our network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.”
You find that users on the corporate network do not receive this error.You need to ensure that external users do not receive the warning message when connecting to Server1.
What should you do?()
A.In IIS Manager, enable the Enable client certificate mapping option.
B.In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.
C.In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.
D.In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data
您可能感兴趣的试卷
你可能感兴趣的试题
our network contains a DNS server that has a reverse lookup zone for all of your network segments. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). An IP security policy is assigned to Server1.You verify IPSec traffic and see that the current security associations display only by IP address. You need to view the fully qualified domain names for all security associations.
What should you do?()
A.From the DNS console, add Server1 as a name server.
B.From the DNS console, change dynamic updates to Secure only.
C.From IP Security Monitor on Server1, enable DNS name resolution.
D.From IP Security Monitor on Server1, create a new taskpad view.
A.Kerbtray
B.Sc /query kdc
C.Netdiag /test:Kerberos
D.Nltest /sc_query:Contoso.com
A.Install a Web server certificate on Server2.
B.Configure the Web site to require a secure channel.
C.Configure the Web site to redirect all requests to https://Server2.
D.Configure the Web site to require integrated Windows authentication.
our network consists of an internal network and a perimeter network. On the internal network there is a server named Server1. On the perimeter network there is a server named Server2. All servers run Windows Server 2003 Service Pack 2 (SP2).You schedule a task to transfers files from Server1 to Server2 by using FTP.You monitor the network traffic from Server1 to Server2 and notice that the user name and password used for the FTP transfer are sent as plain text.
You need to ensure that all FTP traffic between Server1 and Server2 is encrypted.
What should you do?()
A.Implement IPSec.
B.Install a server certificate on Server1.
C.Install a server certificate on Server2.
D.Use the Encrypting File System on Server1.
A.\Modify the Local Security Policy on Server1.
B.Modify the Research IPSec Policy Group Policy object.
C.Enable Windows Firewall and do not allow exceptions.
D.From the Properties of the Local Area Connection, modify the Authentication settings.
A.View the WindowsUpdate.log file.
B.Create a new log view in Event Viewer.
C.From Update Services, view the WSUS Updates update view.
D.From Update Services, run an Update Status Summary report.
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2).You have two servers named Server1 and Server2. Server2 is on an isolated network segment. Both servers run Windows Server Update Services (WSUS) 3.0 and have the same WSUS configurations. You copy the WSUS updates from Server1 to Server2.You need to ensure that Server2 has the same WSUS approvals as Server1.
What should you do?()
A.On Server1, run wsusutil.exe and use the export parameter. On Server2, run wsusutil.exe and use the import parameter.
B.On Server1, run wsustil.exe and use the movecontent parameter. On Server2, run wsustil.exe and use the movecontent parameter.
C.On Server1, export the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Update Services\Server\Setup registry key. On Server2, import the registry key.
D.On Server1, create a backup of the %systemdrive%\WSUS\ folder. On Server2, restore the backup.
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You have a server named Server1 that has Windows Server Update Services (WSUS) 3.0 installed. You need to ensure that all WSUS clients download approved updates directly from the Windows Update site.
What should you do?()
A.From the Default Domain Policy, configure the Background Intelligence Transfer Service settings.
B.From the Default Domain Policy, configure the Windows Update settings.
C.From the Update Services console, create a new automatic approvals rule.
D.From the Update Services console, configure the Update Files and Languages settings.
A.From the command prompt, run wuauclt.exe.
B.From the command prompt, run wsusutil.exe.
C.From the Update Services console, run the WSUS Server Configuration Wizard.
D.From the Local Computer Policy, specify the location on the intranet for the Microsoft update service.
A.On Server2, modify the Update Source and Proxy Server settings.
B.On Server2, modify the Update Files and Languages settings.
C.On Server2, run the Windows Server Update Services 3.0 setup wizard.
D.On Server1, run the WSUS Server Configuration Wizard.
