单项选择题
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are developing a security monitoring plan. You must monitor the files that are stored in a specific directory on a member server. You have the following requirements. Log all attempts to access the files.Retain log information until the full weekly backup occurs. You need to ensure that the security monitoring plan meets the requirements.
What should your plan include?()
A. Configure a directory service access audit policy. Increase the maximum size of the security log.
B. Configure a directory service access audit policy. Set the system log to overwrite events older than 7 days.
C. Configure an object access audit policy for the directory. Increase the maximum size of the system log.
D. Configure an object access audit policy for the directory. Set the security log to overwrite events older than 7 days.
相关考题
-
单项选择题
Your company has a single Active Directory directory service domain. Servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create an internal centrally managed security update infrastructure for client computers. You need to choose a security update management tool that supports all the client computers. Which tool should you choose? ()
A. Microsoft Assessment and Planning (MAP) Toolkit
B. Microsoft Baseline Security Analyzer
C. Microsoft System Center Operations Manager
D. Windows Server Update Services (WSUS) -
单项选择题
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers. Which tool should you choose? ()
A. UrlScan Security Tool
B. Enterprise Scan Tool (EST)
C. Malicious Removal Tool (MRT)
D. Microsoft Baseline Security Analyzer (MBSA) -
单项选择题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. The domain contains a Windows Server 2003 computer named Server1. You are planning a public key infrastructure (PKI) for the company. You want to deploy a certification authority (CA) on Server1. You create a new global security group named Cert Administrators. You need to delegate the tasks to issue, approve, and revoke certificates to members of the Cert Administrators group. What should you do?()
A. Add the Cert Administrators group to the Cert Publishers group in the domain.
B. Configure the Certificates Templates container in the Active Directory configuration naming context to assign the Cert Administrators group the Allow - Write permission.
C. Configure the CertSrv virtual directory on Server1 to assign the Cert Administrators group the Allow - Modify permission.
D. Assign the Certificate Managers role to the Cert Administrators group.
