网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
You are the network administrator for your company. The network consists of a single Active Directory domain. The domain includes an organizational unit (OU) named Processing. There are 100 computer accounts in the Processing OU. You create a Group Policy object (GPO) named NetworkSecurity and link it to the domain. You configure NetworkSecurity to enable security settings through the Computer Configuration section of the Group Policy settings. You need to ensure that NetworkSecurity will apply only to the computers in the Processing OU. You need to minimize the number of GPO links. What should you do?()
- A、 Link NetworkSecurity to the Processing OU. Disable the User Configuration section of NetworkSecurity.
- B、 Link NetworkSecurity to the Processing OU. Remove the link from NetworkSecurity to the domain.
- C、 Modify the discretionary access control list (DACL) for NetworkSecurity to assign all computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.
- D、 Modify the discretionary access control list (DACL) for NetworkSecurity to assign the Authenticated Users group the Deny - Apply Group Policy permission and to assign all of the computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.
参考答案
更多 “ You are the network administrator for your company. The network consists of a single Active Directory domain. The domain includes an organizational unit (OU) named Processing. There are 100 computer accounts in the Processing OU. You create a Group Policy object (GPO) named NetworkSecurity and link it to the domain. You configure NetworkSecurity to enable security settings through the Computer Configuration section of the Group Policy settings. You need to ensure that NetworkSecurity will apply only to the computers in the Processing OU. You need to minimize the number of GPO links. What should you do?()A、 Link NetworkSecurity to the Processing OU. Disable the User Configuration section of NetworkSecurity.B、 Link NetworkSecurity to the Processing OU. Remove the link from NetworkSecurity to the domain.C、 Modify the discretionary access control list (DACL) for NetworkSecurity to assign all computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.D、 Modify the discretionary access control list (DACL) for NetworkSecurity to assign the Authenticated Users group the Deny - Apply Group Policy permission and to assign all of the computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.” 相关考题
考题
You are the network administrator for your company. The network consists of a single Active Directorydomain. All network servers run Windows Server 2003. Some client computers run Windows 2000 Professional,and the rest run Windows XP Professional.All user accounts in the sales department are located in the Sales organizational unit (OU). To store roaming user profiles, you create a shared folder named Profiles on a member server named File1. You assign the Allow - Full Control permission on the Profiles folder to the Everyone group.Now you need to create roaming user profiles for the user accounts in the Sales OU.What should you do()?A、Select all user accounts in the Sales OU. Modify the account properties to specify //File1/Profiles/%username% as the profile path.B、Select all user accounts in the Sales OU. Modify the account properties to specify //File1/Profiles as the profile path.C、Create a Group Policy object (GPO) and link it to the Sales OU. In the User Configuration section of the GPO, configure Folder Redirection to use //File1/Profiles.D、Create a Group Policy object (GPO) and link it to the Domain Controllers OU. In the User Configuration section of the GPO, configure Folder Redirection to use //File1/Profiles.
考题
Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering. You need to create a password policy for the engineering department that is different from your domain password policy. What should you do()A、Create a new GPO. Link the GPO to the Engineering OU.B、Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the Engineering OU.C、Create a global security group and add all the user accounts for the engineering department to the group. Create a new Password Policy Object (PSO) and apply it to the group.D、Create a domain local security group and add all the user accounts for the engineering department to the group. From the Active Directory Users and Computer console, select the group and run the Delegation of Control Wizard.
考题
Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering. You need to create a password policy for the engineering department that is different from your domain password policy. What should you do()A、Create a new GPO. Link the GPO to the Engineering OU.B、Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the Engineering OUC、Create a global security group and add all the user accounts for the engineering department to the group. Create aD、Create a domain local security group and add all the user accounts for the engineering department to the group. Fr
考题
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2003 Service Pack 2 (SP2). You have an organizational unit (OU) that contains 1,000 computer accounts. You need to move the computer accounts to a new OU. Which tool should you use? ()A、Active Directory Domains and TrustsB、Active Directory Users and ComputersC、Csvde.exeD、Dsmod.exe
考题
ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit (OU) named SecureServers. You configure a Group Policy object (GPO) that requires encryption for all connections. You assign the GPO to the SecureServers OU. You need to verify that users are connecting to the two servers by using encrypted connections. What should you do?()A、Run the net view command.B、Run the gpresult command.C、Use the IP Security Monitor console.D、Use the IPSec Policy Management console.