最新试题
你是A.Datum公司的网络管理员。网络是一个单活动目录域环境,域名adatum.net。Adatum.com域名下的所有Web服务,电子邮件服务都外包给了一家ISP。所有对adatum.com的名称解析都由ISP提供。你无权管理ISP处的DNS服务器。你不可以在ISP的DNS服务器上使用nslookup命令列出阿datum .com的资源内容。一台Windows Server 2003计算机Server1上配置了adatum .net的一个主要区域。Server1上的所有根提示已被删除了。所有客户端计算机都向这台计算机提交名称解析。你要配置该服务器的DNS解析以保证所有的客户端计算机都能定位并访问adatum.com,adatum.net及互联网的资源。你该如何操作?()
你是公司网络管理员。网络中包含一个单活动目录域。所有的服务器运行Windows Server 2003。所有的客户端运行Windows XP Professional。 你要实施一个新的软件升级结构。你发现网络中的所有客户计算机都没有安装安全补丁,紧急升级,升级包。你在一台Windows Server 2003服务器Server5上安装了WSUS服务。你进行同步并批准了当前所有的安全补丁,紧急升级,升级包数据。你要确保所有的客户端计算机接收到全部的Microsoft安全补丁,紧急升级,升级包数据。你将采取哪两个操作?()
你是公司网络管理员。所有的服务器运行Windows Server 2003。有20名公司员工连到终端服务器Server2上运行程序和通过它访问外网。 这20名员工报告说当他们浏览外网站点时,收到一些安全提示消息。并且一旦连接到Server2上时就不能修改自己客户端计算机浏览器的安全设置项。你需要让这20名用户在连上Server2时能够在自己的计算机上修改IE的安全设置项。你该如何做?()
你是公司网络管理员。网络中有一台Windows server 2003服务器Server1。三个管理员都是Server1的管理员本地组的成员。另外12个管理员是域管理组成员。域管理组也是Server1上的管理员本地组成员。有人未经授权修改了Server1的HKEY_LOCAL_MACHINE\SYSTEM键值。这导致了计算机当机。你要修复这问题。你需要记录下所有对Server1的注册表中HKEY_LOCAL_MACHINE\SYSTEM键值的访问尝试。你决定在Server1的本地安全策略中启用审核功能。你将采取哪两个操作步骤?()
你是Fourth Coffee公司在Paris(巴黎)子办公室的网络管理员。在Paris办公室中有一台Windows Server 2003 DNS 服务器Server10。在Server10上有一个主要区域fourthcoffee.Com 。在Paris办公室中的客户机都使用Server10为首选DNS服务器。Berlin(柏林)办公室中有一台UNIX DNS服务器Server11。Server11上有一个主要区域engineering.fourthcoffee.com 。engineering.fourthcoffee.com区域上的刷新间隔为24小时。 在Berlin办公室中,有一防火墙过滤来自其他办公室的通信。防火墙中定义了一规则,通过对Server11的DNS Lookups(DNS查找)操作,来阻止Paris办公室中除Server10之外的计算机通信。有一个操作事务,要求在engineering.fourthcoffee.com区域中创建新记录的时候和Paris办公室中的计算机记录被解析时,不出现延迟。Paris办公室中的所有计算机必须能够识别使用engineering.fourthcoffee.com区域的名称空间。你需按要求在Server10上配置DNS服务:你该如何操作?()
你是公司网络管理员。公司网络是一个单活动目录域。域中有一个组织单元(OU)Webservers。在Webservers中包含12台作为内网Web Server的Windows Server 2003计算机的账号。组策略对象(GPO)WebserversPolicy链接到了组织单元Webservers。该GPO被用来配置OU中计算机的各种设置。在每个内网Web Server的管理员本地组中有一个名为WebserverAdmins的全局组成员。你计划在每个内网Webserver上安装一个安全扫描应用程序。该应用程序文档规定它必须使用一个服务账号,以此能够对安装了该应用程序的计算机的注册表的HKEY_LOCAL_MACHINE\SYSTEM键值进行修改。 你在域中创建了这个服务账号。公司的安全策略规定:安全账号只能分配得到完成功能的最低限度权利和许可。你需要配置内网的Web servers以便该安全扫描应用程序能够被安装接受。你同时也要遵从公司的安全策略。你要用最低的管理花销实现这个目的。你该怎么做?()
你是一活动目录域的管理员。所有的服务器运行Windows Server 2003。你将一台Server3配置为域中的DNS服务器。公司最近使用了新的ISP。自从ISP变更后,用户反应不能使用完全合格域名(FQDN)访问外网站点。 你手动配置了一台计算机,使用新的ISP提供的DNS服务器IP地址进行测试。测试计算机能够使用FQDN访问外网站点。你需要确保网络用户能够使用FQDN访问外网站点,同时用户对内网资源的访问不被中断。有哪两种可行的方法可以实现这目的?()
你是公司网络管理员。网络中包含一个单活动目录域。域中有35台Windows Server 2003计算机,3000台Windows XP Professional计算机和2000台Windows 2000 Professional计算机。Windows Server Update Service(WSUS)安装在服务器Server1上。配置了必须的组策略对象(GPO)。你需要确认域中的所有计算机都从Server1上接受到了被核准的升级包。你该如何操作?()
你是公司网络管理员。网络是一单活动目录域环境。域中有35台Windows server 2003,3000台Windows XP Pro,2200台Windows 2000 Pro。公司的安全策略规定域中所有的计算机必须检查检修,符合以下要求: 检查是否所有的可用安全升级都被安装;检查是否共享目录都可用;在每个硬盘上记录文件系统类型,你需要提供每台计算机的安全评估分析,并核实满足制定的安全策略要求。你该如何操作?()
你是一活动目录域的管理员。所有的服务器运行Windows Server 2003。所有的客户端计算机都是域中成员,运行Windows XP Professional。域中包含唯一的DNS服务器Server1。Server上的根提示功能开启。公司对Internet的访问由服务器Server2提供的网络地址转换功能(NAT)实现。Server2通过ISP和互联网永久连接。用户报告说不能访问http://www.adatum.com..但是可以访问其他的外网站点和内网络的资源。你可以从公司网络之外的计算机上访问http://www.adatum.com.站点。 你需要确保这些用户能够访问http://www.adatum.com.站点。同时要确保这些用户能够继续访问内网资源。下列哪两种操作你将采用?()