网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
You are the network administrator for The network consists of a single Active Directory domain named . For security reasons,management decides that a particular user must not be able to log on to the domain after 5:00 P.M. If the user is logged on to the domain at 5:00 P.M., he must be logged off automatically. You configure the Logon Hours setting for the appropriate user account. Thatnight, you verify that the user cannot log on to the domain after 5:00 P.M. The nextday, you notice that the user is still accessing domain resources at 6:00 P.M. Youverify that the time on the user's computer and on the domain controller arecorrect. You need to ensure that the user is logged off automatically if he is still working onthe domain after 5:00 P.M. What should you do?()
- A、In Active Directory Users and Computers, on the Sessions tab, configure the End Session setting for the user account. Instruct the user to log off from the domain and log on again.
- B、Modify the Default Domain Policy GPO to enforce logoff when logon hours expire. Ensure that the user's computer has the latest Group Policy settings applied.
- C、Remove the user's domain account from the local Administrators group on the user's client computer. Instruct the user to log off from the domain and log on again.
- D、Use Computer Management on the domain controller. Restart the Net Logon service.
参考答案
更多 “ You are the network administrator for The network consists of a single Active Directory domain named . For security reasons,management decides that a particular user must not be able to log on to the domain after 5:00 P.M. If the user is logged on to the domain at 5:00 P.M., he must be logged off automatically. You configure the Logon Hours setting for the appropriate user account. Thatnight, you verify that the user cannot log on to the domain after 5:00 P.M. The nextday, you notice that the user is still accessing domain resources at 6:00 P.M. Youverify that the time on the user's computer and on the domain controller arecorrect. You need to ensure that the user is logged off automatically if he is still working onthe domain after 5:00 P.M. What should you do?()A、In Active Directory Users and Computers, on the Sessions tab, configure the End Session setting for the user account. Instruct the user to log off from the domain and log on again.B、Modify the Default Domain Policy GPO to enforce logoff when logon hours expire. Ensure that the user's computer has the latest Group Policy settings applied.C、Remove the user's domain account from the local Administrators group on the user's client computer. Instruct the user to log off from the domain and log on again.D、Use Computer Management on the domain controller. Restart the Net Logon service.” 相关考题
考题
You are a network administrator for Your network consists of a single Active Directory domain named All servers run Windows Server 2003.A help desk user reports that a user object was accidentally deleted and the user can no longer log on to the domain and access resources. You confirm that the user object was included in the most recent backup.You need to enable the user to log on to the domain. You must ensure that the user retains access to resources.What should you do?()A. Install a new domain controller. Install Active Directory from media by using the most recent backup. Manually initiate replication.B. Decrease the garbage collection interval. Perform a nonauthorative restoration of Active Directory by using the most recent backup.C. Perform a nonauthorative restoration of Active Directory by using the most recent backup. Authoritatively restore the user object that was deleted.D. Re-create a user object that has the same user principal name (UPN) as the user object that was deleted. Authoritatively restore this user object.
考题
Your network consists of a single Active Directory domain that contains two domain controllers. Both domain controllers run Windows Server 2003 Service Pack 2 (SP2). Auditing of successful account logon events is enabled on all computers in the domain. You need to identify the last time a specific user logged on to the domain. What should you do?()A、Examine the System Event Log on the user’s computer.B、Examine the System Event Log on both domain controllers.C、Examine the Security Event Log on both domain controllers.D、Examine the Application Event Log on the user’s computer.