考题
You are the network administrator for . The network consists of a single Active Directory domain named All network servers run Windows Server 2003. Some client computers run Windows 2000 Professional, and the rest run Windows XP Professional. All user accounts in the Sales department are located in the Sales organizational unit (OU). To store roaming user profiles, you create a shared folder named Profiles on a member server named TK1. You assign the Allow - Full Control permission on the Profiles folder to the Everyone group. Now you need to create roaming user profiles for the user accounts in the Sales OU. What should you do?()A、Select all user accounts in the Sales OU. Modify the account properties to specify //TK1/Profiles/%username% as the profile path.B、Select all user accounts in the Sales OU. Modify the account properties to specify //TK1/Profiles as the profile path.C、Create a Group Policy object (GPO) and link it to the Sales OU. In the User Configuration section of the GPO, configure Folder Redirection to use //TK1/Profiles.D、Create a Group Policy object (GPO) and link to the Domain Controllers OU. In the User Configuration section of the GPO, configure Folder Redirection to use //TK1/Profiles.
考题
Your network consists of a single Active Directory domain. The relevant portion of the Active Directory domain is configured as shown in the following diagram. The Staff organizational unit (OU) contains all user accounts except for the managers user accounts. The Managers OU contains the managers user accounts and the following global groups èSales èFinance èEngineering You create a new Group Policy object (GPO) named GPO1, and then link it to the Employees OU. Users from the Engineering global group report that they are unable to access the Run commandon the Start menu. You discover that the GPO1 settings are causing the issue. You need to ensure that the users from the Engineering global group are able to access the Run command on the Start menu. What should you do?()A、Configure GPO1 to use the Enforce Policy option.B、Configure Block Inheritance on the Managers OU.C、Configure Group Policy filtering on GPO1 for the Engineering global group.D、Create a new child OU named Engineering under the Employees OU. Move the Engineering global group to the new Engineering child OU.
考题
You have a single Active Directory directory service domain. All users are located in an organizational unit (OU) named ContosoUsers. All client computer accounts are located in an OU named ContosoComputers. You need to deploy a new application to all users. The application shortcut must be available the next time the users log on. What are two possible ways to achieve this goal?()A、 Create a Group Policy object (GPO) to publish the application. Link the GPO to the ContosoComputers OU.B、 Create a Group Policy object (GPO) to assign the application. Link the GPO to the ContosoComputers OU.C、 Create a Group Policy object (GPO) to publish the application. Link the GPO to the ContosoUsers OU. D、 Create a Group Policy object (GPO) to assign the application. Link the GPO to the ContosoUsers OU.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run either Windows XP Professional or Windows 2000 Professional. All client computer accounts are located in an organizational unit (OU) named Workstation. A written company policy states that the Windows 2000 Professional computers must not use offline folders. You create a Group Policy object (GPO) to enforce this requirement. The settings in the GPO exist for both Windows 2000 Professional computers and Windows XP Professional computers. You need to configure the GPO to apply only to Windows 2000 Professional computers. What are two possible ways to achieve this goal?()A、 Create a WMI filter that will apply the GPO to computers that are running Windows 2000 Professional. B、 Create a WMI filter that will apply the GPO to computers that are not running Windows XP Professional.C、 Create two OUs under the Workstation OU. Place the computer accounts for the Windows XP Professional computers in one OU, and place the computer accounts for the Windows 2000 Professional computers in the other OU. Link the GPO to the Workstation OU.D、 Create a group that includes the Windows XP Professional computers. Assign the group the Deny - Generate Resultant Set of Policy(Logging) permission.E、 Create a group that includes the Windows 2000 Professional computers. Assign the group the Deny - Apply Group Policy permission.
考题
You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003. You place computer accounts for servers in OUs that are organized by server roles. You apply GPOs to these servers at the OU level. You need to add a new server to the domain. You need to ensure that the appropriate GPOs are applied to this server. What should you do?()A、Prestage a domain computer account for the new server in the appropriate OU. Join the server to the domain by using the prestaged computer account.B、On the server, add the domain name for the Active Directory domain to the DNS suffix setting. Join the server to the domain.C、Assign a user account the Allow - Create permission for the appropriate OU. Join the new server to the domain by using the user account.D、Join the new server to the Active Directory domain. On the new server, run the gpupdate /force command.
