考题
The company wants to evaluate making all business office users administrators on their client computers. You need to design a method to ensure that this change can be made in a manner that meets business and security requirements. What should you do?()A、On all domain controllers, implement registry access auditing for all registry keys that are considered sensitive by the company’s written security policyB、On all client computers, implement logon auditing for all user account logonsC、On all client computers, configure registry access auditing for all registry keys that are considered sensitive by the company’s written security policyD、On all domain controllers, implement logon auditing for all user account logons
考题
You design a Business Intelligence (BI) solution by using SQL Server 2008. The solution includes a SQL Server 2008 Reporting Services (SSRS) infrastructure in a scale-out deployment. All reports use a SQL Server 2008 relational database as the data source. You implement row-level security. You need to ensure that all reports display only the expected data based on the user who is viewing the report. What should you do?()A、 Store the credential of a user in the data source.B、 Configure the infrastructure to support Kerberos authentication.C、 Configure the infrastructure to support anonymous authentication by using a custom authentication extension.D、 Ensure that all report queries add a filter that uses the User.UserID value as a hidden parameter.
考题
You need to design a PKI solution that meets business and security requirements. What should you do?()A、Implement an enterprise root CA in the corp.woodgrovebank.com domain.Implement subordinate CAs in each child domain. Take the root CA offlineB、Implement an enterprise root CA in the corp.woodgrovebank.com domainC、Implement an enterprise root CA in each of the child domains. Take the enterprise CA in each domain offlineD、Implement an enterprise root CA in the corp.woodgrovebank.com domain. Implement a stand-alone root CA in each of the child domains
考题
You need to design a method to deploy security configuration settings to servers. What should you do?()A、Run the Resultant Set of Policy wizard with a Windows Management Instrumentation (WMI) filter on each department’s Server OUB、Log on to each server and use local policy to configure and manage the security settingsC、Create a customer security template. Log on to a domain controller and run the seceditcommand to import the security templateD、Create a customer security template. Create a GPO and import the security template. Link the GPO to each department’s Server OU
考题
Your company has a main office and a branch office. The main office contains two domain controllers. You create an Active Directory site named BranchOfficeSite. You deploy a domain controller in the branch office, and then add the domain controller to the BranchOfficeSite site. You discover that users in the branch office are randomly authenticated by either the domain controller in the branch office or the domain controllers in the main office. You need to ensure that the users in the branch office always attempt to authenticate to the domain controller in the branch office first. What should you do()A、Create organizational units (OUs).B、Create Active Directory subnet objects.C、Modify the slow link detection threshold.D、Modify the Location attribute of the computer objects.
考题
You are a help desk technician for your company. Susan is an executive. Because Susan travels frequently, she uses a Windows XP Professional portable computer that has a smart card reader. Susan asks you to configure her computer so that she can dial in to the company network when she is out of the office. Company security policy states that dial-in users must use a smart card when they connect to the network, and that the users must use the strongest form of data encryption possible. Company security policy also states that client computers must disconnect if the Routing and Remote Access server does not support both smart card authentication and the strongest possible authentication. You need to configure the dial-up connection properties on Susan’s computer to dial in to the company network. Your solution must ensure that company security policies are enforced. Which three actions should you perform?() A、Select the Advanced (custom settings) security option.B、Select the Require data encryption check box. C、Select the Typical (recommended settings) security option. D、Select the Use smart card item from the Validate my identity as follows list.E、Select the Maximum strength encryption item from the Data encryption list.F、Select the Extensible Authentication Protocol (EAP) option, and select Smart Card or other Certificate from the EAP list.
考题
You need to design a method to implement account policies that meets the requirements in the written security policy. What should you do?()A、Create a GPO and link it to the New York OU, to the Denver OU, and to the Dallas OU.Configure the GPO with the required account policy settingsB、On all computers in the domain, configure the Local Security Policy7 with the required account policy settingsC、Configure the Default Domain Policy GPO with the required account policy settingsD、Configure the Default Domain Controllers Policy GPO with the required account policy settings
考题
You are the network administrator for Blue Yonder Airlines. You plan to create an Active Directory domain named blueyonderairlines.com that will have a functional level of Windows Server 2003. Your company has one main office and four branch offices, which are all located in one country. A central security department in the main office is responsible for creating and administering all user accounts in all offices. Each office has a local help desk department that is responsible for resetting passwordswithin the individual department’s office only. All user accounts are located in the default Users container. You need to create an organizational unit (OU) structure to support the delegation of authority requirements. You want to minimize the amount of administrative effort required to maintain the environment. What should you do?()A、 Create a toplevel OU named BlueYonderAirlines_Users under the blueyonderairlines.com domain. Create a separate child OU for each office under BlueYonderAirlines_Users. Move the user accounts of all employees in each office to the child OU for that office.B、 Create a toplevel OU named Main_Office under the blueyonderairlines.com domain. Move the user accounts of all users in the main office to the Main_Office OU.Create a separate child OU for each branch office under the Main_Office OU. Move the user accounts of all users in each branch office to the child OU for that office.C、 Create a toplevel OU named BlueYonderAirlines_Users under the blueyonderairlines.com domain. Create a child OU named Central_Security under BlueYonderAirlines_Users. Move the user accounts of the central security department users to the Central_Security OU.Create a child OU named Help_Desk under BlueYonderAirlines_Users. Move the user accounts of the help desk users to the Help_Desk OU.D、 Create a toplevel OU named BlueYonderAirlines_Users under the blueyonderairlines.com domain. Create a child OU named Central_Security under BlueYonderAirlines_Users. Move the user accounts of the central security department users to the Central_Security OU.Create a separate child OU under BlueYonderAirlines_Users for each office. Move the user accounts of the help desk users in each office to the child OU for that office.