考题
You are the network administrator for Contoso Pharmaceuticals. The network consists of a single Active Directory forest. The forest contains Windows Server 2003 servers and Windows XP Professional computers. The forest consists of a forest root domain named contoso.com and two child domains named child1.contoso.com and child2.contoso.com. The child1.contoso.com domain contains a member server named Server1. You configure Server1 to be an enterprise certification authority (CA), and you configure a user certificate template. You enable the Publish certificate in Active Directory setting in the certificate template. You instruct users in both the child1.contoso.com and the child2.contoso.com domains to enroll for user certificates. You discover that the certificates for user accounts in the child1.contoso.com domain are being published to Active Directory, but the certificates for user accounts in the child2.contoso.com domain are not. You want certificates issued by Server1 to child2.contoso.com domain user accounts to be published in Active Directory. What should you do? ()A、 Configure user certificate autoenrollment for all domain user accounts in the contoso.com domain.B、 Configure user certificate autoenrollment for all domain user accounts in the child2.contoso.com domain.C、 Add Server1 to the Cert Publishers group in the contoso.com domain.D、 Add Server1 to the Cert Publishers group in the child2.contoso.com domain.
考题
You are the network administrator for . The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. TestKing acquires a subsidiary. You receive a comma delimited file that contains the names of all user accounts at the subsidiary. You need to import these accounts into your domain. Which command should you use?()A、ldifdeB、csvdeC、ntdsutil with the authoritative restore optionD、dsadd user
考题
You are the network administrator for The network consists of a single Active Directory domain named All five domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. The domain's audit policy ensures that all account logon events are audited. A temporary employee named King uses a client computer named TestKing1. When King's temporary assignment concludes, his employment is terminated. Now you need to learn the times and dates when King logged on to the domain. You need to accomplish this goal by reviewing the minimum amount of information. What should you do?()A、Log on to TestKing1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for King's user account.B、Log on to TestKing1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for the TestKing1 computer account.C、Use Event Viewer to view the security log on each domain controller. Use the Find option to list only the events for King's user account.D、Use Event Viewer to view the security log on each domain controller. Set a filter to list only the events for King's user account.E、Use Event Viewer to view the security log on each domain controller. Set a filter to list only the events for the TestKing1 computer account.
考题
You are the network administrator for Your network consists of a single Active Directory domain named All network servers run Windows Server 2003, and all client computers run Windows XP Professional. TestKing has 16 different office locations. Each office is a separate Active Directory site. You work in the main office. A user named Anne works in a branch office. Every morning for one week, Anne reports that her user account is locked out. Each time, you are obliged to unlock her account. You suspect that Anne's account is being misused or attacked outside of regular business hours. You need to investigate the cause of the account lockout. Where should you search for security events?()A、Only in the event log of a domain controller in your site.B、Only in the event logs of the domain controllers in Anne's site.C、In the event logs of all domain controllers in all sites.D、Only in the event log of Anne's computer.
考题
Your network consists of a single Active Directory domain. All computers on the network are joined to the domain. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). You install a network management application named App1 on Server1. A user named Admin1 logs on to Server1 and reports that the shortcut to App1 does not exist. You log on to Server1 as a local administrator and verify that the shortcut to App1 exists. You need to ensure that a shortcut to App1 is available for Admin1 on Server1 only. What should you do? ()A、Log on to Server1 as a local administrator. Create a shortcut to App1 in the Default User profile.B、Log on to Server1 as a local administrator. Create a shortcut to App1 in the All Users profile.C、In the Netlogon share on a domain controller, create a folder named Default User. Create a shortcut for App1 in the new folder.D、In the Netlogon share on a domain controller, create a folder named All Users. Create a shortcut for App1 in the new folder.
考题
You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003, and all client computers run Windows XP Professional. A new management directive states that users can log to the domain only during business hours. Users who remain logged on after business hours must be automatically disconnected from network resources. You need to enforce this directive by using the minimum amount of administrative effort. Which two actions should you perform?() (Each correct answer presents part of the solution. Choose two)A、Configure the Default Domain Policy Group Policy object (GPO) to increase scheduling priority for all users.B、Configure the Default Domain Policy Group Policy object (GPO) to force users to log off when their logon hours expire.C、Select all user accounts. Modify the account properties to restrict logon hours to business hours.D、Create a domain user account named Temp. Configure the account properties to restrict logon hours to business hours.E、Modify the DACL on the Default Domain Policy Group Policy object (GPO) to assign the Allow - Read permission to the Users group.
