Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). All servers and client computers are members of the domain.You need to configure Automatic Updates on all computers to meet the following requirements:
(1)Install updates automatically on all computers.
(2)Prevent users from modifying the Automatic Update settings.
What should you do?()
A.From the Default Domain Policy, modify the Windows Update settings.
B.On each client computer, run wuauclt.exe /resetauthorization.
C.On each client computer, modify the Automatic Updates settings from Control Panel.
D.On a server, install and configure Windows Server Updates Services (WSUS) 3.0.
您可能感兴趣的试卷
你可能感兴趣的试题
A.the Security Templates snap-in
B.the Security Configuration Wizard
C.the Microsoft Baseline Security Analyzer
D.the Security Configuration and Analysis snap-in
A.Security Templates snap-in
B.Group Policy Management Console
C.Security Configuration and Analysis snap-in
D.Microsoft Baseline Security Analyzer (MBSA)
Your network consists of a single Active Directory domain. An organizational unit (OU) named Servers contains all member servers in the domain. The domain contains a Group Policy object (GPO) named Policy1.
A user account named Admin1 is used to administer the member servers. You need to allow Admin1 to apply Policy1 to the member servers. You must prevent Admin1 from modifying Policy1.
What should you do?()
A.Add Admin1 to the Server Operators group.
B.Add Admin1 to the Group Policy Creator Owners group.
C.On the Servers OU, assign Admin1 the permission to link GPOs.
D.On Policy1, assign Admin1 the permission to apply group policy.
Your network contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). You create a domain account named Admin1.
You need to configure the security for Admin1 to meet the following requirements:
(1)Allow Admin1 to monitor events in the system event log and the application event log
(2)Allow Admin1 to create and view counter logs in Performance Monitor
(3)Minimize the user rights assigned to Admin1
To which group should you add Admin1?()
A.Power Users
B.Administrators
C.Performance Log Users
D.Performance Monitor Users
A.Power Users
B.Administrators
C.HelpServicesGroup
D.Remote Desktop Users
A.Power Users
B.Administrators
C.HelpServicesGroup
D.Remote Desktop Users
A.Install and run the Security Configuration Wizard (SCW).
B.From the Authorization Manager snap-in, modify the authorization store type.
C.From Active Directory Sites and Services, run the Delegation of Control Wizard.
D.From Active Directory Users and Computers, run the Delegation of Control Wizard.
A.In the Default Domain Controller Policy, enable success and failure for the Audit logon events policy setting.
B.In the Default Domain Controller Policy, enable success and failure for the Audit account logon events policy setting.
C.In the Local Security Policy on Server1, enable success and failure for the Audit logon events policy.
D.In the Local Security Policy on Server1, enable success and failure for the Audit account logon events policy setting.
Your network consists of a single Active Directory domain named Contoso.com. All servers on the network run Windows Server 2003 Service Pack 2 (SP2).
All client computers on the network run Windows XP Professional Service Pack 3 (SP3). All computers run a custom application named App1. App1 requires domain authentication. App1 does not support smart card authentication.Your company implements a new security policy that states that all users must log on to their computers by using a smart card.You need to ensure that all users can use App1 while meeting the new security policy.
What should you do?()
A.Configure the Smart Card service to start automatically on all computers by using a Group Policy object (GPO).
B.From the properties of all user accounts, enable the Store password using reversible encryption setting.
C.From the properties of all user accounts, enable the Require smart cards for interactive logon setting.
D.Enable the Require smart cards for interactive logon policy setting on all computers by using a Group Policy object (GPO).
Your network consists of a single Active Directory domain named Contoso.com. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). You have two domain user accounts named Admin1 and User1. Admin1 is a member of the Administrators group on Server1. User1 is a member of the Domain Users group only.
You log on to Server1 as User1. You need to run several administrative tools. You must minimize the number of times you are prompted to enter a username and password when starting the tools. You must achieve this goal without logging off from Server1.
What should you do?()
A.Configure the secondary logon service to start by using the Admin1 account.
B.Configure the Start menu shortcut for each administrative tool to run as Admin1.
C.Create a Start menu shortcut for cmd.exe to run as Admin1, and then start the administrative tools from the command prompt.
D.Configure the Start menu shortcut for each administrative tool, and assign the Admin1 account ownership of the shortcuts.