考题
You are the network administrator for Alpine Ski House. The network consists of a single Active Directory forest that contains three domains named alpineskihouse.com, child1.alpineskihouse.com, and child2.alpineskihouse.com. The functional level of the forest is Windows Server 2003. Each domain contains Windows Server 2003 file and print servers. All of the file and print server computer accounts are located in the default Computers container in each domain. There is a central operations department that is responsible for administering the file server computer accounts in all domains. There is a separate operations department for each domain that is responsible for administering the print server computer accounts in that domain. You need to delegate authority to create an environment to support your file and print server administration requirements. You need to create an organizational unit (OU) structure to support the delegation of authority requirements. What should you do?()A、 Create a toplevel OU for file server computer accounts under the alpineskihouse.com domain. Create a toplevel OU for print server computer accounts under the alpineskihouse.com domain.B、 Create a toplevel OU for file server computer accounts under the alpineskihouse.com domain. Create a toplevel OU for print server computer accounts under each domain.C、 Create a toplevel OU for file server computer accounts under each domain. Create a toplevel OU for print server computer accounts under each domain.D、 Create a toplevel OU for file server computer accounts under each domain. Create a child OU for print server computer accounts under each file server OU.
考题
Your network consists of a single Active Directory domain. The domain contains an organizational unit (OU) named SecureServers. The SecureServers OU contains a computer account for a server named Server1. You link a Group Policy object (GPO) to the SecureServers OU. In the GPO, you assign an IPSec policy that requires encryption for all communications. You notice that all communications to Server1 are unencrypted.You need to ensure that all communications to Server1 are encrypted immediately. What should you do?()A、On Server1, run gpudate.exe.B、On Server1, run gpresult.exe.C、From the properties of the GPO, enable the Enforced option.D、From the properties on the SecureServers OU, enable the Block policy inheritance setting.
考题
Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008 R2. All domain controllers run Windows Server 2008 R2. A corporate policy requires that the users from the research department have higher levels of account and password security than other users in the domain. You need to recommend a solution that meets the requirements of the corporate policy. Your solution must minimize hardware and software costs. What should you recommend?()A、Create a new Active Directory site. Deploy a Group Policy object (GPO) to the site.B、Create a new Password Settings Object (PSO) for the research department’s usersC、Create a new organizational unit (OU) named Research in the existing domain. Deploy a Group Policy object (GPO) to the Research OU.D、Create a new domain in the forest.Add the research department’s user accounts to the new domain.Configure a new security policy in the new domain.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain.All servers run Windows Server 2003.You place computer accounts for servers in organizational units (OUs) that are organized by server roles. You apply Group Policy objects (GPOs) to these servers at the OU level.You need to add a new server to the domain. You need to ensure that the appropriate GPOs are applied to this server.What should you do? ()A、Prestage a domain computer account for the new server in the appropriate OU. Join the server to the domain by using the prestaged computer account.B、On the new server, add the domain name for the Active Directory domain to the DNS suffix setting. Join the server to the domain.C、Assign a user account the Allow - Create permission for the appropriate OU. Join the new server to the domain by using the user account.D、Join the new server to the Active Directory domain. On the new server, run the gpupdate /force command.
考题
Your network consists of a single Active Directory domain. The domain contains three organizational units (OUs) named Test, Application, and Database. You need to redesign the layout of the OUs to support the following requirements: èPrevent Group Policy objects(GPOs) that are linked to the domain from applying to computerslocated in the Applications OU èMinimize the number of GPOs èMinimize the number of OUs What should you include in your design?()A、Create a Starter GPO.B、Create a Windows Management Instrumentation (WMI) filter.C、Delegate permissions on the Application OU.D、Configure block inheritance on the Application OU.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional with themost recent service pack. All client computers have computer accounts in an organizational unit (OU) named CompanyComputers. The company requires all computers to be kept up-to-date with service packs and hotfixes from Microsoft. Administrators will manually update servers as required. You need to configure the network so that client computers are automatically updated as new critical updates are issued. What are two possible ways to achieve this goal?()A、 Create a Group Policy object (GPO) linked to the domain. Configure the GPO so that client computers automatically download and install updates from Microsoft update servers from the Internet.B、 Create a Group Policy object (GPO) linked to the CompanyComputers OU. Configure the GPO so that client computers automatically download and install updates from Microsoft update servers from the Internet.C、 Create a Group Policy object (GPO) linked to the domain. Configure the GPO so that client computers automatically download and install updates from an internal server on which you install and configure Software Update Services.D、 Create a Group Policy object (GPO) linked to the CompanyComputers OU. Configure the GPO so that client computers automatically download and install updates from an internal server on which you install and configure Software Update Services.