考题
You are a network administrator for TestKing. The network consists of a single Active Directory domain named testking.com. A user named Mrs. King works in the information technology (IT) security department. Mrs. King is a member of the ITSecurity global group. Mrs. King reports that no one in the ITSecurity global group can access the security log from the console of a computer named Testking1. You need to grant the ITSecurity global group the minimum rights necessary to view the security log on Testking1. How should you modify the local security policy?()A、Assign the Generate security audits user right to the ITSecurity global group.B、Assign the Manage auditing and security logs user right to the ITSecurity global group.C、Assign the Allow logon through Terminal Services user right to the ITSecurity global group.D、Assign the Act as part of the operating system user right to the ITSecurity global group.
考题
Your network contains a single Active Directory domain. Active Directory Rights Management Services (AD RMS) is deployed on the network. A user named User1 is a member of only the AD RMS Enterprise Administrators group. You need to ensure that User1 can change the service connection point (SCP) for the AD RMS installation. The solution must minimize the administrative rights of User1. To which group should you add User1()A、AD RMS AuditorsB、AD RMS Service GroupC、Domain AdminsD、Schema Admins
考题
You are the network administrator for . The network consists of a single Active Directory domain named All network servers run Windows Server 2003. All client computers run Windows XP Professional. Multiple users share the same client computer. A server named TestKing2 functions as a file and print server. You set the profile path for all user accounts to //TestKing2/Profiles/username. Some domain users were added to the local Administrators group on the Windows XP Professional computers. A user reports that other users can log on to client computers that he has previously used and gain access to files stored in his My Documents folder on the local hard disk. You need to permanently prevent users from being able to access the My Documents folder of other domain users on the client computers. What should you do?()A、In Active Directory, modify the Default Domain Policy. Disable the Do not check for user ownership of Roaming Profile Folders setting.B、In Active Directory, modify the Default Domain Policy. Enable the Delete cached copies of roaming profiles setting.C、Log on to all client computers and delete all user profiles from the local hard disks.D、Log on to all client computers and configure the Number of previous logons to cache setting to 0.
考题
Your network consists of a single Active Directory domain that contains two domain controllers. Both domain controllers run Windows Server 2003 Service Pack 2 (SP2). Auditing of successful account logon events is enabled on all computers in the domain. You need to identify the last time a specific user logged on to the domain. What should you do? ()A、Examine the System Event Log on the user’s computer.B、Examine the System Event Log on both domain controllers.C、Examine the Security Event Log on both domain controllers.D、Examine the Application Event Log on the user’s computer.
考题
You are the administrator of an Active Directory domain named A user reports that he forgot his password and cannot log on to the domain. You discover that yesterday morning the user reset his password and successfully logged on to the domain. You need to enable the user to log on to the domain. What should you do? ()(Choose two)A、Use Active Directory Users and Computers to move the account to the default organizational unit (OU) named Users. Instruct the user to restart his computer.B、Use Active Directory Users and Computers to open the account properties for the user's user account. Clear the Account is locked out check box, and select the User must change password at next logon check box.C、Use Active Directory Users and Computers to reset the user's password. Give the user the new password.D、Use Computer Management to reset the password for the local Administrator account.
考题
You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. All network servers run Windows Server 2003. You place computer accounts for servers in OUs that are organized by server roles. You apply GPOs to these servers at the OU level. You need to add a new server to the domain. You need to ensure that the appropriate GPOs are applied to this server. What should you do?()A、Prestage a domain computer account for the new server in the appropriate OU. Join the server to the domain by using the prestaged computer account.B、On the server, add the domain name for the Active Directory domain to the DNS suffix setting. Join the server to the domain.C、Assign a user account the Allow - Create permission for the appropriate OU. Join the new server to the domain by using the user account.D、Join the new server to the Active Directory domain. On the new server, run the gpupdate /force command.
