单项选择题
You are the network administrator for Test King. The network consists of a single
Active Directory domain named The domain contains Windows
Server 2003 computers and Windows XP Professional computers.
The Default Domain Policy has been modified by importing a security template file,
which contain several security settings.
A server named TestKing1 cannot run a program that us functioning on other
similarly configured servers. You need to find out whether additional security
settings have been added to the local security policy on TestKing1.
To troubleshoot, you want to use a tool to compare the current security settings on
TestKing1 against the security template file in order to automatically identify any
settings that might have been added to the local security policy.
Which tool should you run on TestKing1?()
A. Microsoft Baseline Security Analyzer (MBSA)
B. Security Configuration and Analysis console
C. gpresult.exe
D. Resultant Set of Policy console in planning mode
相关考题
-
单项选择题
You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. Three thousand client computers run Windows 2000 Professional, and 1,500 client computers run Windows XP Professional. A new employee named Dr King is hired to assist you in installing Windows XP Professional on 150 new client computers. You need to ensure that Dr King has only the minimum permissions required to add new computer accounts to the domain and to own the accounts that he creates. Dr King must not be able to delete computer accounts. What should you do?()
A. Add Dr King's user account to the Server Operators group.
B. Add Dr King's user account to the Account Operators group.
C. Use the Delegation of Control Wizard to permit Dr King's user account to create new computer objects in the Computers container.
D. Create a Group Policy object (GPO) and link it to the domain. Configure the GPO to permit Dr King's user account to add client computers to the domain. -
单项选择题
You are the network administrator for the Beijing office of TestKing. A branch office is located in Cairo. The DNS servers in both locations run Windows Server 2003. The network uses two DNS namespaces internally. They are named publishing.testking.com and testking.com. The locations of the primary name servers are shown in the following table. The Beijing office contains some servers that are registered in the testking.com zone and other that are registered in the publishing.testking.com zone. All computers in the Beijing office are configured to use the local DNS server as their preferred DNS server. The two offices are connected only by using a VPN through the Internet. Various network problems occasionally result in loss of connectivity between the two offices. Firewalls prevent the DNS servers in both offices from receiving queries from the Internet. You need to configure the DNS server in the Beijing office to allow successful resolution of all queries from the Beijing office for names in the publishing.testking.com namespace, even when the VPN link between the Beijing and Cairo offices fails. What should you configure on the DNS server in the Beijing office?()
A. In the testking.com zone, create a delegated subdomain named publishing. Specify the DNS server in the Cairo office as a name server.
B. Create a secondary zone name publishing.testking.com. Specify the DNS server in the Cairo office as a master server.
C. Configure conditional forwarding for the publishing.testking.com namespace. Specify the DNS server in the Cairo office as a target server.
D. Create a stub zone named publishing.testking.com. Specify the DNS server in the Cairo office as a master server. -
单项选择题
You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. Confidential files are stored on a member server named TK1. The computer object for TK1 resides in an organizational unit (OU) named Confidential. A Group Policy object (GPO) named GPO1 is linked to the Confidential OU. To audit access to the confidential files, you enable auditing on all private folders on TK1. Several days later, you review the audit logs. You discover that auditing is not successful. You need to ensure that auditing occurs successfully. What should you do?()
A. Start the System Event Notification Service (SENS) on TK1.
B. Start the Error Reporting service on TK1.
C. Modify the Default Domain Controllers GPO by selecting Success and Failure as the Audit Object Access setting.
D. Modify GPO1 by selecting Success and Failure as the Audit Object Access setting.
