You are the desktop administrator for Contoso, Ltd. The company's network contains 1,000 Windows XP Professional computers, which are members of a single Active Directory domain. The computers' hard disks are formatted as NTFS. The company's software developers release a new custom application. The application uses a .dll file named AppLib.dll, which is installed in a folder named \Program Files\Contoso\OpsApp. The company's help desk technicians report that several users experience problems when they use the application because the AppLib.dll file was deleted on their client computers. The company's software developers recommend that you modify the file permissions on AppLib.dll so that users have only Read permission on the file. You need to ensure that all users have only Read permission on the AppLib.dll file on all 1,000 Windows XP Professional computers.
What should you do?()
A.Write a logon script that moves the AppLib.dll file into the %systemroot%\System32 folder.
B.Ensure that Windows File Protection is enabled on all 1,000 Windows XP Professional computers.
C.Apply the logon script to all domain user accounts.
D.Use the Security Configuration and Analysis console to create a new security template that modifies the file permissions on AppLib.dll.
E.Use Active Directory Group Policy to import and apply the template to all 1,000 Windows XP Professional computers.
F.Repackage the custom application in a Windows Installer package.
您可能感兴趣的试卷
你可能感兴趣的试题
You are the desktop administrator for one of your company's branch offices. The network in the branch office contains 20 Windows XP Professional computers. Windows XP Professional was installed on the computers by using a RIS image. The computers also use a security template named Standard.inf, which you created and applied to the computers. The company's information security department releases a new security template named Corporate.inf. You are instructed to apply Corporate.inf to all 20 Windows XP Professional computers in your office. You are also instructed to make a list of all policies that are defined in Corporate.inf but that are not already enforced on the Windows XP Professional computers. You import Corporate.inf into the Security Configuration and Analysis console on your Windows XP Professional computer. The analysis is shown in the exhibit.
You need to document the security policies that will be enforced for the first time when Corporate.inf is applied to the computers in your office.
Which policies should you document?()
A.the policies that are displayed with an X or an exclamation point in the analysis
B.the policies that are displayed with a check mark in the analysis
C.the policies that are displayed as Enabled in the Computer Setting column
D.the policies that are displayed as Disabled in the Computer Setting column
You are the administrator of the Windows XP Professional portable computers that are used by your company's sales representatives. The computers are members of a Windows 2000 domain. A Windows 2000 Server computer named Server1 contains the sales data used by the sales representatives in a shared folder named Data. When sales representatives travel, they use the Offline Files feature to access the files in the \\Server1\Data shared folder. You want to ensure that the offline files on the portable computers are not accessible by unauthorized persons, in the event that a portable computer is lost.
What should you do?()
A.Instruct the sales representatives to configure the permissions on the offline files on their portable computers to allow access for only their user accounts.
B.On Server1, configure the permissions on all files in the Data shared folder to allow access for only the sales representatives.
C.Use a Group Policy object (GPO) to enable the Encrypt the Offline Files cache option for the portable computers.
D.On the portable computers, enable encryption of the %systemroot%\CSC folder.
E.Apply this setting to the folder and files in the CSC folder.
F.On Server1, encrypt all files in the Data shared folder.
You are a help desk technician for your company. All users have Windows XP Professional computers. Ten users run a custom application named Finance on their computers. Finance stores user passwords in a file named Passwords.ini. By default, the Passwords.ini file is stored in a folder named C:\Winnt\App1. The location and name of the file can be changed by an administrator. Each Passwords.ini file is unique. Each computer contains a single logical drive, which is drive C and is formatted as NTFS. In order to comply with a new company security policy, you need to ensure that the Passwords.ini files are encrypted.
What should you do?()
A.In the properties of the C:\Winnt\App1 folder, use Windows Explorer to select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box.
B.Ask a network administrator to share a new encrypted folder named PassFiles on a network server and to permit users to read the files contained within the folder. Copy the Passwords.ini file from each computer into the PassFiles folder. On each computer, configure Finance to use the Passwords.ini file in the PassFiles folder.
C.Create a folder named C:\Files. Copy the Passwords.ini file to the C:\Files folder. In the properties of the C:\Files folder, select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box. Configure Finance to use the C:\Files\Passwords.ini file.
D.Create a folder named C:\Files. Move the Passwords.ini file to the C:\Files folder. Instruct the user of each computer to open the properties of the C:\Files folder and select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box. Configure Finance to use the C:\Files\Passwords.ini file.
You are the administrator of a Windows XP Professional computer named Pro1. The computer is connected to the Internet. Pro1 provides Internet access to eight other Windows XP Professional computers that are connected to Pro1. You enable Internet Connection Sharing (ICS) and Internet Connection Firewall (ICF) on Pro1. You run an application named App1 on Pro1. App1 communicates with an online training company on the Internet. In order to display an online seminar, the training company needs to contact the App1 application at port 5800. You want to ensure that the training company can connect to the App1 application.
