江浙沪招生考试网

o ensure that the DNS service can update records and resolve DNS queries in the event that a WAN link fails. What should you do?

　　A.

　　Create a new stub zone named ad.contoso.com on DC2.

　　B.

　　Configure the DNS server on DC2 to forward requests to DC1.

　　C.

　　Create a new standard secondary zone named ad.contoso.com on DC2.

　　D.

　　Convert the ad.contoso.com zone on DC1 to an Active Directory-integrated zone.

　　Answers: D

　　30: Single

　　You have a domain controller named DC1 that runs Windows Server 2008. DC1 is configured as a DNS server for contoso.com. You install the DNS Server server role on a member server named Server1 and then you create a standard secondary zone for contoso.com. You configure DC1 as the master server for the zone. You need to ensure that Server1 receives zone updates from DC1. What should you do?

　　A.

　　On Server1, add a conditional forwarder.

　　B.

　　On DC1, modify the permissions of contoso.com zone.

　　C.

　　On DC1, modify the zone transfer settings for the contoso.com zone.

　　D.

　　Add the Server1 computer account to the DNSUpdateProxy group.

　　Answers: C

　　31: Single

　　You have a domain controller that runs Windows Server 2008. The Windows Server Backup feature is installed on the domain controller. You need to perform a non-authoritative restore of the domain controller by using an existing backup file. What should you do?

　　A.

　　Restart the domain controller in Directory Services Restore Mode. Use the WBADMIN command to perform a critical volume restore.

　　B.

　　Restart the domain controller in Directory Services Restore Mode. Use the Windows Server Backup snap-in to perform a critical volume restore.

　　C.

　　Restart the domain controller in safe mode. Use the Windows Server Backup snap-in to perform a critical volume restore.

　　D.

　　Restart the domain controller in safe mode. Use the WBADMIN command to perform a critical volume restore.

　　Answers: A

　　32: Single

　　You have a domain controller that runs the DHCP service. You need to perform an offline defragmentation of the Active Directory database on the domain controller. You must achieve this goal without affecting the availability of the DHCP service. What should you do?

　　A.

　　Restart the domain controller in Directory Services Restore Mode. Run the Disk Defragmenter utility.

　　B.

　　Restart the domain controller in Directory Services Restore Mode. Run the Ntdsutil utility.

　　C.

　　Stop the Active Directory Domain Services service. Run the Ntdsutil utility.

　　D.

　　Stop the Active Directory Domain Services service. Run the Disk Defragmenter utility.

　　Answers: C

　　33: Single

　　You create 200 new user accounts. The users are located in six different sites. New users report that they receive the following error message when they try to log on: "The username or password is incorrect." You confirm that the user accounts exist and are enabled. You also confirm that the user name and password information supplied are correct. You need to identify the cause of the failure. You also need to ensure that the new users are able to log on. Which utility should you run?

　　A.

　　Rsdiag

　　B.

　　Rstools

　　C.

　　Repadmin

　　D.

　　Active Directory Domains and Trusts

　　Answers: C

　　34: Single

　　You network consists of a single Active Directory domain. All domain controllers run Windows Server 2008. You need to reset the Directory Services Recovery Mode (DSRM) password on a domain controller. What tool should you use?

　　A.

　　dsmod

　　B.

　　ntdsutil

　　C.

　　Local Users and Groups snap-in

　　D.

　　Active Directory Users and Computers snap-in

　　Answers: B

　　35: Single

　　Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008. You need to identify the Lightweight Directory Access Protocol (LDAP) clients that are using the largest amount of available CPU resources on a domain controller. What should you do?

　　A.

　　Review performance data in Resource Monitor.

　　B.

　　Review the Hardware Events log in the Event Viewer.

　　C.

　　Run the LAN Diagnostics Data Collector Set. Review the LAN Diagnostics report.

　　D.

　　Run the Active Directory Diagnostics Data Collector Set. Review the Active Directory Diagnostics report.

　　Answers: D

　　36: Single

　　Your company has an Active Directory domain. All servers run Windows Server 2008. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do?

　　A.

　　Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.

　　B.

　　Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.

　　C.

　　Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).

　　D.

　　Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.

　　Answers: A

　　37: Single

　　You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do?

　　A.

　　Import the enterprise root CA certificate.

　　B.

　　Configure the Certificate Revocation List Distribution Point extension.

　　C.

　　Configure the Authority Information Access (AIA) extension.

　　D.

　　Add the Server2 computer account to the CertPublishers group.

　　Answers: C

　　38: Multiple

　　Your company has an Active Directory domain. All servers run Windows Server 2008. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two tasks should you perform? (Each correct answer presents part of the solution. Choose two.)

　　A.

　　Publish the code signing template.

　　B.

　　Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only administrators to apply the policy.

　　C.

　　Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.

　　D.

　　Modify the security settings on the template to allow only administrators to request code signing certificates.

　　Answers: A D

　　39: Single

　　Your company has an Active Directory domain. All servers run Windows Server 2008. Your company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise Intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do?

　　A.

　　Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.

　　B.

　　Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.

　　C.

　　Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy object.

　　D.

　　Import the new

上一页  [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]  ... 下一页  >>