You need to design a security strategy for the Web folders and files created by the consultants and the internal Web developers. What are two possible ways to achieve this goal？（）

相似题目

• You need to design a method for junior IT administrators to perform more IT support tasks. Your solution must meet business and security requirements. What should you do？（）

  A . Delegate appropriate Active Directory permissions to the junior IT administrators B . Add the junior IT administrators’ user accounts to the Domain Admins user group C . Create a custom Microsoft Management Console （MMC） that uses taskpad views to enable the appropriate tasks for the junior IT administrators D . Make the junior IT administrators’ domain user accounts member of the local Administrators group on all client computers E . Create new domain user accounts for each junior IT administrator. Make the new accounts members of the Domain Admins group and instruct junior IT administrators to use the new accounts only for appropriate administrative task

  查看最佳答案

• You need to design a method to implement account policies that meets the requirements in the written security policy. What should you do？（）

  A . Create a GPO and link it to the New York OU， to the Denver OU， and to the Dallas OU.Configure the GPO with the required account policy settings B . On all computers in the domain， configure the Local Security Policy7 with the required account policy settings C . Configure the Default Domain Policy GPO with the required account policy settings D . Configure the Default Domain Controllers Policy GPO with the required account policy setting

  查看最佳答案

• You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do？（）

  A . Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domain B . Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security template C . Create a logon script to run the secedit command to analyze all servers in the domain D . Run the Microsoft Baseline Security Analyzer （MBSA） on a server to scan for Windows vulnerabilities on all servers in the domai

  查看最佳答案

• You need to design a security solution for the internally developed Web applications that meets business requirements. What should you do？（）

  A . Install and configure a stand-alone root certification authorative （CA） that is trusted by all company client computers. Issue encryption certificates to all developers B . Install and configure root certification authority （CA） that is trusted by all company client computers. Issue code-signing certificates to all developers C . Purchase a root certification from a trusted commercial certification authority （CA）. Install the root certificated on all developers’ computers D . Purchase a code-signing certificate from a trusted commercial certification authority （CA）. Install the certificate on all company client computer

  查看最佳答案

• You need to design a security strategy for the DHCP servers in the Seattle office. Which two actions should you perform？（）

  A . Disable all unnecessary services on each DHCP server B . Modify the discretionary access control lists （DACLs） in Active Directory so that only members of the Enterprise Admins security group can authorize additional DHCP servers C . Use an IPSec policy that allows only the packets necessary for DHCP and domain membership for each DHCP server D . Install a digital certificate for SSL on each DHCP server

  查看最佳答案

• You need to design a method to address the chief information officer’s security concerns. What should you do？（）

  A . Configure Windows Management Instrumentation （WMI） filtering options in the Default Domain Policy GPO B . Use the gpresult command C . Use Mbsacli.exe D . Configure software restriction policy options in the Default Domain Policy GPO

  查看最佳答案

• You need to design a permission structure for registry objects that enables the legacy application at the resorts to run. Your solution must comply with the written security policy.  What should you do？（）

  A . Create a GPO. Link the GPO to the OUs that contain computer accounts for computers that run the legacy application， Use the GPO to give the Domain Users security group full control on the partitions of the registry that the legacy application uses B . Create a GPO. Link the GPO to the OUs that contain computer accounts for computers that run the legacy application. Use the GPO to give the Domain Users security group full control on the HKEY_USERS partition of the registry C . Create a GPO. Link the GPO to the OUs that contain computer accounts for computers that run the Legacy application. Use the GPO to make all users who require access to the application members of Local Administrators group on each computer D . Create a GPO. Link the GPO to the OUs that contain computer accounts for computers that run the Legacy application. Use the GPO to give all users who require access to the application full control for the Ntuser.dat file

  查看最佳答案

• You need to design a method to monitor the security configuration of the IIS server to meet the requirements in the written security policy. What should you do？（）

  A . Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the IIS server computer account B . Run the Microsoft Baseline Security Analyzer （MBSA） on the IIS server and scan for vulnerabilities in Windows and IIS checks C . Run Security Configuration and Analysis to analyze the IIS server’s security settings by using a custom security template D . On the IIS server， run the gpresult command from a command prompt and analyze the output

  查看最佳答案

• You need to design a method to update the content on the Web server. Your solution must meet business and security requirements. What are two possible ways to achieve this goal？（）