考题
You need to design an authentication solution for the wireless network. Your solution must meet the security requirements. What should you do?()A、Create wireless VPNs using L2TP/IPSec between the client computers to the wireless access pointB、Configure IEEE 802.1x authentication with smart cardsC、Configure the wireless network to use Wired Equivalent Privacy (WEP)D、Install and configure an Internet Authentication Service (IAS) server
考题
You need to design security changes that provide maximum protection for customer data and courier assignments.What should you do?()A、Create a separate domain for courier authenticationB、Implement smart card authentication for business office users and couriers, upgrading client operating systems as needed. Modify the Web kiosks to require smart card presence for continued accessC、Modify the Default Domain Policy Group Policy object (GPO) so that couriers must use complex user account passwords. Require all couriers to change their passwords the next time they log on to the Web applicationD、Use Encrypting File System (EFS) to encrypt all files that contain customer data
考题
You are designing an authentication strategy for the accounting department. Your solution must meet business requirements. What should you do?()A、Install wireless network cards on all accounting department computers. Select PEAP authenticationB、Install user certificates on all accounting department computers. Configure these computers to respond to requests for IPSec encryptionC、Issue smart cards and smart card readers to all accounting department users and computers. Require NTLMv2 authenticationD、Issue smart cards and smart card readers to all accounting department users and computers. Configure the domain to require smart cards for the accounting department users during logon
考题
You need to design a domain model that meets the company business and security requirements for controlling access to the new Web-based ordering application. What should you do?()A、Create a child OU within the existing domainB、Create a child domain of the existing domainC、Create a new domain in a new forest. Configure the new domain to trust the existing domainD、Create a new tree in the existing forest. Configure the new domain to trust the existing domain
考题
You have an enterprise subordinate certification authority (CA). The CA issues smart card logon certificates. Users are required to log on to the domain by using a smart card. Your companys corporate security policy states that when an employee resigns, his ability to log on to the network must be immediately revoked. An employee resigns. You need to immediately prevent the employee from logging on to the domain. What should you do()A、Revoke the employees smart card certificate.B、Disable the employees Active Directory account.C、Publish a new delta certificate revocation list (CRL).D、Reset the password for the employees Active Directory account.
考题
You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()A、Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computersB、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersC、Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersD、Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers
考题
You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?()A、Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domainB、Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security templateC、Create a logon script to run the secedit command to analyze all servers in the domainD、Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain
考题
You need to design an authentication strategy for users of portable computers. Your solution must meet business requirements. What should you do?()A、Issue smart cards and smart card readers to all portable computer users. Configure the domain to require smart cards for login and to log off users who remote their smart cardsB、Configure the portable computers to connect to only wireless networks that use Wired Equivalent Privacy (WEP). Install digital certificates on all portable computersC、Install computer certificates on all portable computers. Configure all portable computers to respond to requests for IPSec encryptionD、Install biometric authentication devices on all portable computers. Configure the Default Domain Policy GPO to require complex passwords for all users
考题
You need to design an authentication solution for Terminal Services that meets the business requirements.What should you do?()A、Configure the terminal server to use smart cardsB、Configure IPSec to permit only Remote Desktop Protocol (RDP) connections to the terminal serverC、Deny the Remote Desktop Users group access to the terminal serverD、Restrict treyresearch.com users from logging on locally to the terminal server
考题
单选题You need to design a storage strategy that meets all business and technical requirements. What should you do?()A
Create a storage group for each office. Within each storage group, create a single databaseB
Create a storage group for each region. Within each storage group, create a single databaseC
Create a storage group for each region. Within each storage group, create separate databases for each office in that regionD
Create a single storage group. Within that storage group, create a separate database for each office
考题
单选题You need to design a method to deploy security configuration settings to servers. What should you do?()A
Run the Resultant Set of Policy wizard with a Windows Management Instrumentation (WMI) filter on each department’s Server OUB
Log on to each server and use local policy to configure and manage the security settingsC
Create a customer security template. Log on to a domain controller and run the seceditcommand to import the security templateD
Create a customer security template. Create a GPO and import the security template. Link the GPO to each department’s Server OU
考题
单选题The company wants to evaluate making all business office users administrators on their client computers. You need to design a method to ensure that this change can be made in a manner that meets business and security requirements. What should you do?()A
On all domain controllers, implement registry access auditing for all registry keys that are considered sensitive by the company’s written security policyB
On all client computers, implement logon auditing for all user account logonsC
