江浙沪招生考试网

ers in the R&D organizational unit. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

　　A.

　　Configure the Enforce setting on the software deployment GPO.

　　B.

　　Configure the Block Inheritance setting on the R&D organizational unit.

　　C.

　　Configure the Block Inheritance setting on the Production organizational unit.

　　D.

　　Configure security filtering on the Software Deployment GPO to Deny Apply group policy for the R&D security group.

　　Answers: B D

　　12: Single

　　Your companys security policy requires complex passwords. You have a comma delimited file named import.csv that contains user account information. You need to create user accounts in the domain by using the import.csv file. You also need to ensure that the new user accounts are set to use default passwords and are disabled. What should you do?

　　A.

　　Modify the userAccountControl attribute to disabled. Run the csvde i k f import.csv command. Run the DSMOD utility to set default passwords for the user accounts.

　　B.

　　Modify the userAccountControl attribute to accounts disabled. Run the csvde f import.csv command. Run the DSMOD utility to set default passwords for the user accounts.

　　C.

　　Modify the userAccountControl attribute to disabled. Run the wscript import.csv command. Run the DSADD utility to set default passwords for the imported user accounts.

　　D.

　　Modify the userAccountControl attribute to disabled. Run the ldifde i f import.csv command. Run the DSADD utility to set passwords for the imported user accounts.

　　Answers: A

　　13: Single

　　Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008. The Audit account management policy setting and Audit directory services access setting are enabled for the entire domain. You need to ensure that changes made to Active Directory objects can be logged. The logged changes must include the old and new values of any attributes. What should you do?

　　A.

　　Enable the Audit account management policy in the Default Domain Controller Policy.

　　B.

　　Run auditpol.exe and then configure the Security settings of the Domain Controllers OU.

　　C.

　　Run auditpol.exe and then enable the Audit directory service access setting in the Default Domain policy.

　　D.

　　From the Default Domain Controllers policy, enable the Audit directory service access setting and enable directory service changes.

　　Answers: B

　　14: Single

　　Your company has an Active Directory domain. A user attempts to log on to the domain from a client computer and receives the following message: "This user account has expired. Ask your administrator to reactivate the account." You need to ensure that the user is able to log on to the domain. What should you do?

　　A.

　　Modify the properties of the user account to set the account to never expire.

　　B.

　　Modify the properties of the user account to extend the Logon Hours setting.

　　C.

　　Modify the properties of the user account to set the password to never expire.

　　D.

　　Modify the default domain policy to decrease the account lockout duration.

　　Answers: A

　　15: Single

　　You are installing an application on a computer that runs Windows Server 2008. During installation, the application will need to install new attributes and classes to the Active Directory database. You need to ensure that you can install the application. What should you do?

　　A.

　　Change the functional level of the forest to Windows Server 2008.

　　B.

　　Log on by using an account that has Server Operator rights.

　　C.

　　Log on by using an account that has Schema Administrator rights and the appropriate rights to install the application.

　　D.

　　Log on by using an account that has the Enterprise Administrator rights and the appropriate rights to install the application.

　　Answers: C

　　16: Single

　　Your company has an Active Directory forest. The company has servers that run Windows Server 2008 and client computers that run Windows Vista. The domain uses a set of GPO administrative templates that have been approved to support regulatory compliance requirements. Your partner company has an Active Directory forest that contains a single domain. The company has servers that run Windows Server 2008 and client computers that run Windows Vista. You need to configure your partner companys domain to use the approved set of administrative templates. What should you do?

　　A.

　　Use the Group Policy Management Console (GPMC) utility to back up the GPO to a file. In each site, import the GPO to the default domain policy.

　　B.

　　Copy the ADMX files from your companys PDC emulator to the PolicyDefinitions folder on the partner companys PDC emulator.

　　C.

　　Copy the ADML files from your companys PDC emulator to the PolicyDefinitions folder on the partner companys PDC emulator.

　　D.

　　Download the conf.adm, system.adm, wuau.adm, and inetres.adm files from the Microsoft Updates Web site. Copy the ADM files to the PolicyDefinitions folder on the partner companys PDC emulator.

　　Answers: B

　　17: Multiple

　　You need to ensure that users who enter three successive invalid passwords within 5 minutes are locked out for 5 minutes. Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

　　A.

　　Set the Minimum password age setting to one day.

　　B.

　　Set the Maximum password age setting to one day.

　　C.

　　Set the Account lockout duration setting to 5 minutes.

　　D.

　　Set the Reset account lockout counter after setting to 5 minutes.

　　E.

　　Set the Account lockout threshold setting to 3 invalid logon attempts.

　　F.

　　Set the Enforce password history setting to 3 passwords remembered.

　　Answers: C D E

　　18: Multiple

　　Your company has an Active Directory forest. The forest includes organizational units corresponding to the following four locations:

　　London

　　Chicago

　　New York

　　Madrid

　　Each location has a child organizational unit named Sales. The Sales organizational unit contains all the users and computers from the sales department.

　　The offices in London, Chicago, and New York are connected by T1 connections. The office in Madrid is connected by a 256-Kbps ISDN connection.

　　You need to install an application on all the computers in the sales department.

　　Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

　　A.

　　Disable the slow link detection setting in the Group Policy Object (GPO).

　　B.

　　Configure the slow link detection threshold setting to 1,544 Kbps (T1) in the Group Policy Object (GPO).

　　C.

　　Create a Group Policy Object (GPO) named OfficeInstall that assigns the application to users. Link the GPO to each Sales organizational unit.

　　D.

　　Create a Group Policy Object (GPO) named OfficeInstall that assigns the application to the computers. Link the GPO to each Sales organizational unit.

　　Answers: A D

　　19: Single

　　Your company has an Active Directory domain and an organizational unit. The organizational unit is named Web. You configure and test new security settings for Internet Information Service (IIS) servers on a server named IISServerA. You need to deploy the new security settin

上一页  [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]  ... 下一页  >>