A.From Network Interfaces, create a new demand-dial interface.
B.From the properties of the server, disable multilink connections.
C.From the port properties, configure the WAN Miniport (PPTP) device.
D.From the properties of the server, configure the IP address assignment settings.
您可能感兴趣的试卷
你可能感兴趣的试题
Your company has a main office and one branch office. All servers run Windows Server 2003 Service Pack 2 (SP2).The main office has a third-party gateway device named Gateway1. Gateway1 is connected to the internal network and the Internet. Gateway1 supports IPSec. In the branch office, you have a server named Server1. You create an IPSec policy on Server1.You need to ensure that Server1 can establish an IPSec tunnel to Gateway1.
What should you use to configure the IPSec policy?()
A.an IP filter that allows only Internet Control Message Protocol (ICMP) traffic
B.an IP filter that allows only TCP traffic on port 1701
C.a pre-shared key for authentication
D.Kerberos authentication
Your company has a main office and one branch office. Your network consists of an Active Directory domain.You have a remote access server in the main office named Server1. You have a remote access server inthe branch office named Server2.Server2 has a demand-dial interface that connects to Server1. The demand-dial interface connects by using a domain account named Ras1.You need to prevent Server2 from establishing new demand-dial connections to the main office between 18:00 and 08:00.
What should you do?()
A.Modify the dial-in properties of the Ras1 account.
B.Modify the dial-out hours on the demand-dial interface.
C.Modify the IP demand-dial filters on the demand-dial interface.
D.Enable Bandwidth Allocation Protocol (BAP) on Server2.
Your company consists of a single Active Directory domain that is configured in Windows 2000 native mode. All servers run Windows Server 2003 Service Pack 2 (SP2). You deploy a Routing and Remote Access server to provide VPN access to the network.You need to ensure that only members of a group named Sales can access the network through the VPN. The solution must minimize the administrative effort required to manage remote access.
What should you do?()
A.Allow dial-in access for the user accounts of all Sales group members.
B.Deny dial-in access for the user accounts of all users except the Sales group members.
C.Create a remote access policy and assign the Allow - Remote Access permission. Add the Windows-Groups condition and specify the Sales group.
D.Create a remote access policy and assign the Deny - Remote Access permission. Add the Windows-Groups condition and specify all Active Directory groups except for Sales.
A.From the Internet Authentication Service snap-in on Server2, create a new RADIUS client.
B.From the Internet Authentication Service snap-in on Server2, create a new remote access policy.
C.From the Routing and Remote Access snap-in, configure Server1 to use RADIUS accounting.
D.From the Routing and Remote Access snap-in, configure Server1 to use RADIUS authentication.
A.From the local computer policy on Server1, modify the Account Policies settings.
B.From Active Directory Users and Computers, modify the Security settings of Group1.
C.From the Routing and Remote Access snap-in, create a new remote access policy.
D.From the Routing and Remote Access snap-in, open the properties of Server1 and modify the security options.
A.Configure the port properties.
B.Create and configure a new demand-dial interface.
C.From the server’s properties, modify the security options.
D.From the Connections to Microsoft Routing and Remote Access Server policy, add a new condition.
A.On Server1, assign the Client (Respond only) IPSec policy.
B.On Server2, assign the Server (Request Security) IPSec Policy.
C.On Server1 and Server2, modify the authentication settings in the Secure Server (Require security) IPSec Policy.
D.On Server1 and Server2, enable Master Key perfect forward secrecy (PFS) in the Secure Server (Require security) IPSec Policy.
our network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.”
You find that users on the corporate network do not receive this error.You need to ensure that external users do not receive the warning message when connecting to Server1.
What should you do?()
A.In IIS Manager, enable the Enable client certificate mapping option.
B.In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.
C.In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.
D.In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data
our network contains a DNS server that has a reverse lookup zone for all of your network segments. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). An IP security policy is assigned to Server1.You verify IPSec traffic and see that the current security associations display only by IP address. You need to view the fully qualified domain names for all security associations.
What should you do?()
A.From the DNS console, add Server1 as a name server.
B.From the DNS console, change dynamic updates to Secure only.
C.From IP Security Monitor on Server1, enable DNS name resolution.
D.From IP Security Monitor on Server1, create a new taskpad view.