On all client computers, configure registry access auditing for all registry keys that are considered sensitive by the company’s written security policyD
On all domain controllers, implement logon auditing for all user account logons
考题
单选题You are the network administrator for Blue Yonder Airlines. You plan to create an Active Directory domain named blueyonderairlines.com that will have a functional level of Windows Server 2003. Your company has one main office and four branch offices, which are all located in one country. A central security department in the main office is responsible for creating and administering all user accounts in all offices. Each office has a local help desk department that is responsible for resetting passwordswithin the individual department’s office only. All user accounts are located in the default Users container. You need to create an organizational unit (OU) structure to support the delegation of authority requirements. You want to minimize the amount of administrative effort required to maintain the environment. What should you do?()A
Create a toplevel OU named BlueYonderAirlines_Users under the blueyonderairlines.com domain. Create a separate child OU for each office under BlueYonderAirlines_Users. Move the user accounts of all employees in each office to the child OU for that office.B
Create a toplevel OU named Main_Office under the blueyonderairlines.com domain. Move the user accounts of all users in the main office to the Main_Office OU.Create a separate child OU for each branch office under the Main_Office OU. Move the user accounts of all users in each branch office to the child OU for that office.C
Create a toplevel OU named BlueYonderAirlines_Users under the blueyonderairlines.com domain. Create a child OU named Central_Security under BlueYonderAirlines_Users. Move the user accounts of the central security department users to the Central_Security OU.Create a child OU named Help_Desk under BlueYonderAirlines_Users. Move the user accounts of the help desk users to the Help_Desk OU.D
Create a toplevel OU named BlueYonderAirlines_Users under the blueyonderairlines.com domain. Create a child OU named Central_Security under BlueYonderAirlines_Users. Move the user accounts of the central security department users to the Central_Security OU.Create a separate child OU under BlueYonderAirlines_Users for each office. Move the user accounts of the help desk users in each office to the child OU for that office.
考题
单选题You need to design an authentication solution for Terminal Services that meets the business requirements.What should you do?()A
Configure the terminal server to use smart cardsB
Configure IPSec to permit only Remote Desktop Protocol (RDP) connections to the terminal serverC
Deny the Remote Desktop Users group access to the terminal serverD
Restrict treyresearch.com users from logging on locally to the terminal server
考题
单选题You are designing an authentication strategy for the accounting department. Your solution must meet business requirements. What should you do?()A
Install wireless network cards on all accounting department computers. Select PEAP authenticationB
Install user certificates on all accounting department computers. Configure these computers to respond to requests for IPSec encryptionC
Issue smart cards and smart card readers to all accounting department users and computers. Require NTLMv2 authenticationD
Issue smart cards and smart card readers to all accounting department users and computers. Configure the domain to require smart cards for the accounting department users during logon
考题
单选题You need to design an authentication strategy for users of portable computers. Your solution must meet business requirements. What should you do?()A
Issue smart cards and smart card readers to all portable computer users. Configure the domain to require smart cards for login and to log off users who remote their smart cardsB
Configure the portable computers to connect to only wireless networks that use Wired Equivalent Privacy (WEP). Install digital certificates on all portable computersC
Install computer certificates on all portable computers. Configure all portable computers to respond to requests for IPSec encryptionD
Install biometric authentication devices on all portable computers. Configure the Default Domain Policy GPO to require complex passwords for all users
考题
单选题You need to design a method of communication between the IT and HR departments. Your solution must meet business requirements. What should you do?()A
Design a custom IPSec policy to implement Encapsulating Security Payload (ESP) for all IP traffic Design the IPSec policy to use certificate-based authentication between the two departments’ computersB
Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersC
Design a customer IPSec policy to implement Encapsulating Payload (ESP) for all IP traffic. Desing the IPSec policy to use preshared key authentication between the two departments’ computersD
Design a customer IPSec policy to implement Authentication Header (AH) for all IP traffic. Desing the IPSec policy to use certificate-based authentication between the two departments’ computers
考题
单选题You have an enterprise subordinate certification authority (CA). The CA issues smart card logon certificates. Users are required to log on to the domain by using a smart card. Your company’s corporate security policy states that when an employee resigns, his ability to log on to the network must be immediately revoked. An employee resigns. You need to immediately prevent the employee from logging on to the domain. What should you do()A
Revoke the employee’s smart card certificate.B
Disable the employee’s Active Directory account.C
Publish a new delta certificate revocation list (CRL).D
Reset the password for the employee’s Active Directory account.
考题
单选题You have an enterprise subordinate certification authority (CA). The CA issues smart card logon certificates. Users are required to log on to the domain by using a smart card. Your companys corporate security policy states that when an employee resigns, his ability to log on to the network must be immediately revoked. An employee resigns. You need to immediately prevent the employee from logging on to the domain. What should you do()A
Revoke the employees smart card certificate.B
Disable the employees Active Directory account.C
Publish a new delta certificate revocation list (CRL).D
Reset the password for the employees Active Directory account.