考题
You have a single Active Directory directory service domain. All user accounts in the sales department are in an organizational unit (OU) named Sales. Your company has five public computers that are members of the domain. You notice a sales tracking application on one of the public computers. You verify that this application is assigned to users in the Sales OU through a Group Policy object (GPO). You need to ensure that when sales department users log on to the public computers, the applications that are assigned to the Sales OU are not made available on the public computers. What should you do?()A、 Add the public computer accounts to a new OU. Create and link a GPO to enable the User Group Policy loopback processing mode setting in merge mode.B、 Add the public computer accounts to a new OU. Create and link a GPO to enable the User Group Policy loopback processing mode setting in replace mode.C、 Create a new GPO and link it to the Sales OU to enable the User Group Policy loopback processing mode setting in merge mode.D、 Create a new GPO and link it to the Sales OU to enable the User Group Policy loopback processing mode setting in replace mode.
考题
单选题Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering. You need to create a password policy for the engineering department that is different from your domain password policy. What should you do()A
Create a new GPO. Link the GPO to the Engineering OU.B
Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the Engineering OUC
Create a global security group and add all the user accounts for the engineering department to the group. Create aD
Create a domain local security group and add all the user accounts for the engineering department to the group. Fr
考题
单选题You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003, and all client computers run Windows XP Professional. All user accounts in the Sales department are located in the Sales organizational unit (OU). You suspect that one or more user accounts in the OU have compromised passwords. You need to force all users in the Sales department to reset their passwords. What should you do?()A
Select all user accounts in the Sales OU. Disable the accounts and re-enable them.B
Select all user accounts in the Sales OU. Modify the account properties to force all passwords to be changed on next logon.C
Create a Group Policy object (GPO) and link it to the Sales OU. Modify the password policy to set the maximum password age to 0.D
Create as Group Policy object (GPO) and link it to the domain. Modify the password policy to set the maximum password age to 0.
考题
单选题Your network consists of a single Active Directory domain. The relevant portion of the Active Directory domain is configured as shown in the following diagram. The Staff organizational unit (OU) contains all user accounts except for the managers user accounts. The Managers OU contains the managers user accounts and the following global groups èSales èFinance èEngineering You create a new Group Policy object (GPO) named GPO1, and then link it to the Employees OU. Users from the Engineering global group report that they are unable to access the Run commandon the Start menu. You discover that the GPO1 settings are causing the issue. You need to ensure that the users from the Engineering global group are able to access the Run command on the Start menu. What should you do?()A
Configure GPO1 to use the Enforce Policy option.B
Configure Block Inheritance on the Managers OU.C
Configure Group Policy filtering on GPO1 for the Engineering global group.D
Create a new child OU named Engineering under the Employees OU. Move the Engineering global group to the new Engineering child OU.