A.Kerbtray
B.Sc /query kdc
C.Netdiag /test:Kerberos
D.Nltest /sc_query:Contoso.com
最新试题
你是公司网络管理员。你在公司Chicago的办公室工作。你们办公室网络中有40台Windows XP Pro桌面机和1台Windows Server 2003 服务器Server1。Server1通过一条512-Kbps的租用线路连接互联网。公司主办公室在Seattle。在Chicago办公室中的桌面机用户是一种新软件产品的开发人员。你要让这些用户在Server1上的一个共享文件夹中保存每天的工作记录。你要让在Seattle的用户可以同FTP从该文件夹中下载这些记录据。你在Server1安装了IIS并配置了FTP服务站点,以便Seattle的用户可以下载这些数据。 但是你监视发现有来自互联网的连接试探,并注意到有大量的HTTP连接。你要加强Server1的安全,以便不受互联网中恶意用户的影响。Server1也必须连接到互联网中下载升级数据和更新病毒库。你需要再采购一些硬件或软件。你将对Server1如何操作?()
你是一活动目录域的管理员。所有的服务器运行Windows Server 2003。你将一台Server3配置为域中的DNS服务器。公司最近使用了新的ISP。自从ISP变更后,用户反应不能使用完全合格域名(FQDN)访问外网站点。 你手动配置了一台计算机,使用新的ISP提供的DNS服务器IP地址进行测试。测试计算机能够使用FQDN访问外网站点。你需要确保网络用户能够使用FQDN访问外网站点,同时用户对内网资源的访问不被中断。有哪两种可行的方法可以实现这目的?()
你是Adventure Works的DNS管理员。Adventure Works是一家互联网服务提供商(ISP),为许多公司提供Web站点运行服务。每一个Adventure Works的DNS服务器上都为用户们运行着多个DNS区域。几个Adventure Works管理员被允许添加DNS区域。你打算每周制定一个报告,列出在每个DNS服务器上的全部区域。你该如何操作?()
你是公司网络管理员。网络是一个单活动目录域环境。所有的服务器运行Windows Server 2003。所有的客户端运行Windows XP Professional。有一新的低优先级别升级包Q318138从网络中的WSUS服务器上同步发行。你决定不测试升级包直接批准通过。在该升级包应用在客户机上后,用户反应不能运行一个统计账目程序。 你需要从所有客户端计算机上删除该升级包,直到它被测试通过。你该如何操作?()
你是公司的网络管理员。网络是一单活动目录域环境。域中有3台Windows Server 2003域控制器,20台Windows Server 2000域成员服务器,还有750台Windows XP Pro计算机。域中配置为只允许使用Kerberos协议对服务器连接认证授权。有用户报告当他试图连接一台域成员服务器时,收到“Access denied”(访问拒绝)错误提示。你要在用户的客户机上测试Kerberos授权功能。在用户的客户机上的命令提示符(cmd)下,你要运行那些命令?()
你是一活动目录域的管理员。所有的服务器运行Windows Server 2003。所有的客户端计算机都是域中成员,运行Windows XP Professional。域中包含唯一的DNS服务器Server1。Server上的根提示功能开启。公司对Internet的访问由服务器Server2提供的网络地址转换功能(NAT)实现。Server2通过ISP和互联网永久连接。用户报告说不能访问http://www.adatum.com..但是可以访问其他的外网站点和内网络的资源。你可以从公司网络之外的计算机上访问http://www.adatum.com.站点。 你需要确保这些用户能够访问http://www.adatum.com.站点。同时要确保这些用户能够继续访问内网资源。下列哪两种操作你将采用?()
你是公司网络管理员。所有的服务器运行Windows Server 2003。有20名公司员工连到终端服务器Server2上运行程序和通过它访问外网。 这20名员工报告说当他们浏览外网站点时,收到一些安全提示消息。并且一旦连接到Server2上时就不能修改自己客户端计算机浏览器的安全设置项。你需要让这20名用户在连上Server2时能够在自己的计算机上修改IE的安全设置项。你该如何做?()
你是公司网络管理员。网络中有一台Windows server 2003 Web服务器WebServer1。WebServer1通过专线和互联网连接。你负责监视WebServer1的宽带利用率。你在WebServer1上运行系统监视器监视记录Network Interface object上的Byte Total/sec(总字节数/秒)计数。数据包采样率计数器为每15秒一次。日志记录每天保存一次。已经没有足够的磁盘空间存储日益变大的系统监视器日志记录。你需要重新配置监视器的日志记录设置,以减少捕获数据量。你该如何操作?()
你是公司网络管理员。网络是一个单活动目录域环境。所有的服务器运行Windows Server 2003。所有的客户端运行Windows XP Professional。 你在Server1上安装了WSUS服务。你在对Server1和微软公司Windows Update Server同步时,收到错误提示信息。你打开IE浏览器检查验证了可以通过网络的代理服务器(Proxy Server)访问外网站点。你要确保Server1可以和微软公司的Windows Update Server进行同步通信。你该如何操作?()
你是Fabrikam.Inc公司网络管理员。网络是一单活动目录域环境,域名fabrikam.com。一台Windows server 2003服务器Server1为域中提供DNS服务器功能。WingTip Yoys是Fabrikam公司的一个分部。WingTip Toys中有一单活动目录域环境,域名Wingtipyoys.com。Server1是的Wingtipyoys.com的辅助区域服务器。你监视着两个域间的通知通信。当Wingtipyoys.com的主要区域服务器上有可用变化并通知Server1服务器数据同步时,你要将之记录下来。你该怎么操做?()