考题
You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. The domain contains three domain controllers: DC1, DC2, and DC3. Each one hosts user data. DC1 experiences hard disk failure. You need to temporary restore the user data to DC2. Which type of restoration should you perform?()A、Automated System Recovery (ASR)B、NormalC、PrimaryD、Authoritative
考题
Your network consists of a single Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Your company’s security policy states that domain users must be prevented from logging on to Server1 if a domain controller is unavailable. You disconnect Server1 from the network and discover that you can log on to Server1. You need to configure Server1 to comply with the company’s security policy. What should you do on Server1? ()A、From the local security policy, modify the Security Options.B、From the local security policy, modify the User Rights Assignment.C、From Active Directory Users and Computers, modify the properties of the Server1 account.D、From Active Directory Users and Computers, modify the properties of the Domain Computers group.
考题
You are the network administrator for your company. The network consists of a single Active Directory domain named . All domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. All client computer accounts are stored in the Computer container. A user named Peter reports that he cannot log on to the domain from his computer. Peter receives the logon message shown in the exhibit. Exhibit: Logon Message Your account is configured to prevent you from using this computer. Please try another computer. You need to enable Peter to log on. What should you do?()A、Create an account for Peter's computer in the Computers container.B、Grant the Log on locally user right to Peter's user account.C、Enable Peter's user account.D、Change the properties of Peter's user account so he can log on to any computer.
考题
You are the network administrator for . The network consists of a single Active Directory domain named . All servers run Windows Server 2003. All client computers run Windows XP Professional. The network contains a domain controller named TestKing3. You create a preconfigured user profile on a client computer named TKClient1. You need to ensure that all users receive the preconfigured user profile when they log on to the network for the first time. All users must still be able to personalize their desktop environments. What should you do?()A、From TKClient1, copy the user profile to //TestKing3/netlogon/Default User.B、From TKClient1, copy the user profile to //TestKing3/netlogon/Default User. Change the User Profile path for all users in the Active Directory to //TestKing3/netlogon/Default. User.C、From TKClient1, copy the user profile to the C:/Documents and Settings/Default User folder. Share the Default User profile on the network.D、Create a Folder Redirection policy in Active Directory.
考题
You are a network administrator for your company. The network consists of a single Active Directory domain. A user named Mary works in the information technology (IT) security department. Mary is a member of the ITSecurity global group. Mary reports that no one in the ITSecurity global group can access the security log from the console of a computer named Server1. You need to grant the ITSecurity global group the minimum rights necessary to view the security log on Server1. How should you modify the local security policy?()A、Assign the Generate security audits user right to the ITSecurity global group.B、Assign the Manage auditing and security logs user right to the ITSecurity global group.C、Assign the Allow logon through Terminal Services user right to the ITSecurity global group.D、Assign the Act as part of the operating system user right to the ITSecurity global group.
考题
You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003, and all client computers run Windows XP Professional. A user named Lilli receives a new computer named Client223. She successfully logs on to the domain. The next day, she tries to log on again. The domain name appears in the domain dropdown list in the dialog box. However, Lilli cannot log on. You try to log on by using Client223, but you are also unsuccessful. Then you use a local Administrator account to log on. You read the following error message in the system event log. "NETLOGON Event ID 3210: Failed to authenticate with //Server5, a Windows NT domain controller for domain TestKing". You search the computer account for Client223 in Active Directory Users and Computers, but the account does not appear. You need to ensure that Lilli can log on to the domain successfully. What should you do?()A、Recreate the user account for Lilli and add her to all appropriate security groups.B、Run the netdom reset 'Client223' /domain:'testking' command and then restart Client223.C、Add Client223 to a workgroup. Then join Client223 to the domain.D、Reset the computer account for Server5 in Active Directory Users and Computers.
考题
You are a network administrator for Your network consists of a single Active Directory domain named All servers run Windows Server 2003. A help desk user reports that a user object was accidentally deleted and the user can no longer log on to the domain and access resources. You confirm that the user object was included in the most recent backup. You need to enable the user to log on to the domain. You must ensure that the user retains access to resources. What should you do?()A、Install a new domain controller. Install Active Directory from media by using the most recent backup. Manually initiate replication.B、Decrease the garbage collection interval. Perform a nonauthorative restoration of Active Directory by using the most recent backup.C、Perform a nonauthorative restoration of Active Directory by using the most recent backup. Authoritatively restore the user object that was deleted.D、Re-create a user object that has the same user principal name (UPN) as the user object that was deleted. Authoritatively restore this user object.
