You are the network administrator for . The network consists of a single Active Directory domain named All network servers run
Windows Server 2003. Half of the client computers run Windows XP Professional and the other half run Windows NT 4.0 Workstation.
You install Terminal Server on five member servers named TestKingSrvC through TestKingSrvG. You place all five servers in an organizational unit (OU) named Terminal Server. You link a group Policy object (GPO) to the Terminal Server OU.
Two days later, users notify you, that the performance of TestKingSrvF is unacceptable slow. You discover that TestKingSrvF has 75 disconnected Terminal
Server sessions.You need to configure all five terminal servers to end disconnected sessions after 15
minutes of inactivity. You must achieve this goal by using the minimum amount of administrative effort.
What should you do?()
A. Log on the console of each terminal server. In the RDP-Tcp connection properties, set the End a disconnected session option to 15 minutes.
B. Edit the GPO to set the time limit for disconnected sessions to 15 minutes.
C. On TestKingSrvC, run the tsdiscon] command to disconnect all 75 users from TestKingSrvF
D. In Active Directory Users and Computers, set the End a disconnected session option for all domain user accounts to 15 minutes.
您可能感兴趣的试卷
你可能感兴趣的试题
You are the network administrator for The network consists of a single Active Directory domain named The functional level of the domain is Windows Server 2003.
Some user accounts have expiring passwords and some do not.
You need to identify all user accounts that do not have expiring passwords. You need to modify the password property to allow the passwords on these accounts to expire. You must complete this task by using the minimum amount of administrative effort.
First, you create a saved query to obtain a list of all user accounts that do not have expiring passwords.
What should you do next?()
A. Export the query results to a comma-delimited file. Use a CSVDE script to modify the password property of each user account.
B. From the Results pane of the query, select all user accounts and modify their password properties simultaneously.
C. Export the query results to a comma-delimited file. Use an LDIFDE script to modify the password property of each user account.
D. From the Results pane of the query, select each user account and modify the password property, one by one.
You are the network administrator for The network consists of a single Active Directory domain named . For security reasons,management decides that a particular user must not be able to log on to the domain
after 5:00 P.M. If the user is logged on to the domain at 5:00 P.M., he must be logged off automatically.
You configure the Logon Hours setting for the appropriate user account. Thatnight, you verify that the user cannot log on to the domain after 5:00 P.M. The nextday, you notice that the user is still accessing domain resources at 6:00 P.M. Youverify that the time on the user's computer and on the domain controller arecorrect.
You need to ensure that the user is logged off automatically if he is still working onthe domain after 5:00 P.M.
What should you do?()
A. In Active Directory Users and Computers, on the Sessions tab, configure the End Session setting for the user account. Instruct the user to log off from the domain and log on again.
B. Modify the Default Domain Policy GPO to enforce logoff when logon hours expire. Ensure that the user's computer has the latest Group Policy settings applied.
C. Remove the user's domain account from the local Administrators group on the user's client computer. Instruct the user to log off from the domain and log on again.
D. Use Computer Management on the domain controller. Restart the Net Logon service.
You are the administrator of a Windows 2003 domain The domain contains 20 Windows 2000 Professional computers and two Windows 2003 Server computers.
For the domain, you want to set an account policy that locks any user's account after three consecutive failed logon attempts. You also want to ensure that only administrators will be able to unlock the account.
Which two actions should you take?() (Each correct answer presents part of the solution. Choose two)
A. Set the Account lockout duration value to 0.
B. Set the Account lockout duration value to 3.
C. Set the Account lockout threshold value to 0.
D. Set the Account lockout threshold value to 3.
E. Set the Reset account lockout counter after value to 0.
F. Set the Reset account lockout counter after value to 3.
You are the network administrator for Your network consists of a single Active Directory domain named All network servers run Windows Server 2003, and all client computers run Windows XP Professional.
TestKing has 16 different office locations. Each office is a separate Active Directory site. You work in the main office.
A user named Anne works in a branch office. Every morning for one week, Anne reports that her user account is locked out. Each time, you are obliged to unlock her account. You suspect that Anne's account is being misused or attacked outside of regular business hours.
You need to investigate the cause of the account lockout.
Where should you search for security events?()
A. Only in the event log of a domain controller in your site.
B. Only in the event logs of the domain controllers in Anne's site.
C. In the event logs of all domain controllers in all sites.
D. Only in the event log of Anne's computer.
You are the administrator of an Active Directory domain named A user reports that he forgot his password and cannot log on to the domain. You discover that yesterday morning the user reset his password and successfully logged on to the domain.
You need to enable the user to log on to the domain.
What should you do? ()(Choose two)
A. Use Active Directory Users and Computers to move the account to the default organizational unit (OU) named Users. Instruct the user to restart his computer.
B. Use Active Directory Users and Computers to open the account properties for the user's user account. Clear the Account is locked out check box, and select the User must change password at next logon check box.
