor that uses a certificate issued by an internal certification authority (CA).D Create a trust anchor that uses a certificate issued by a publicly trusted certification authority (CA).

考题 单选题All servers on your company’s network run Windows Server 2008 R2. Client computers run a Windows, Mac, or Linux operating system. The company is planning to virtualize an enterprise application. You need to recommend a virtualization solution that allows the virtualized application to be accessed from all of the client computers. Which technology should you recommend?()A Windows Virtual PCB Remote Desktop Services (RDS)C Microsoft Application Virtualization (App-V)D Microsoft Enterprise Desktop Virtualization (MED-V)