网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
You need to design a security strategy that will ensure that unauthorized users cannot access personnel data. Your solution must comply with security requirements and the company’s new administrative model.What should you do?()
- A、In the Default Domain Policy Group Policy object (GPO) for the corp.woodgrovebank.com domain, add the LA/HRUsers group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list
- B、In the Default Domain Policy Group Policy object (GPO) for the la.corp.woodgrovebank.com domain, add the LA/HRUsers group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list
- C、In the Default Domain Policy Group Policy object (GPO) for the corp.woodgrovebank.com domain, add the LA/HRUsers group and the CORP/Backup Operators group to the Restricted Groups list. Add only the HR department user accounts and the administrator user accounts to the Allowed Members list for each group
- D、In the Default Domain Policy Group Policy object (GPO) for the la.corp.woodgrovebank.com domain, add the LA/HRUsers group and the CORP/Backup Operators group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list for the LA/HRUsers group. Add only the administrator user accounts to the Allowed Members list for the CORP/Backup Operators group
参考答案
更多 “You need to design a security strategy that will ensure that unauthorized users cannot access personnel data. Your solution must comply with security requirements and the company’s new administrative model.What should you do?()A、In the Default Domain Policy Group Policy object (GPO) for the corp.woodgrovebank.com domain, add the LA/HRUsers group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members listB、In the Default Domain Policy Group Policy object (GPO) for the la.corp.woodgrovebank.com domain, add the LA/HRUsers group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members listC、In the Default Domain Policy Group Policy object (GPO) for the corp.woodgrovebank.com domain, add the LA/HRUsers group and the CORP/Backup Operators group to the Restricted Groups list. Add only the HR department user accounts and the administrator user accounts to the Allowed Members list for each groupD、In the Default Domain Policy Group Policy object (GPO) for the la.corp.woodgrovebank.com domain, add the LA/HRUsers group and the CORP/Backup Operators group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list for the LA/HRUsers group. Add only the administrator user accounts to the Allowed Members list for the CORP/Backup Operators group” 相关考题
考题
You are the desktop administrator for one of your company's branch offices. The network in your branch office contains 100 Windows XP Professional computers. The computers are configured with the Compatws.inf security template. One of the network administrators in the company's main office creates a new security template named CompanySec.inf. The new template is designed to be applied to each of the company's Windows XP Professional computers. The users in your branch office have different security requirements from the users in the main office. You need to find out whether the new security template will violate the security requirements of the users in the branch office. What should you do?()A、Run the Secedit.exe command in validation mode and specify the new security template.B、Run the Secedit.exe command in configuration mode and specify the new security template. C、Use the Security Configuration and Analysis console to import both templates into a security database, and then perform an Analyze operation. D、Use the Security Configuration and Analysis console to import both templates into a security database, and then perform a Configure operation.
考题
The company wants to evaluate making all business office users administrators on their client computers. You need to design a method to ensure that this change can be made in a manner that meets business and security requirements. What should you do?()A、On all domain controllers, implement registry access auditing for all registry keys that are considered sensitive by the company’s written security policyB、On all client computers, implement logon auditing for all user account logonsC、On all client computers, configure registry access auditing for all registry keys that are considered sensitive by the company’s written security policyD、On all domain controllers, implement logon auditing for all user account logons
考题
The company is evaluating using a new Active Directory domain to contain all customer user accounts. You need to design a monitoring or logging strategy that meets business and security requirements for the new Web-based ordering application. Your solution must minimize overhead on existing domain controllers and servers. What should you do?()A、Enable logon auditing in both the new and the existing domainsB、Enable logon auditing only in the existing domainC、Enable logon auditing only in the new domainD、Enable logon auditing on only the Web server
考题
You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do?()A、Create a script that installs the Hisecdc.inf security templateB、Use a GPO to distribute and apply the Hisec.inf security templateC、Use the System Policy Editor to configure each server’s security settingsD、Use a GPO to distribute and apply a custom security template
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. The company has an internal network and a perimeter network. The internal network is protected by a firewall. Application servers on the perimeter network are accessible from the Internet. You are deploying 10 Windows Server 2003 computers in application server roles. The servers will be located in theperimeter network and will not be members of the domain. The servers will host only publicly available Web pages. The network design requires that custom security settings must be applied to the application servers. These custom security settings must be automatically refreshed every day to ensure compliance with the design. You create a custom security template named Baseline1.inf for the application servers. You need to comply with the design requirements. What should you do? ()A、 Import Baseline1.inf into the Default Domain Policy Group Policy object (GPO).B、 Create a task on each application server that runs Security and Configuration Analysis with Baseline1.inf every day.C、 Create a task on each application server that runs the secedit command with Baseline1.inf every day.D、 Create a startup script in the Default Domain Policy Group Policy object (GPO) that runs the secedit command with Baseline1.inf.
