A.CreateascriptthatinstallstheHisecdc.infsecuritytemplate
B.UseaGPOtodistributeandapplytheHisec.infsecuritytemplate
C.UsetheSystemPolicyEditortoconfigureeachserver’ssecuritysettings
D.UseaGPOtodistributeandapplyacustomsecuritytemplate
第1题
A.
B.
C.
D.
第2题
ck 2 (SP2).Server 1 is configured as shown in the following table.You need to configure security to meet the following requirements:·Enable members of the Sales group to create, modify, and delete files and folders in the Sales folder.·Enable members of the Marketing group to create, modify, and delete files and folders in the Marketing folder.·Prevent users from modifying permissions when they access the shared files.What should you do? ()
A. Change the share permission on Userdata to Authenticated Users: Change.
B. Change the NTFS permission on Userdata to Authenticated Users: Modify.
C. Change the NTFS permission on Marketing to Marketing-group: Write. Change the NTFS permission on Sales to Sales-group: Write.
D. Remove the Userdata share. Share Sales and assign the Sales-Group group Full Control share permission. Share Marketing and assign the Marketing-Group group Full Control share permission.
第3题
A.从具有高级安全性的Windows防火墙创建一个新规则
B.从本地组策略修改应用程序控制策略
C.从Windows防火墙修改“允许的程序和功能”列表
D.从网络和共享中心修改“高级共享”设置
第4题
A.完成其余8台服务器的安装。
B.在新服务器上的Windows防火墙中,配置WindowsManagementInstrumentation(WMI)例外。
C.在KMS服务器上安装批量激活管理工具(VAMT),并配置多次激活密钥(MAK)代理激活。
D.在KMS服务器上安装批量激活管理工具(VAMT),并配置多次激活密钥(MAK)独立激活。
第5题
owsServer2003.ClientcomputersrunWindowsXPorWindowsVista.Youplantocreateaninternalcentrallymanagedsecurityupdateinfrastructureforclientcomputers.Youneedtochooseasecurityupdatemanagementtoolthatsupportsalltheclientcomputers.Whichtoolshouldyouchoose?()
A.MicrosoftAssessmentandPlanning(MAP)Toolkit
B.MicrosoftBaselineSecurityAnalyzer
C.MicrosoftSystemCenterOperationsManager
D.WindowsServerUpdateServices(WSUS)
第6题
.YoureceiveanerrormessageindicatingthattheWebsiteisblockedandscriptingisdisabled.YouneedtoensurethatyoucandownloadthedevicedriverwhileensuringthataccesstoscriptsonotherWebsitesarerestricted.Whatshouldyoudo?()
A.RunCscript.exe//h:cscript.
B.DisableWindowsInternetExplorerAdvancedSecurity.
C.EnableTCP/IPfilteringandallowTCPport80and443.
D.Addthedevicemanufacturer’sWebsitetotheTrustedsiteszone.
第7题
edevelopingasecuritymonitoringplan.Youmustmonitorthefilesthatarestoredinaspecificdirectoryonamemberserver.Youhavethefollowingrequirements.Logallattemptstoaccessthefiles.Retainloginformationuntilthefullweeklybackupoccurs.Youneedtoensurethatthesecuritymonitoringplanmeetstherequirements.Whatshouldyourplaninclude?()
A.Configureadirectoryserviceaccessauditpolicy.Increasethemaximumsizeofthesecuritylog.
B.Configureadirectoryserviceaccessauditpolicy.Setthesystemlogtooverwriteeventsolderthan7days.
C.Configureanobjectaccessauditpolicyforthedirectory.Increasethemaximumsizeofthesystemlog.
D.Configureanobjectaccessauditpolicyforthedirectory.Setthesecuritylogtooverwriteeventsolderthan7days.
第8题
务安装在名为DC1和DC2的两台域控制器上。两台DNS服务器都承载着ActiveDirectory集成区域,这些区域都配置为只允许最安全的更新。DC1安装并激活了密钥管理服务(KMS)。您发现,承载在DC1和DC2上的contoso.com区域中缺少了服务定位符记录。您需要在contoso.com区域中强制注册KMS服务定位符记录。该怎么做?()
A.将contoso.com区域配置为接受非安全更新。
B.在DC1上的命令提示符下,运行slmgr.vbsCrearm脚本。
C.在DC1上的命令提示符下,运行netstopsppsvc命令,然后运行netstartsppsvc命令。
D.在DC2上的命令提示符下,运行netstopnetlogon命令,然后运行netstartnetlogon命令。
第9题
A.
B.
C.
D.
第10题
dresstranslation(NAT)router.TheserverhastwonetworkadaptersandprovidesInternetaccessforthenetwork.Youneedtopreventtrafficonport21frombeingsenttotheInternet.Allotheroutboundtrafficmustbeallowed.Whatshouldyoudo?()
A.OnthenetworkadapterthatisconnectedtotheLAN,enableTCP/IPfiltering.
B.OnthenetworkadapterthatisconnectedtotheInternet,enableTCP/IPfiltering.
C.FromtheRoutingandRemoteAccesssnap-in,openthepropertiesoftheinterfaceconnectedtotheInternet,selecttheServicesandPortstab,anddefineanewservice.
D.FromtheRoutingandRemoteAccesssnap-in,openthepropertiesoftheinterfaceconnectedtotheInternet,selecttheNAT/BasicFirewalltab,anddefineanewstaticpacketfilter.
为了保护您的账号安全,请在“上学吧”公众号进行验证,点击“官网服务”-“账号验证”后输入验证码“”完成验证,验证成功后方可继续查看答案!