最新试题
你是活动目录域的管理员。网络中包含一台名为Server1的域控制器。用户报告当他们登陆到Server1上时出现断断续续的延迟。管理报告说在Server1和其他的域控制器间的复制操作偶尔出现延迟。你需要检察出到Server1的网络连接间歇性延迟的原因。你同时要查出问题原因是否和Server1上的硬件资源不足有关。你需要花一天以上的时间来检查追踪延迟的原因。你该如何操作?()
你是公司的网络管理员。网络是一单活动目录域环境。域中有3台Windows Server 2003域控制器,20台Windows Server 2000域成员服务器,还有750台Windows XP Pro计算机。域中配置为只允许使用Kerberos协议对服务器连接认证授权。有用户报告当他试图连接一台域成员服务器时,收到“Access denied”(访问拒绝)错误提示。你要在用户的客户机上测试Kerberos授权功能。在用户的客户机上的命令提示符(cmd)下,你要运行那些命令?()
你是Coho Winery的网络管理员。网络中包含一个单活动目录域cohowinery .net。所有的域控制器都配置成DNS服务器并为cohowinery .net运行着一个活动目录合并区域。 本地ISP向用户提供互联网连接服务。cohowinery .com中的所有站点都部署在网络周边。cohowinery .com的一个辅助区域部署在内网的一台Windows Server 2003服务器上Server1上。所有的客户端只向Server1提交名称解析。你需要配置DNS解析以确保所有的客户端计算机能够登陆网络,并且访问Web站点浏览互联网。你也要确保cohowincery .net区域尽可能的安全。你将采取哪两个操作步骤?()
你是Fabrikam.Inc公司网络管理员。网络是一单活动目录域环境,域名fabrikam.com。一台Windows server 2003服务器Server1为域中提供DNS服务器功能。WingTip Yoys是Fabrikam公司的一个分部。WingTip Toys中有一单活动目录域环境,域名Wingtipyoys.com。Server1是的Wingtipyoys.com的辅助区域服务器。你监视着两个域间的通知通信。当Wingtipyoys.com的主要区域服务器上有可用变化并通知Server1服务器数据同步时,你要将之记录下来。你该怎么操做?()
你是公司网络管理员。网络中包含一个单活动目录域。域中包含15台Windows Server 2003计算机和3000台Windows XP Professional客户端计算机。所有的计算机都运行着最新的升级补丁包。在服务器Server1上你安装并配置了WSUS服务。所有的客户端计算机帐户都在客户端组织单元中(OU)。你创建了一个组策略对象(GPO)WSUS。当前,所有的计算机都从Microsoft公司获得升级服务。你要让所有的客户端计算机,且仅限客户计算机都从Server1上获取升级。你要配置所有的客户端计算机从Server1上获取Windows security updates。你需要使用最低的管理开销完成这个任务。你该如何操作()?
你是Humongous Insurance公司网络管理员。网络是一单活动目录域环境,域名humongous.com。域中有Windows server 2003 和Windows XP Pro计算机。你配置了几个组策略对象(GPOs)使用IPSec来加强那些特定计算机间的可靠通信安全。在Server2上运行着Telnet服务(远程登录)。一个GPO使用IPSec策略来确保对所有到Server2上的Telnet通信加密。但是,你监视网络通信发现这些Telnet连接并未被加密。 你要察看由GPO规定并应用在Server2上的所有IPSec设置。你将使用哪个工具()?
你是公司网络管理员。你在公司Chicago的办公室工作。你们办公室网络中有40台Windows XP Pro桌面机和1台Windows Server 2003 服务器Server1。Server1通过一条512-Kbps的租用线路连接互联网。公司主办公室在Seattle。在Chicago办公室中的桌面机用户是一种新软件产品的开发人员。你要让这些用户在Server1上的一个共享文件夹中保存每天的工作记录。你要让在Seattle的用户可以同FTP从该文件夹中下载这些记录据。你在Server1安装了IIS并配置了FTP服务站点,以便Seattle的用户可以下载这些数据。 但是你监视发现有来自互联网的连接试探,并注意到有大量的HTTP连接。你要加强Server1的安全,以便不受互联网中恶意用户的影响。Server1也必须连接到互联网中下载升级数据和更新病毒库。你需要再采购一些硬件或软件。你将对Server1如何操作?()
你是A.Datum公司的网络管理员。网络是一个单活动目录域环境,域名adatum.net。Adatum.com域名下的所有Web服务,电子邮件服务都外包给了一家ISP。所有对adatum.com的名称解析都由ISP提供。你无权管理ISP处的DNS服务器。你不可以在ISP的DNS服务器上使用nslookup命令列出阿datum .com的资源内容。一台Windows Server 2003计算机Server1上配置了adatum .net的一个主要区域。Server1上的所有根提示已被删除了。所有客户端计算机都向这台计算机提交名称解析。你要配置该服务器的DNS解析以保证所有的客户端计算机都能定位并访问adatum.com,adatum.net及互联网的资源。你该如何操作?()
你是公司网络管理员。公司网络是一个单活动目录域。域中有一个组织单元(OU)Webservers。在Webservers中包含12台作为内网Web Server的Windows Server 2003计算机的账号。组策略对象(GPO)WebserversPolicy链接到了组织单元Webservers。该GPO被用来配置OU中计算机的各种设置。在每个内网Web Server的管理员本地组中有一个名为WebserverAdmins的全局组成员。你计划在每个内网Webserver上安装一个安全扫描应用程序。该应用程序文档规定它必须使用一个服务账号,以此能够对安装了该应用程序的计算机的注册表的HKEY_LOCAL_MACHINE\SYSTEM键值进行修改。 你在域中创建了这个服务账号。公司的安全策略规定:安全账号只能分配得到完成功能的最低限度权利和许可。你需要配置内网的Web servers以便该安全扫描应用程序能够被安装接受。你同时也要遵从公司的安全策略。你要用最低的管理花销实现这个目的。你该怎么做?()
你是公司网络管理员。在Denver(丹佛)的办公室当前正使用一台Windows Server 2003服务器Server23连接到公共WAN上。Server23被配置为一台拨号连接路由器。在Server23上有两块网卡,一块连接本地LAN以太网。另一块连接外网宽带。公司计划在Denver办公室增加至少25%的新雇员,你要确保当前的网络宽带连接能满足将来的扩展需要。你要在Server23上使用系统监视器察看现在的宽带网络连接利用率。你该如何操作?()