考题
You need to design a security strategy for VPN2. Your solution must meet business requirements. What should you do?()A、Create and configure a new security template. Import the template into the Default Domain Policy Group Policy object (GPO)B、Install Internet Authentication Service (IAS) on RAS1. Configure VPN2 to be the RADIUS client of RAS1. Configure the remote access policy on VPN2C、Create and configure a new security template. Import the template into the local policy on VPN2D、Move VPN2 into the VPN Servers OU. Configure the remote access policy on VPN2
考题
You need to design an audit strategy for Southbridge Video. Your solution must meet business requirements.What should you do?()A、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO, and link it to the domain. Import the new security template into the new GPOB、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO, and link it to the Domain Controllers OU. Import the new security template into the new GPOC、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO, and link it to the Domain Controllers OU. Import the new security template into the new GPOD、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO, and link it to the domain. Import the new security template into the new GPO
考题
You need to design an access control strategy for the marketing application. You solution must minimize impact on server and network performance. What should you do?()A、Require client computers to connect to the marketing application by using a VPN connectionB、Use IPSec to encrypt communications between the servers in the New York and Atlanta officesC、Require the high security setting on Terminal Services connections to the marketing applicationD、Configure all marketing application Web pages to require SSL
考题
You need to design a method for junior IT administrators to perform more IT support tasks. Your solution must meet business and security requirements. What should you do?()A、Delegate appropriate Active Directory permissions to the junior IT administratorsB、Add the junior IT administrators’ user accounts to the Domain Admins user groupC、Create a custom Microsoft Management Console (MMC) that uses taskpad views to enable the appropriate tasks for the junior IT administratorsD、Make the junior IT administrators’ domain user accounts member of the local Administrators group on all client computersE、Create new domain user accounts for each junior IT administrator. Make the new accounts members of the Domain Admins group and instruct junior IT administrators to use the new accounts only for appropriate administrative tasks
考题
You have an Exchange Server 2010 organization. Your company has a relationship with another company. The partner company has an Exchange Server 2010 organization. You need to recommend a security solution to meet the following requirements: .Ensure that all e-mail delivery between your servers and the partner companys servers is encrypted .Ensure that all communication between your servers and the partner companys servers is authenticated What should you include in the solution?()A、Active Directory Rights Management Services (AD RMS)B、Domain SecurityC、Forms-based AuthenticationD、Secure/Multipurpose Internet Mail Extensions (S/MIME)
考题
You need to recommend a solution for managing the address information of the user accounts. The solution must meet the company’s security requirements. What should you include in the recommendation?()A、Active Directory delegationB、Authorization ManagerC、built-in security groupsD、user rights assignments
考题
Your network consists of a single Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Your company’s security policy states that domain users must be prevented from logging on to Server1 if a domain controller is unavailable. You disconnect Server1 from the network and discover that you can log on to Server1. You need to configure Server1 to comply with the company’s security policy. What should you do on Server1?()A、From the local security policy, modify the Security Options.B、From the local security policy, modify the User Rights Assignment.C、From Active Directory Users and Computers, modify the properties of the Server1 account.D、From Active Directory Users and Computers, modify the properties of the Domain Computers group.
考题
You need to design a remote access strategy for the customer support users when they work from home. Your solution must meet security requirements. What should you do?()A、Deploy an L2TP/IPsec VPN server in each call center. Configure the portable computers as L2TP VPN clientsB、Create IPSec tunnel mode connections between the customer support users home and the company’s Internet-facing routersC、Create IP packet filters on the company’s Internet-facing routers to allow the Remote Desktop Protocol (RDP).Create IPSec filters on the terminal servers to allow only connections that use RDPD、Create IP packet filters on the company’s Internet-facing routers to allow the IPSec protocols. Assign the Secure Server (Require Security) IPSec policy to the terminal servers. Assign the Client (Respond only) IPSec policy to the portable computers
考题
You need to design an access control strategy for resources that are located in the extranet for partners and for internal users. Your solution must meet business and security requirements. What should you do?()A、Create a new child domain named extranet.corp.woodgrovebank.com in the existing forest. Create user accounts for users from partner companies in the new child domain. Create shortcut trusts in which the child domain trusts every domain in the forestB、Create a new forest and domain named extranet.woodgrovebank.com. Create user accounts for users from partner companies in the new domain. Create a one-way forest trust relationship in which the extranet forest trusts the company forestC、Create a new forest and domain named extranet.woodgrovebank.com. Create user accounts for users from partner companies in the new domain. Create an external trust relationship in which the extranet domain trusts the den.corp.woodgrovebank.com domainD、Create a child domain of the den.corp.woodgrovebank.com domain for the extranet. Create user accounts for users from partner companies in the new child domain. Create an external trust relationship in which the forest root domain trusts the extranet domain
考题
You need to design a domain model that meets the company business and security requirements for controlling access to the new Web-based ordering application. What should you do?()A、Create a child OU within the existing domainB、Create a child domain of the existing domainC、Create a new domain in a new forest. Configure the new domain to trust the existing domainD、Create a new tree in the existing forest. Configure the new domain to trust the existing domain
