Your network consists of a single Active Directory domain named contoso.com. The functional level of thedomain is Windows Server 2003. Contoso contains two global groups named Users-Global and Managers-Global.Contoso contains 10 servers that run Windows Server 2003 Service Pack 2 (SP2). Each server has two localgroups as shown in the following table.Each Users-Resources local group has access to the local resources on the server.You need to implement a security solution that meets the following requirements:·Managers-Global members must have access to all the resources that are accessible to Users-Global members.·The solution must minimize administrative effort.What should you do?()
<img src='https://img2.soutiyun.com/shangxueba/ask/17130001-17133000/17130384/f230763828f91be45da8982e84b47edb.jpg' />
A. Add the Managers-Global group to the Users-Global group.
B. Add the Managers-Global group to the Users-Resources local group on each server.
C. Create two universal groups named Users-Universal and Managers-Universal. Assign the two universal groups permissions to the resources.
D. Create two domain local groups named Users-Domain-Local and Managers-Domain-Local. Assign the two domain local groups permissions to the resources.
时间:2024-07-05 03:23:58
-
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2).You need to ensure that computers can receive IP configurations from the DHCP server. What should you do?()
A . Add a scope option.
B . Add a server option.
C . Authorize the DHCP server.
D . Reconcile the DHCP scope.
-
The network consists of a series of routers that are all configured for IBGP. Which one of thefollowing IBGP characteristics is true?()
A . The IBGP routers must always be fully meshed
B . The IBGP routers can be in a different AS
C . The IBGP routers must be directly connected
D . The IBGP routers do not need to be directly connected
E . None of the other alternatives apply are true
-
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. You need to capture all replication errors from all domain controllers to a central location. What should you do()
A . Configure event log subscriptions.
B . Start the System Performance data collector set.
C . Start the Active Directory Diagnostics data collector set.
D . Install Network Monitor and create a new capture.
-
Your network consists of a single Active Directory domain. You have a member server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). You need to track all authentication attempts on Server1. What should you do?()
A . Enable auditing of logon event events in Server1’s local policy.
B . Enable auditing of logon event events in the Default Domain Controller Policy.
C . Enable auditing of account logon event events in Server1’s local policy.
D . Enable auditing of account logon event events in the Default Domain Controller Policy.
-
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. You need to capture all replication errors from all domain controllers to a central location. What should you do()
A . Configure event log subscriptions.
B . Start the System Performance data collector set.
C . Start the Active Directory Diagnostics data collector set.
D . Install Network Monitor and create a new capture.
-
Your network consists of a single Active Directory domain. You have a member server that runs Windows Server 2003 Service Pack 2 (SP2). Your need to manage domain user accounts from the member server. What should you do? ()
A . Install Windows Support Tools, and then run lusrmgr.msc.
B . Run control userpasswords2. Use the advanced user management option.
C . Run mmc.exe and then add the Active Directory Users and Computers snap-in.
D . Install the Management and Monitoring Tools components, and then run compmgmt.msc.
-
Your network consists of a single Active Directory domain. The functional level of the forest is Windows Server 2008 R2. You need to create multiple password policies for users in your domain. What should you do()
A . From the Active Directory Schema snap-in, create multiple class schema objects.
B . From the ADSI Edit snap-in, create multiple Password Setting objects.
C . From the Security Configuration Wizard, create multiple security policies.
D . From the Group Policy Management snap-in, create multiple Group Policy objects.
-
Your network consists of a single Active Directory domain All domain controllers run WIndows Server 2008. You need to capture all replication errors from all domain controllers to a central localion What should you do()
A . configure event log subscriptions.
B . Start the System Performance data collector set.
C . start the Active Directory Diagnostics data collector set.
D . Install Network Monitor and create a new a new capture.
-
The PassGuide network consists of a series of routers that are all configured for IBGP. Which one of the following IBGP characteristics is true()
A . The IBGP routers must always be fully meshed.
B . The IBGP routers can be in a different AS.
C . The IBGP routers must be directly connected.
D . TThe IBGP routers do not need to be directly connected.
E . None of the other alternatives apply are true
-
Your network consists of a single Active Directory domain. The functional level of the forest is Windows Server 2008 R2. You need to create multiple password policies for users in your domain. What should you do()
A . From the Active Directory Schema snap-in, create multiple class schema objects.
B . From the ADSI Edit snap-in, create multiple Password Setting objects.
C . From the Security Configuration Wizard, create multiple security policies.