考题
单选题Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2003 Service Pack 2 (SP2). You have an organizational unit (OU) that contains 1,000 computer accounts. You need to move the computer accounts to a new OU. Which tool should you use? ()A
Active Directory Domains and TrustsB
Active Directory Users and ComputersC
Csvde.exeD
Dsmod.exe
考题
单选题Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2003 Service Pack 2 (SP2). You have an organizational unit (OU) that contains 1,000 computer accounts. You need to move the computer accounts to a new OU. Which tool should you use? ()A
Active Directory Domains and TrustsB
Active Directory Users and ComputersC
Csvde.exeD
Dsmod.exe
考题
单选题You are the network administrator for your company. The network consists of a single Active Directory domain. The domain includes an organizational unit (OU) named Processing. There are 100 computer accounts in the Processing OU. You create a Group Policy object (GPO) named NetworkSecurity and link it to the domain. You configure NetworkSecurity to enable security settings through the Computer Configuration section of the Group Policy settings. You need to ensure that NetworkSecurity will apply only to the computers in the Processing OU. You need to minimize the number of GPO links. What should you do?()A
Link NetworkSecurity to the Processing OU. Disable the User Configuration section of NetworkSecurity.B
Link NetworkSecurity to the Processing OU. Remove the link from NetworkSecurity to the domain.C
Modify the discretionary access control list (DACL) for NetworkSecurity to assign all computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.D
Modify the discretionary access control list (DACL) for NetworkSecurity to assign the Authenticated Users group the Deny - Apply Group Policy permission and to assign all of the computer accounts in the Processing OU the Allow - Read and the Allow - Apply Group Policy permissions.
考题
单选题You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003. You create an organizational unit (OU) named Engineering, which will hold all objects associated with the users and computers in the engineering department. You also create a global group named Engineering Admins, whose members will administer these objects. Now you need to assign the appropriate permissions to the Engineering Admins group so its members can administer the objects in the Engineering OU. First, you use Active Directory Users and Computers to view the properties of the Engineering OU. However, the Security tab is not available. What should you do next?()A
Convert the system partition to NTFS.B
Enable the Advanced Features option in the View menu of Active Directory Users and Computers.C
Enable the Users, Groups, and Computers as Containers option in the View menu of Active Directory Users and Computers.D
Log on by using a user account that has Administrator permissions for the Engineering OU.
考题
单选题Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering. You need to create a password policy for the engineering department that is different from your domain password policy. What should you do()A
Create a new GPO. Link the GPO to the Engineering OU.B
Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the Engineering OU.C
Create a global security group and add all the user accounts for the engineering department to the group. Create a new Password Policy Object (PSO) and apply it to the group.D
Create a domain local security group and add all the user accounts for the engineering department to the group. From the Active Directory Users and Computer console, select the group and run the Delegation of Control Wizard.
考题
单选题You are the network administrator for . The network consists of a single Active Directory domain named All network servers run Windows Server 2003. Some client computers run Windows 2000 Professional, and the rest run Windows XP Professional. All user accounts in the Sales department are located in the Sales organizational unit (OU). To store roaming user profiles, you create a shared folder named Profiles on a member server named TK1. You assign the Allow - Full Control permission on the Profiles folder to the Everyone group. Now you need to create roaming user profiles for the user accounts in the Sales OU. What should you do?()A
Select all user accounts in the Sales OU. Modify the account properties to specify //TK1/Profiles/%username% as the profile path.B
Select all user accounts in the Sales OU. Modify the account properties to specify //TK1/Profiles as the profile path.C
Create a Group Policy object (GPO) and link it to the Sales OU. In the User Configuration section of the GPO, configure Folder Redirection to use //TK1/Profiles.D
Create a Group Policy object (GPO) and link to the Domain Controllers OU. In the User Configuration section of the GPO, configure Folder Redirection to use //TK1/Profiles.
考题
多选题You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run either Windows XP Professional or Windows 2000 Professional. All client computer accounts are located in an organizational unit (OU) named Workstation. A written company policy states that the Windows 2000 Professional computers must not use offline folders. You create a Group Policy object (GPO) to enforce this requirement. The settings in the GPO exist for both Windows 2000 Professional computers and Windows XP Professional computers. You need to configure the GPO to apply only to Windows 2000 Professional computers. What are two possible ways to achieve this goal?()ACreate a WMI filter that will apply the GPO to computers that are running Windows 2000 Professional.BCreate a WMI filter that will apply the GPO to computers that are not running Windows XP Professional.CCreate two OUs under the Workstation OU. Place the computer accounts for the Windows XP Professional computers in one OU, and place the computer accounts for the Windows 2000 Professional computers in the other OU. Link the GPO to the Workstation OU.DCreate a group that includes the Windows XP Professional computers. Assign the group the Deny - Generate Resultant Set of Policy(Logging) permission.ECreate a group that includes the Windows 2000 Professional computers. Assign the group the Deny - Apply Group Policy permission.
热门标签
最新试卷