考题
You have an Exchange Server 2010 organization. Your companys security policy states that users must not be able to encrypt e-mail messages by usingOutlook Web App (OWA). You need to recommend a client access solution that meets the requirements of the security policy. What should you include in the solution?()A、managed folder mailbox policiesB、multiple OWA virtual directoriesC、OWA segmentationD、WebReady Document Viewing
考题
You need to design Group Policy object (GPO) settings to support the use of the Encrypting File System (EFS). Your solution must meet business and security requirements. Which two actions should you perform?()A、Designate a data recovery agent and issue an EFS certificate to the data recovery agent. Export the private key and restrict access to the exported keyB、Make the data recovery agent a local administrator on all client computersC、Remove the default data recovery agent from the Default Domain Policy GPO. Then, include the new data recovery agent insteadD、Delete the Default Domain Policy GPO. Configure a new GPO linked to the domain that does not specify a data recovery agent
考题
You are the network administrator in the New York office of TestKing. The company network consists of a single Active Directory domain The New York office currently contains one Windows Server 2003 file server named TestKingA. All file servers in the New York office are in an organizational unit (OU) named New York Servers. You have been assigned the Allow - Change permission for a Group Policy object (GPO) named NYServersGPO, which is linked to the New York Servers OU. The written company security policy states that all new servers must be configured with specified predefined security settings when the servers join the domain. These settings differ slightly for the various company offices. You plan to install Windows Sever 2003, on 15 new computers, which all functions as file servers. You will need to configure the specified security settings on the new file servers. TestKingA currently has the specified security settings configured in its local security policy. You need to ensure that the security configuration of the new file servers is identical to that of TestKingA. You export a copy of TestKingA's local security policy settings to a template file. You need to configure the security settings of the new servers, and you want to use the minimum amount of administrative effort. What should you do?()A、Use the Security Configuration and Analysis tool on one of the new servers to import the template file.B、Use the default Domain Security Policy console on one of the new servers to import the template file.C、Use the Group Policy Editor console to open NYServersGPO and import the template file.D、Use the default Local Security Policy console on one of the new servers to import the template file.
考题
You work as the exchange administrator at TestKing.com. The TestKing.com network contains an Exchange Server 2010 Organization. The organization consists of 40 servers is configured to run Exchange Server 2010. A new TestKing.com security policy requires that approved server patches of Exchange and Windows aswell as security updates be applied to servers within seven days of it being released. During the course of day you receive an instruction from management to: * Ensure that only approved patches and security updates are installed. * Ensure that only administrators are allowed to approve patches and security updates manually. * Ensure that the deployment casts is reduced. * Ensure that the administrative effort of deploying patched is reduced. You are instructed to recommend a solution that will comply with the set criteria. What should you do?()A、You should recommend that Microsoft System Center Configuration Manager be included in your solution.B、You should recommend that Windows Update be included in your solution.C、You should recommend that Windows Server Update Services be included in your solution.D、You should recommend that Microsoft Update be included in your solution.
考题
You need to design a patch management strategy for Southbridge Video. Your solution must meet business requirements. What should you do?()A、Configure all client computers to use Automatic Updates to obtain security patches from the Windows Update Web site. Test and install all patchesB、Configure a batch file to download security patches daily. Distribute the security patches by using a.zap file and the Default Domain Policy Group Policy object (GPO)C、Deploy a Software Update Services (SUS) server. Test all security patches and then approve them. Configure all client computers to automatically obtain updates from the serverD、Configure a batch file to download security patches daily. Manually install the security patches on all computers
考题
You need to recommend a solution for the USB storage devices on the client computers.The solution must meet the company’s security requirements. What should you include in the recommendation?()A、Encrypted File System (EFS)B、the AppLocker Group Policy settingsC、the Enhanced Storage Access settingsD、Windows BitLocker Drive Encryption (BitLocker)
考题
You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?()A、Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domainB、Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security templateC、Create a logon script to run the secedit command to analyze all servers in the domainD、Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain
考题
单选题The company wants to evaluate making all business office users administrators on their client computers. You need to design a method to ensure that this change can be made in a manner that meets business and security requirements. What should you do?()A
On all domain controllers, implement registry access auditing for all registry keys that are considered sensitive by the company’s written security policyB
On all client computers, implement logon auditing for all user account logonsC
On all client computers, configure registry access auditing for all registry keys that are considered sensitive by the company’s written security policyD
On all domain controllers, implement logon auditing for all user account logons
考题
单选题You need to recommend a solution for the USB storage devices on the client computers.The solution must meet the company’s security requirements. What should you include in the recommendation?()A
Encrypted File System (EFS)B
the AppLocker Group Policy settingsC
the Enhanced Storage Access settingsD
Windows BitLocker Drive Encryption (BitLocker)
热门标签
最新试卷