D . From the Group Policy Management snap-in, create multiple Group Policy objects.
-
Your network consists of a single Active Directory domain. You have a terminal server that runs Windows Server 2003 Service Pack 2 (SP2). You need to prevent users from establishing multiple Remote Desktop connections to the server. What should you do? ()
A . Install and configure Terminal Server Licensing.
B . From Terminal Services Manager, modify the user sessions.
C . From Terminal Services Configuration, modify the server settings.
D . From Active Directory Users and Computers, modify the Sessions settings for each user account.
-
The Testking corporate LAN consists of one large flat network. You decide to segment this LAN into two separate networks with a router. What will be the affect of this change?()
A . The number of broadcast domains will be decreased.
B . It will make the broadcasting of traffic between domains more efficient between segments.
C . It will increase the number of collisions.
D . It will prevent segment 1's broadcasts from getting to segment 2.
E . It will connect segment 1's broadcasts to segment 2.
-
Which implement phase service component consists of preparing for migration,excuting a network migration plan,and completing migration test cases?()
A . staging and system migration
B . post implementation support handoff meeting
C . detailed design development
D . staff training
E . migration plan development
-
Your wireless network is not listed in the Connect to a network window of your computer. You need to connect to your wireless network. Which two actions should you perform?()
A . Right-click and click the Diagnose option in the Connect to a network window.
B . Set the security type value to No authentication in the wireless network properties dialog box.
C . Click the Manually connect to a wireless network option in the Set up a connection or network window.
D . In the Wireless Network properties dialog box, click the Connect even if the network is not broadcasting option.
E . Configure the correct IP address, subnet mask, and default gateway for the target network in the wireless network connection properties dialog box.
-
You are a network administrator for The network consists of a single Active Directory domain named.
The domain contains two Windows Server 2003 terminal servers that host applications that are used by company employees. An organization unit (OU) named TerminalServers contains only the computer accounts for these two Terminal servers. A Group Policy object (GPO) named TSPolicy is linked to the TerminalServers OU, and you have been granted the right to modify the GPO.
Users should use the terminal servers to run only authorized applications. A custom financial application suite is currently the only allowed application. The financial application suite is installed in the folder C:\Program Files\MT Apps. The financial application suite contains many executable files.
Users must also be able to use Internet Explorer to access a browser-based application on the company intranet. The browser-based application makes extensive use of unsigned ActiveX components.
The financial application suite and the browser-based application are frequently updates with patches or new versions.
You need to configure the terminal servers to prevent users from running unauthorized applications. You plan to configure software restriction policies in the TSPolicy GPO. To reduce administrative overhead, you want to create a solution that can be implemented once, without requiring constant reconfiguration.
Which three actions should you perform to configure software restriction polices?()
(Each correct answer presents part of the solution. Choose three)
-
You are the network administrator for The network consists of a single ActiveDirectory domain named All domain controllers run Windows Server 2003, and each one has a locally attached tape device.You need to back up each domain controller. Your backup process must fulfil the following requirements:System recovery must be possible in the event of server failure.The system configuration and all current dynamic disk configurations must be backed up.Other data partitions do not need to be backed up.What should you do?()
A. Use the Backup utility to back up the system files and to create an Automated System Recovery (ASR) disk.
B. Use the Backup utility to back up the contents of all mounted drives.
C. Use the Backup utility to back up only the System State data.
D. Use the Copy command to copy C:\windows and its subfolders to a shared folder on the network.
E. Use the Xcopy command to copy C:\windows and its subfolders to a shared folder on the network.
-
Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003.You extend the Active Directory Schema to support a custom user attribute.You need to assign the same value to the custom attribute for 1,500 users. You must achieve this goal by using the minimum amount of administrative effort.Which tool should you use? ()
A.Adsiedit.msc
B.Csvde.exe
C. Dsmod.exe
D. Ldifde.exe
-
You are the network administrator for your company. The network originally consists of a single Windows NT 4.0 domain.
You upgrade the domain to a single Active Directory domain. All network servers now run Windows Server 2003, and all client computers run Windows XP Professional.
Your staff provides technical support to the network. They frequently establish Remote Desktop connections with a domain controller named DC1.
You hire 25 new support specialists for your staff. You use Csvde.exe to create Active Directory user accounts for all 25.
A new support specialist named Paul reports that he cannot establish a Remote Desktop connection with DC1. He receives the message shown in the Logon Message exhibit. (Click the Exhibit button.)