  A . Use SSH to encrypt content as it is transferred to the Web server on the perimeter network B . Install the Microsoft FrontPage Server Extensions， and use FrontPage to update content C . Use Web Distributed Authoring and Versioning （WebDAV） over and SSL connection to the Web server to update content D . Use FTP over an IPSec connection to transfer content to the Web server E . Use Telnet to connect to the Web server， and then perform content changes directly on the server

  查看最佳答案

• You need to design a PKI solution that meets business and security requirements. What should you do？（）

  A . Implement an enterprise root CA in the corp.woodgrovebank.com domain.Implement subordinate CAs in each child domain. Take the root CA offline B . Implement an enterprise root CA in the corp.woodgrovebank.com domain C . Implement an enterprise root CA in each of the child domains. Take the enterprise CA in each domain offline D . Implement an enterprise root CA in the corp.woodgrovebank.com domain. Implement a stand-alone root CA in each of the child domai

  查看最佳答案

• You need to design a security patch management strategy. Your solution must meet business and security requirements， and it must accommodate the company’s resource restrictions. What should you do？（）

  A . Test and manually deploy updates B . Deploy a Software Update Services （SUS） server. Test all updates and then approve them. Configure all client computers to automatically obtain updates from the server C . Test all updates and then use a third-party utility to repackage updates in a Windows Installer file. Deploy the -.msi files by using Group Policy D . Configure all client computers to use Automatic Updates to obtain security updates from the Windows Update Web site. Test all updates posted to the Windows Update Web site

  查看最佳答案

• You need to design a method to protect traffic on the wireless network. Your solution must meet the requirements of the chief security officer. What should you do？（）

  A . Configure the wireless access points in Denver and Dallas to filter unauthorized Media Access Control （MAC） addresses B . Configure the wireless network connection properties for all computers in Denver and in Dallas to use the same network name that the wireless access points use C . Create a GPO and link it to the Denver OU and to the Dallas OU. Create a wireless network policy and configure it to use Windows to configure wireless network settings for the Denver and the Dallas networks D . Create a GPO and link it to the Denver OU and to the Dallas OU. Create a wireless network policy and enable data encryption and dynamic key assignments for the Denver and Dallas network

  查看最佳答案

• You need to design a method to deploy security configuration settings to servers. What should you do？（）

  A . Run the Resultant Set of Policy wizard with a Windows Management Instrumentation （WMI） filter on each department’s Server OU B . Log on to each server and use local policy to configure and manage the security settings C . Create a customer security template. Log on to a domain controller and run the seceditcommand to import the security template D . Create a customer security template. Create a GPO and import the security template. Link the GPO to each department’s Server OU

  查看最佳答案

• You need to design a remote access strategy for the customer support users when they work from home. Your solution must meet security requirements. What should you do？（）

  A . Deploy an L2TP/IPsec VPN server in each call center. Configure the portable computers as L2TP VPN clients B . Create IPSec tunnel mode connections between the customer support users home and the company’s Internet-facing routers C . Create IP packet filters on the company’s Internet-facing routers to allow the Remote Desktop Protocol （RDP）.Create IPSec filters on the terminal servers to allow only connections that use RDP D . Create IP packet filters on the company’s Internet-facing routers to allow the IPSec protocols. Assign the Secure Server （Require Security） IPSec policy to the terminal servers. Assign the Client （Respond only） IPSec policy to the portable computer

  查看最佳答案

• You need to design a domain model that meets the company business and security requirements for controlling access to the new Web-based ordering application. What should you do？（）

  A . Create a child OU within the existing domain B . Create a child domain of the existing domain C . Create a new domain in a new forest. Configure the new domain to trust the existing domain D . Create a new tree in the existing forest. Configure the new domain to trust the existing domai

  查看最佳答案

• You need to design a remote administration solution for servers on the internal network. Your solution must meet business and security requirements. What should you do？（）

  A . Permit administrators to use an HTTP interface to manage servers remotely B . Permit only administrators to connect to the servers’ Telnet service C . Permit administrators to manage the servers by using Microsoft NetMeeting D . Require administrators to use Remote Desktop for Administration connections to manage the server

  查看最佳答案

• You are designing a security strategy for users who need remote access to the corporate network.  What should you do？（）

  A .  Configure Internet Authentication Service （IAS） for accounting. B .  Configure the server running Routing and Remote Access to support L2TP. C .  Configure the server running Routing and Remote Access to restrict dial-in traffic to the NewApp servers only. D .  Create a separate account for remote access users. Configure these accounts to access the NewApp server only.