C. Use Active Directory Users and Computers to reset the user's password. Give the user the new password.
D. Use Computer Management to reset the password for the local Administrator account.
You are the network administrator for .Your network consists of a single Active Directory domain named . The Default Domain Group Policy object (GPO) uses all default settings.
The network contains five servers running Windows Server 2003 and 800 client computers. Half of the client computers are portable computers. The other half are desktop computers. Users of portable computers often work offline, but users of desktop computers do not.
You install Windows XP Professional on all client computers with default settings.
Then you configure user profiles and store them on the network.
Some users of portable computers now report that they cannot log on to their computers. Other users of portable computers do not experience this problem.
You need to ensure that all users of portable computers can log on successfully,whether they are working online or offline.
What should you do?()
A. Configure all portable computers to cache user credentials locally.
B. Ensure that all users of portable computers log on to the network at least once before working offline.
C. In all portable computers, rename Ntuser.dat to Ntuser.man.
D. For all portable computers, configure the Loopback policy setting.
You are the network administrator for . The network consists of single Active directory domain.
The domain contains a Windows Server 2003 domain controller named TestKing3.
The securews.inf security policy has been applied to the domain. A network application requires a service account. The network application runs constantly.
You create and configure a service account named SrvAcct for the network application. The software functions properly using the new account and service.
You discover an ongoing brute force attack against the SrvAcct account. The intruder appears to be attempting a distributed attack from several Windows XP Professional domain member computers on the LAN. The account has not been compromised and you are able to stop the attack, you restart Server6 and attempt
to run the network application, but the application does not respond.()
A. Reset the SrvAcct password,
B. Configure the default Domain Controllers policy to assign the SrvAcct account the right to log on locally.
C. Unlock the SrvAcct account.
D. Restart the NetAppService service.
You are the domain administrator for . Active Directory domain. All client computers run Windows XP Professional.
A user reports that she attempted to log on six times unsuccessfully. She reports that she logged on successfully yesterday. You discover that the user reset her password three days ago to comply with a new security policy that requires strong passwords.
The account policies that are applied in the Domain Security Group Policy object (GPO) as shown in the following table.
You need to ensure that the user can log on to the domain.
What should you do?()
A. Reset the password for the computer account.
B. Unlock the user account.
C. In the user account properties, select the Password never expires check box for the user account.
D. In the user account properties, select the User must change password on next logon check box for the user account.
You are the network administrator for . Your network consists of a single Active Directory domain named . All network servers run Windows Server 2003, and all client computers run Windows XP Professional.
You install a new file and print server named File1. You configure standard company policies and other local options. You use third-party software to create and save an image of the server. Then you join File1 to the domain.
Six weeks later, you reapply the saved image to File1 and restart the server. You try to log on to the domain by using domain credentials. However, you are unsuccessful.
You need to log on to File1 and re-establish its domain membership. Your solution must require the minimum amount of administrative effort.
Which two actions should you perform? ()(Each correct answer presents part of the solution. Choose two)
A. Reset the computer account for File1 in Active Directory Users and Computers.
B. Reset the password for Administrator account by logging on locally to File1 as a member of the local Power Users group.
C. Reinstall and reconfigure File1.
D. Join File1 to the domain.
E. Remove File1 from the domain.
You are the network administrator for . Your network consists of asingle Active Directory domain. All network servers run Windows Server 2003.
TestKing has offices in Chicago, New York and Los Angeles. Each office has one domain controller. Each office also has its own organization unit (OU), which contains all user accounts and computer accounts in that office.
The Chicago OU is accidentally deleted from Active Directory. You perform an authoritative restoration of that OU.
Some users in Chicago now report that they receive the following error message when they try to log on to the domain.
"The session setup from the computer DOMAINMEMBER failed to authenticate.
The name of the account referenced is the security database in DOMAINMEMBER$. The following error occurred: Access is denied".
How should you solve this problem?()
A. Reset the computer accounts of the computers that receive the error message. Instruct the affected users to restart their computers.
B. Perform a nonauthoritative restoration of Active Directory. Force directory replication on all domain controllers.
C. Restart the Kerberos Key Distribution Center service on each domain controller.
D. Run Nltest.exe on the computers that receive the error message. Restart the Net Logon service on the domain controller on Chicago.