<img src='https://img2.soutiyun.com/ask/uploadfile/2019-03-27/c1ca10b5ef7976b1e62efd8e32fc3420.jpg' />
You open Gpedit.msc on DC1. You see the display shown in the Security Policy exhibit. (Click the Exhibit button.)
<img src='https://img2.soutiyun.com/ask/uploadfile/2019-03-27/35218487c59e1ec9d3305e8d5fd23b81.jpg' />
You need to ensure that Paul can establish Remote Desktop connections with DC1.
What should you do? ()
-
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 ServicePack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3).You have a user account named User1.You need to identify which permissions User1 has on a file.What should you do?()
A. At a command prompt, run Net file.
B. At a command prompt, run Attrib.exe.
C. From the file properties, view the Summary settings.
D. From the file properties, view the Advanced Security settings.
-
Your network consists of a single Active Directory domain.You install a new backup program. The backup program requires a service account.You create a service account in the domain.You need to ensure that the service account can back up all member servers and client computers in the domain.You must ensure that the service account cannot be used to restore files and folders.What should you do?()
A. Add the service account to the domain Backup Operators group.
B. Add the service account to the Backup Operators group on every server and every client computer.
C. Assign the Back up files and directories user right by using a Group Policy object (GPO).
D. Assign the Impersonate a client after authentication user right by using a Group Policy object (GPO).
-
You are the network administrator for your company. The network consists of a single Active Directorydomain. All network servers run Windows Server 2003, and all client computers run Windows XPProfessional.A user named Peter uses a client computer named Client1. This computer has a locally attached tapedevice.You grant Peter the necessary permissions to perform backups of a member server named Server1. Peter runs the Backup utility on Client1 to back up the files located on Server1.You need use your client computer to view the most recent backup logs for Server1.What should you do? ()
A. Use Notepad to view the contents of the backup report located on Server1.
B. Use Notepad to view the contents of the backup report located on Client1.
C. Use Event Viewer to view the contents of the application log located on Server1.
D. Use Event Viewer to view the contents of the application log located on Client1.
-
Your network consists of a single domain. All domain controllers run Windows Server 2003 ServicePack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3).You need to ensure that users’ personal settings are the same when they log on to different clientcomputers in the domain.What should you do? ()
A. From the properties of each user account, configure a profile path.
B. From the properties of each user account, configure a home folder path.
C. From the Default Domain Policy, configure a logon script that runs Loadstate.exe.
D. From the Default Domain Policy, configure a logon script that runs Scanstate.exe.
-
Your network consists of a single Active Directory domain. The domain contains a server namedServer1 that runs Windows Server 2003 Service Pack 2 (SP2).Your company’s security policy states that domain users must be prevented from logging on to Server1 ifa domain controller is unavailable.You disconnect Server1 from the network and discover that you can log on to Server1.You need to configure Server1 to comply with the company’s security policy.What should you do on Server1?()
A. From the local security policy, modify the Security Options.
B. From the local security policy, modify the User Rights Assignment.
C. From Active Directory Users and Computers, modify the properties of the Server1 account.
D. From Active Directory Users and Computers, modify the properties of the Domain Computers group.
-
Your network consists of a single Active Directory domain. All servers run Windows Server 2003Service Pack 2 (SP2).You enable auditing for failed logon attempts on all domain controllers.You need to ensure that a record of failed logon attempts is retained for 90 days on all domain controllers.What should you do?()
A. From the Security Templates snap-in, open the hisecdc template. Modify the Retain System Log setting.
B. From the Security Templates snap-in, open the securedc template. Modify the Retain Security Log setting.
C. Open the Default Domain Policy. Modify the Retain System Log setting.
D. Open the Default Domain Controller Policy. Modify the Retain Security Log setting.
-
You are a network administrator for your company. The network consists of a single Active Directorydomain.A user named Mary works in the information technology security department. Mary is a member of theITSecurity global group. Mary reports that no one in the ITSecurity global group can access the securitylog from the console of a computer named Server1.You need to grant the ITSecurity global group the minimum rights necessary to view the security log onServer1.How should you modify the local security policy?()
A. Assign the Generate security audits user right to the ITSecurity global group.
B. Assign the Manage auditing and security logs user right to the ITSecurity global group.
C. Assign the Allow logon through Terminal Services user right to the ITSecurity global group.
D. Assign the Act as part of the operating system user right to the ITSecurity global group.