What should you do?()
A.Configure ICF to enable the Internet Control Message Protocol (ICMP) Allow redirect option. Then start the App1 application that opens port 5800.
B.Create a new service definition named App1. Use port 5800 as the external and internal port number.
C.Edit the %systemroot%\System32\Drivers\Etc\Services file on Pro1 to include a service definition named App1 for port 5800.
D.Change the TCP/IP settings on Pro1 to enable TCP/IP filtering. Permit network traffic on port 5800.
You are a help desk technician for your company. The company network consists of a single Active Directory domain. All client computers run Windows XP Professional. The help desk technicians use Remote Assistance to remotely control user sessions to provide online support to users. The users currently use Microsoft Exchange and Microsoft Outlook to submit Remote Assistance invitations to the help desk technicians. Stephen is a user in the sales department. Stephen has a portable computer and frequently travels to customer locations. While Stephen is in the corporate office, he submits a Remote Assistance invitation to the help desk. When you attempt to answer the invitation and establish the Remote Assistance session, you receive the error message shown in the exhibit.
You verify that Stephen's computer is connected to the network and that he did not cancel the invitation. You also verify that the invitation did not expire. You do not experience similar problems when establishing Remote Assistance sessions with other computers. You need to be able to establish a Remote Assistance session with Stephen's computer.
What should you do?()
A.Enable the Remote Desktop service definition in Internet Connection Firewall (ICF) on Stephen's computer.
B.Add your user account to the Remote Desktop Users list on Stephen's computer.
C.In the System properties of Stephen's computer, select the Allow users to connect remotely to this computer option, and add your user account to the list of allowed users.
D.In the Local Security Policy of Stephen's computer, grant your user account the Allow logon through Terminal Services user right.
You are the help desk manager for your company. The company network consists of a single Active Directory domain. All client computers run Windows XP Professional. All help desk technicians are members of the Help Desk Technicians group. They use Remote Assistance to remotely control user sessions to provide online support and training to users. The users currently use Windows Messenger to submit Remote Assistance invitations to the help desk technicians. You want to reduce the time required for help desk technicians to respond to Remote Assistance requests. To accomplish this goal, you want to configure the client computers to allow help desk technicians to establish a Remote Assistance session with a client computer without requiring an invitation from a user.
What should you do?()
A.In the Default Domain Policy, set the Remote Assistance - Solicited Remote Assistance policy setting to Disabled.
B.In the Default Domain Policy, set the Remote Assistance - Offer Remote Assistance policy setting to Enabled and add the Help Desk Technicians group to the Helpers list.
C.In each computer's Local Security Policy, grant the Help Desk Technicians group the Allow logon through Terminal Services user right.
D.In the System properties for each computer, select the Allow users to connect remotely to this computer option, and add the Help Desk Technicians group to the list of allowed users.
You are a help desk technician for your company. A portion of your company’s network is shown in the exhibit.
Michael is an employee in your company’s marketing department. Michael uses a Windows XP Professional computer that is located on Subnet A. You use a Windows XP Professional computer that is located on Subnet B. The company’s firewall does not use Network Address Translation (NAT). Michael sends you a Remote Assistance invitation. In Windows Messenger, you accept the invitation, but you cannot connect to Michael’s computer. Next, you run the Ping command, which verifies connectivity to Michael’s computer. You need to establish a Remote Assistance connection with Michael’s computer.
What should you do next?()
A.Ask your firewall administrator to open the TCP/IP ports that are used by Windows Messenger.
B.Ask your firewall administrator to open the TCP/IP ports that are used by Remote Desktop Services.
C.Instruct Michael to create an invitation file and then e-mail the file to you as a file attachment. When you receive the e-mail, open the file attachment.
D.Instruct Michael to edit the System properties for his computer and add your domain user account to the Remote Desktop Users list on the Remote tab.
You are the manager of your company's Web development department. The company network consists of a single Active Directory domain. All client computers run Windows XP Professional. You install Internet Information Services (IIS) on a Windows XP Professional computer. Users in your department use the computer as a test Web server for new content that they develop. You are a member of the Administrators group on the computer, and you use Remote Desktop to perform routine administrative tasks. Several of the virtual directories on the Web server contain confidential company data. You assign NTFS and IIS permissions to the folders and files on the Web server, the default Web site, and the virtual directories, as shown in the following table.
You administer the default Web site, which contains a page that lists the Web development projects in progress. The Web page also contains links to each of the virtual directories that are hosted on the Web server. You use Microsoft FrontPage to manage the default Web site. Users in the Web development department control the permissions on their own NTFS folders and virtual directories. Occasionally, users report that the permissions on their folders and virtual directories are reset to the default values. You investigate and discover that this occurs whenever you update the default Web site.