最新试题
You are the domain administrator for TestKing's Active Directory domain. Allservers run Windows Server 2003. All client computers run Windows XPProfessional.A newly installed server was added to your domain. You need to administer thisserver remotely from your client computer.You need to configure the new server to ensure that it can be administeredremotely.What should you do?()
You are the network administrator for TestKing. The network consists of a singleActive Directory domain. All network servers run Windows Server 2003.A member server named TestkingA has a locally attached tape device. TestkingAcontains several folders and files that are encrypted by using Encrypting FileSystem (EFS).You create a new user account for a new employee named Victoria. Victoria's useraccount is member of the Users group only.You need to ensure that Victoria can back up the encrypted folders and files onTestkingA. Victoria must be assigned the minimum administrative privilegesneeded to complete this task.What should you do?()
You are the network administrator for The network consists of a single Active Directory domain named.You configure a new Windows Server 2003 file server named TestKingSrv1.You restore user files from a tape backup, and you create a logon script that maps driveletters to shared files on TestKingSrv1.Users report that they cannot access TestKingSrv1 through the drive mappings youcreated. Users also report that TestKingSrv1 does not appear in My NetworkPlaces.You log on to TestKingSrv1 and confirm that the files are present and that theNTFS permissions and share permissions are correct. You cannot access anynetwork resources. You run the ipconfig command and see the following output.You need to configure the TCP/IP properties on TestKingSrv1 to resolve theproblem.What should you do?()
You are the network administrator for TestKing. The network consists of a singleActive Directory domain.A member server named Testking1 runs Windows Server 2003 and SoftwareUpdate Services (SUS). You perform a full backup of Testking1 every night.Testking1 fails unexpectedly and cannot be restarted. As a result, automatic updatesare no longer distributed within the domain.You need to restore the functionality of Testking1.First, you install Windows Server 2003 on a new computer and configure it as amember server. You name the new computer Testking1 and install all IIScomponents that were installed on the original Testking1. Then you install SUS andobtain the most recent successful backup of the original Testking1.Which two additional actions should you perform?() (Each correct answer presentspart of the solution. Choose two.)
You are the network administrator for TestKing. The network contains a WindowsServer 2003 computer named Testking1.You back up the data folders on Testking1 by using the following schedule:1. Normal backup every Monday.2. Incremental backups every Tuesday, Wednesday, Thursday, and Friday.After the backup on Friday is completed, a user accidentally deletes a file from adata folder on Server1. The user reports that he modified the file in the past week,but he does not know which day he modified the file. You do not know when the filewas last backed up.You need to restore the latest copy of the file as quickly as possible.What should you do?()
You are the administrator of a Windows Server 2003 computer named Testking1.Backups of the System State data of Testking1 occur each day by using the localAdministrator account.A new requirement restricts you from running services by using theAdministrator account. To meet the requirement, you create a new service accountnamed BackupTestking1 to be used for backups. You want this account to have theminimum permissions necessary to perform backups.You need to grant the appropriate permissions to the BackupTestking1 account andto configure the backup job to use the BackupTestking1 account.What should you do?()
You are the network administrator for TestKing. Your network consists of a singleActive Directory domain. You manage a Terminal Server farm that includes fiveterminal servers and a Terminal Services Licensing server named testking9. Allservers run Windows 2000 Server. There are 2,500 users who log on to the terminalservers to access a custom human resource (HR) application.You install Windows Server 2003 on a new server named testking10. Testking10 isconfigured with all default settings enabled. You install Terminal Services and theHR application on testking10. You instruct some users to access the HR applicationon testking10.Four months later, users report that they can no longer establish Terminal Servicessessions to testking10. You verify that users can connect to the other terminalservers in your Terminal Server farm.You need to ensure that users can run the HR application on all terminal servers onthe network.What should you do?()
You are the network administrator for You administer a Windows Server 2003 computer named TestKing2. User profiles are stored on TestKing2.A user named Sandra reports that she accidentally deleted a folder namedTestKingStuff from her user profile. She needs to have her TestKingStuff folderrestored. Other users are accessing TestKing2, and you do not want to negativelyaffect their work. You locate the latest backup that contains the files that you needto restore.You need to restore Sandra's TestKingStuff folder. You want to achieve this goal byusing the minimum amount of administrative effort.What should you do?()
You are the administrator of a Windows Server 2003 computer named Testking1.An application on Testking1 gradually uses more and more memory until it causesTestking1 to stop responding. If you restart the application before it uses theavailable memory, there is no interruption of user services.You need to configure Testking1 to notify you when it encounters a low-memorycondition.What should you do?()
You are the network administrator in the New York office of TestKing.The company network consists of a single Active Directory domain The New York office currently contains one Windows Server 2003 file server named TestKingA.All file servers in the New York office are in an organizational unit (OU) namedNew York Servers. You have been assigned the Allow - Change permission for aGroup Policy object (GPO) named NYServersGPO, which is linked to the NewYork Servers OU.The written company security policy states that all new servers must be configuredwith specified predefined security settings when the servers join the domain. Thesesettings differ slightly for the various company offices.You plan to install Windows Sever 2003, on 15 new computers, which all functionsas file servers. You will need to configure the specified security settings on the newfile servers.TestKingA currently has the specified security settings configured in its localsecurity policy. You need to ensure that the security configuration of the new fileservers is identical to that of TestKingA. You export a copy of TestKingA's localsecurity policy settings to a template file.You need to configure the security settings of the new servers, and you want to usethe minimum amount of administrative effort.What should you do?()