单项选择题

You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. The domain contains a Windows Server 2003 computer named Server1. You are planning a public key infrastructure （PKI） for the company. You want to deploy a certification authority （CA） on Server1. You create a new global security group named Cert Administrators. You need to delegate the tasks to issue， approve， and revoke certificates to members of the Cert Administrators group.
What should you do？（）

A. Add the Cert Administrators group to the Cert Publishers group in the domain.
B. Configure the Certificates Templates container in the Active Directory configuration naming context to assign the Cert Administrators group the Allow - Write permission.
C. Configure the CertSrv virtual directory on Server1 to assign the Cert Administrators group the Allow - Modify permission.
D. Assign the Certificate Managers role to the Cert Administrators group.

点击查看答案

上一题目录下一题

相关考题

单项选择题
You are a network administrator for your company. You install Windows Server 2003， Enterprise Edition on two servers named Server1 and Server2. You configure Server1 and Server2 as a two-node server cluster. Server1 and Server2 are connected to a shared fiber-attached array. You configure the server cluster for file sharing. You configure Server1 as the preferred owner of the file sharing resources. You perform the following backups by using the Backup or Restore Wizard. Tuesday Wednesday Server1 Normal backup including system state Incremental backup and Automated System Recovery （ASR） backup Server2 Normal backup including system state Incremental backup and ASR backup On Thursday morning， Server2 experiences a hard disk failure. The failed disk contains only the operating system for Server2. You evict Server2 from the server cluster. You need to recover Server2 and restore it to the cluster. You need to minimize data loss and recovery time. What should you do？（）

A. Restore the quorum disk signature and data from the Tuesday backup of Server1， and add Server2 to the server cluster.
B. Restore Server2 by using ASR， and add Server2 to the server cluster.
C. Restore the Tuesday backup of Server2， and add Server2 to the server cluster.
D. Restore the Tuesday normal backup and the Wednesday incremental backup of Server2， and add Server2 to the server cluster.
单项选择题
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You have a stand-alone server that serves as a Stand-alone root certification authority （CA）. You need to ensure that a specific user can back up the CA and configure the audit parameters on the CA. What should you do？（）

A. Assign the user account to the CA Admin role.
B. Add the user account to the local Administrators group.
C. Grant the user the Back up files and directories user right.
D. Grant the user the Manage auditing and security log user right.
单项选择题
You are the network administrator for Contoso， Ltd. The network consists of a single Active Directory domain named contoso.com. The functional level of the domain is Windows Server 2003. The domain contains Windows Server 2003 computers and Windows XP Professional computers. The domain consists of the containers shown in the exhibit. （Click the Exhibit button.） All production server computer accounts are located in an organizational unit （OU） named Servers. All production client computer accounts are located in an OU named Desktops. There are Group Policy objects （GPOs） linked to thedomain， to the Servers OU， and to the Desktops OU. The company recently added new requirements to its written security policy. Some of the new requirements apply to all of the computers in the domain， some requirements apply to only servers， and some requirements apply to only client computers. You intend to implement the new requirements by making modifications to the existing GPOs. You configure 10 new Windows XP Professional computers and 5 new Windows Server 2003 computers in order to test the deployment of settings that comply with the new security requirements by using GPOs. You use the Group Policy Management Console （GPMC） to duplicate the existing GPOs for use in testing. You need to decide where to place the test computer accounts in the domain. You want to minimize the amount of administrative effort required to conduct the test while minimizing the impact of the test on production computers. You also want to avoid linking GPOs to multiple containers. What should you do？（）

A. Place all test computer accounts in the contoso.com container.
B. Place all test computer accounts in the Computers container.
C. Place the test client computer accounts in the Desktops OU and the test server computer accounts in the Servers OU.
D. Create a child OU under the Desktops OU for the test client computer accounts. Create a child OU under the Servers OU for the test server computer accounts.
E. Create a new OU named Test under the contoso.com container. Create a child OU under the Test OU for the test client computer accounts. Create a second child OU under the Test OU for the test server computer accounts.