  查看最佳答案

• You need to design a remote access authentication strategy that will allow users in the IT department to remotely connect to the network. Your solution must meet security requirements. What should you do？（）

  A . Install Internet Authentication Services （IAS） on a server in the den.corp.woodgrovebank.com domain. Configure the VPN servers as RADIUS clients B . Install Internet Authentication Services （IAS） on a stand-alone server in the Denver extranet. Create local user accounts for the IT personnel on the IAS server. Configure the VPN servers as RADIUS clients C . Create a remote access policy on each of the VPN servers. Configure the policy to use the den.corp.woodgrovebank.com to authenticate remote access users. Configure the policy to require L2TP to establish a connection D . Create a remote access policy on each of the VPN servers. Create local user accounts for the IT personnel on the VPN servers. Configure the policy to use the VPN servers’ local accounts database to authenticate users. Configure the policy to require L2TP to establish a connectio

  查看最佳答案

• You need to design a Security strategy for the wireless network at all resort locations.What should you do？（）

  A . Connect the wireless access points to a dedicated subnet. Allow the subnet direct access to the Internet，but not to the company network.Require company users to establish a VPN to access company resources B . Install Internet Authentication Service （IAS） on a domain controller.Configure the wireless access points to require IEEE 802.1x authentication C . Establish IPSec policies on all company servers to request encryption from all computers that connect from the wireless IP networks D . Configure all wireless access points to require the Wired Equivalent Privacy （WEP） protocol for all connections. Use a Group Policy object （GPO） to distribute the WEP keys to all computers in the domai

  查看最佳答案

• You need to design a method to allow the new-ideas-testking.com Web site to function in accordance with security and business requirements.  What should you do？（）

  A . Require a PPTP VPN for all connections to the Web server B . Require that traffic between Web browsers and the Web server uses an L2TP/IPSec tunnel C . Require that traffic between Web browsers and the Web server uses SSL D . Require certificate mappings between the Web server and Active Directory

  查看最佳答案

• You need to design a security strategy for a remote e-mail access. What should you do？（）

  A . Require remote users to access e-mails by using Outlook Mobile Access B . Require Outlook Web Access users to install the secure MIME ActiveX-Control and to encrypt all messages C . On Outlook Web Access servers that accept connections from the Internet configure IIS to require SSL for all connections D . On Outlook Web Access servers that accept connections from the Internet configure IIS to require Integrated Windows Authenticatio

  查看最佳答案

• You need to design a method to log changes that are made to servers and domain controllers. You also need to track when administrators modify local security account manager objects on servers. What should you do？（）

  A . Enable failure audit for privilege user and object access on all servers and domain controllers B . Enable success audit for policy change and account management on all servers and domain controllers C . Enable success audit for process tracking and logon events on all servers and domain controllers D . Enable failure audit for system events and directory service access on all servers and domain controller

  查看最佳答案

• You need to design a strategy to increase security for the client computers in the finance department. Which two actions should you perform？（）

  A . Enable automatic certificate enrollment B . Enforce smart card logons C . Enable Encrypting File System （EFS） for offline files D . Enable a screen saver password

  查看最佳答案

• You need to design a security strategy that will ensure that unauthorized users cannot access personnel data. Your solution must comply with security requirements and the company’s new administrative model.What should you do？（）

  A . In the Default Domain Policy Group Policy object （GPO） for the corp.woodgrovebank.com domain， add the LA\HRUsers group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list B . In the Default Domain Policy Group Policy object （GPO） for the la.corp.woodgrovebank.com domain， add the LA\HRUsers group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list C . In the Default Domain Policy Group Policy object （GPO） for the corp.woodgrovebank.com domain， add the LA\HRUsers group and the CORP\Backup Operators group to the Restricted Groups list. Add only the HR department user accounts and the administrator user accounts to the Allowed Members list for each group D . In the Default Domain Policy Group Policy object （GPO） for the la.corp.woodgrovebank.com domain， add the LA\HRUsers group and the CORP\Backup Operators group to the Restricted Groups list. Add only the HR department user accounts to the Allowed Members list for the LA\HRUsers group. Add only the administrator user accounts to the Allowed Members list for the CORP\Backup Operators grou

  查看最佳答案