考题
You are the network administrator for The network consists of a sing Active Directory domain named All domain controllers run Windows Server 2003. All client computers run Windows XP Professional with default settings. Some users have portable computers, and the rest have desktop computers. You need to ensure that all users are authenticated by a domain controller whenthey log on. How should you modify the local security policy?()A、Require authentication by a domain controller to unlock the client computer.B、Cache zero interactive logons.C、Cache 50 interactive logons.D、Grant the Log on locally user right to the Users group.
考题
You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You use a non-administrative user account named Joseph to log on to a client computer. You need to change the password for a domain user account named Sophia. You open the Active Directory Users and Computers console. When you attempt to change Sophia's password, you receive the following error message: "Access is denied". You need to remain logged on to the client computer as Joseph, and you need to be able to change Sophia's password. What should you do?()A、Add the non-administrative domain user account to the local Administrators group.B、Use the runas command to run Active Directory Users and Computers with domain administrative credentials.C、From a command prompt, run the net user Sophia /add /passwordreq:yes command.D、From a command prompt, run the net accounts /uniquepw: /domain command.
考题
You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. The Default Domain Policy GPO is configured to prompt users to change their password 14 days before it expires. A user who returns from a two-week vacation reportes that she cannot log on to the domain. You discover that when she last logged on, she was prompted to change her password. She reports that she did not change her password before leaving on vacation. You need to ensure that the user can log on to the domain. What should you do?()A、Enable the user account.B、Reset the password for the user account.C、Use Active Directory Users and Computers to select the Password never expires option.D、Configure the Prompt user to change password before expiration security policy option to 21 days.
考题
You are the network administrator for The network consists of a single Active Directory domain named You install Windows Server 2003 on a computer named Testking6. Testking6 is a member of a workgroup. You configure Testking6 as the Web server for TestKing's intranet Web site. TestKing's written security policy states the following requirements: 1. Smart cards are required to log on to all servers. 2. Membership to the Remote Desktop Users group should remain empty. 3. Users should not be able to log on through Terminal Server by using a blank password. 4. Third-party applications should not be installed on network servers. When you attempt to log on to Testking6 by using your smart card, you receive an error message. You verify that your user account is a member of the Domain Admins global group in your domain. You need to be able to log on to Testking6 by using your smart card. What should you do?()A、Join Testking6 to the domain.B、In Computer Management, add your user account to the Administrators local group.C、Restart Testking6 in safe mode. From a command prompt, run the runas.exe /smartcard command.D、In the local security policy, assign your user account the Allow log on locally user right.
考题
单选题You are the network administrator for The network consists of a single Active Directory domain named All five domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. The domain's audit policy ensures that all account logon events are audited. A temporary employee named King uses a client computer named TestKing1. When King's temporary assignment concludes, his employment is terminated. Now you need to learn the times and dates when King logged on to the domain. You need to accomplish this goal by reviewing the minimum amount of information. What should you do?()A
Log on to TestKing1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for King's user account.B
Log on to TestKing1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for the TestKing1 computer account.C
Use Event Viewer to view the security log on each domain controller. Use the Find option to list only the events for King's user account.D
Use Event Viewer to view the security log on each domain controller. Set a filter to list only the events for King's user account.E
Use Event Viewer to view the security log on each domain controller. Set a filter to list only the events for the TestKing1 computer account.
考题
单选题Your network contains a single Active Directory domain. Active Directory Rights Management Services (AD RMS) is deployed on the network. A user named User1 is a member of only the AD RMS Enterprise Administrators group. You need to ensure that User1 can change the service connection point (SCP) for the AD RMS installation. The solution must minimize the administrative rights of User1. To which group should you add User1()A
AD RMS AuditorsB
AD RMS Service GroupC
Domain AdminsD
Schema Admins
热门标签
最新试卷