What should you do to resolve this problem?()
A.In the default Web site's properties, on the Server Extensions tab, select the Manage permissions manually check box.
B.Change the NTFS permissions on the default Web site to only Allow - Read and Allow - Write.
C.Change the IIS permissions on the default Web site to only Read.
D.In the properties for each virtual directory, set the Execute Permissions option to Scripts only.
You are the desktop administrator for your company. Your company’s software developers use Windows XP Professional and IIS on their client computers to develop Web-based applications. All client computers use Microsoft Internet Explorer 6. 0 or later as their Web browser. One of the developers reports that he can no longer access the Web-based application on his desktop by using his Web browser. When you attempt to access the application by using your Web browser, you receive the following error message: “Cannot find server or DNS Error.” You verify that the World Wide Web Publishing Service is started on the developer’s computer. You also verify that you are using the correct URL to access the developer’s computer by using your Web browser. You need to ensure that the developer can access the Web application by using his Web browser.
How should you configure the developer’s computer?()
A.Start the default Web site.
B.Start the IIS Admin Service.
C.Run the IPconfig /registerdns command.
D.In the default Web site properties,disable the host header setting.
You are the desktop administrator for your company. The relevant portion of the company’s network is configured as shown in the exhibit.
Bruno is a user in the accounting department. Bruno uses a new Windows XP Professional computer. Bruno reports that he cannot access Web sites on the Internet by using Internet Explorer. However, he can access intranet Web sites that are located on other network subnets by using Internet Explorer. Other users on the network can successfully access Internet Web sites. You need to ensure that Bruno can access Internet Web sites by using Internet Explorer on his computer.
What should you do?()
A.Configure Internet Explorer on Bruno's computer to use the proxy server.
B.Configure Internet Explorer on Bruno's computer to permit SSL connections.
C.Configure TCP/IP on Bruno's computer to use 192. 168. 10. 57 as the default gateway.
D.Configure TCP/IP on Bruno's computer to use 192. 168. 10. 56 for DNS name resolution.
最新试题
You network contains a Web site named www.contoso.com. The Web site is configured as shown in the exhibit.Your user account has write permissions to the c:\inetpub\wwwroot folder on the Web server. You need to copy files to www.contoso.com.What should you do first?()
Your network contains a computer that runs Windows XP Professional. Multiple users share the computer. You create a custom user profile on the computer. You need to ensure that all new users of the computer receive the custom user profile.What should you do?()
You have a computer that runs Windows XP Professional. Multiple users share the computer. You log on to the computer by using the local administrator account and install a custom application. You need to add an application shortcut to the desktop of all new users who use the computer. The shortcut must appear on the desktop of new users only.What should you do?()
A user has a computer that runs Windows XP Professional. The user attempts to connect to the computer by using a Remote Desktop Connection and receives the following error message: “The local policy of the system does not permit you to log on interactively.” You need to ensure that the user can log on to the computer by using a Remote Desktop Connection.What should you do?()
You have a public computer that runs Windows XP Professional. All users log on to the computer by using the same user account. You log on to the computer by using the local administrator account and attempt to access a secure Web site. You discover that you have automatically logged on to the secure Web site by using the credential of another user. You need to connect to the secure Web site by using your own credentials.What should you do?()
You have a computer that runs Windows XP Professional. You need to create a floppy disk to start Windows XP Professional on the computer if the start files become corrupt. What should you do?()
You have a computer that runs Windows XP Professional. Normal backups are scheduled to run every Sunday at 22:00 Eastern Time. Differential backups are scheduled to run every Monday through Saturday at 22:00 Eastern Time. The computer fails on Thursday at 9:00 Eastern Time. You need to restore the computer from the backup by using the most recent data available. You must achieve this goal by using the minimum amount of administrative effort. You reinstall Windows XP Professional on the computer.What should you do next?()
You network contains 500 computers. You have a computer that runs Windows XP Professional. The computer is used to perform application testing and has Internet Information Services (IIS) installed. The computer has a group named Developers. You need to ensure that only the members of the Developers group can access the Web site. Which two configuration changes should you perform?()
You have a computer named Computer1 that runs Windows XP Professional. Computer1 is a member of a workgroup. You need to prevent all users from encrypting files on Computer1.What should you do?()
You have two computers named Computer1 and Computer2. The computers run Windows XP Professional and are joined to an Active Directory domain. Computer1 contains the recovery agent certificate for the domain. A domain user named User1 encrypts files on Computer2 in a folder named C:\User1. The user leaves the company and the administrator deletes User1’s account. You need to decrypt the files encrypted by User1.What should you do?()