单项选择题
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You have a stand-alone server that serves as a Stand-alone root certification authority (CA). You need to ensure that a specific user can back up the CA and configure the audit parameters on the CA.
What should you do?()
A. Assign the user account to the CA Admin role.
B. Add the user account to the local Administrators group.
C. Grant the user the Back up files and directories user right.
D. Grant the user the Manage auditing and security log user right.
相关考题
-
单项选择题
You are the network administrator for Contoso, Ltd. The network consists of a single Active Directory domain named contoso.com. The functional level of the domain is Windows Server 2003. The domain contains Windows Server 2003 computers and Windows XP Professional computers. The domain consists of the containers shown in the exhibit. (Click the Exhibit button.) All production server computer accounts are located in an organizational unit (OU) named Servers. All production client computer accounts are located in an OU named Desktops. There are Group Policy objects (GPOs) linked to thedomain, to the Servers OU, and to the Desktops OU. The company recently added new requirements to its written security policy. Some of the new requirements apply to all of the computers in the domain, some requirements apply to only servers, and some requirements apply to only client computers. You intend to implement the new requirements by making modifications to the existing GPOs. You configure 10 new Windows XP Professional computers and 5 new Windows Server 2003 computers in order to test the deployment of settings that comply with the new security requirements by using GPOs. You use the Group Policy Management Console (GPMC) to duplicate the existing GPOs for use in testing. You need to decide where to place the test computer accounts in the domain. You want to minimize the amount of administrative effort required to conduct the test while minimizing the impact of the test on production computers. You also want to avoid linking GPOs to multiple containers. What should you do?()
A. Place all test computer accounts in the contoso.com container.
B. Place all test computer accounts in the Computers container.
C. Place the test client computer accounts in the Desktops OU and the test server computer accounts in the Servers OU.
D. Create a child OU under the Desktops OU for the test client computer accounts. Create a child OU under the Servers OU for the test server computer accounts.
E. Create a new OU named Test under the contoso.com container. Create a child OU under the Test OU for the test client computer accounts. Create a second child OU under the Test OU for the test server computer accounts. -
多项选择题
Servers in your environment run Windows Server 2003. You plan to configure a highly available file server. You need to choose the appropriate high-availability technology and the minimum Windows Server 2003 edition for this server. Which technology and edition should you choose?()
A. failover clustering
B. Network Load Balancing
C. Windows Server 2003, Standard Edition
D. Windows Server 2003, Enterprise Edition -
单项选择题
You are a network administrator for your company. The network contains Windows Server 2003 computers and Windows XP Professional client computers. All computers are members of the same Active Directory forest. The company uses a public key infrastructure (PKI) enabled application to manage marketing data. Certificates used with this application are managed by the application administrators. You install Certificate Services to create an offline stand-alone root certification authority (CA) on one Windows Server 2003 computer. You configure a second Windows Server 2003 computer as a stand-alone subordinate CA. You instruct users in the marketing department to enroll for certificates by using the Web enrollment tool on the stand-alone subordinate CA. Some users report that when they attempt to complete the enrollment process, they receive an error message on their certificate, as shown in the exhibit. (Click the Exhibit button.) Other users in the marketing department do not report receiving the error. You need to ensure that users in the marketing department do not continue to receive this error message. You also need to ensure that only users in the marketing department trust certificates issued by this CA. You create a new organizational unit (OU) named Marketing. What else should you do?()
A. Place all marketing department computer objects in the Marketing OU. Create a new Group Policy object (GPO) and link it to the Marketing OU. Publish the root CA’s root certificate in the Trusted Root Certification Authorities section of the GPO.
B. Place all marketing department user objects in the Marketing OU. Create a new Group Policy object (GPO) and link it to the Marketing OU. In the User Configuration section of the GPO, configure a certificate trust list (CTL) that contains the subordinate CA’s certificate.
C. Place all marketing department computer objects in the Marketing OU. Create a new Group Policy object (GPO) and link it to the Marketing OU. In the Computer Configuration section of the GPO, configure a certificate trust list (CTL) that contains the subordinate CA’s certificate.
D. Place all marketing department user objects in the Marketing OU. Create a new Group Policy object (GPO) and link it to the Marketing OU. In the User Configuration section of the GPO, configure a certificate trust list (CTL) that contains the root CA’s certificate.
