单项选择题
You are the network administrator for TestKing. The network consists of a single
Active Directory domain. All servers run Windows Server 2003.
The domain contains two domain controllers named Testking1 and Testking2. You
use a Windows XP Professional client computer named Client1.
In Active Directory, the domain administrator creates two new user accounts
named NetAdmin1 and AdminUser1. The NetAdmin1 account is a member of the
Domain Admins global group. The AdminUser1 account is a member of only the
Users local group. You assign the AdminUser1 logon account the Allow log on
locally user right in the Default Domain Controller Group Policy object (GPO).
A new written security policy states that user accounts that are member of the
Domain Admins global group should not be used to log on to the console of a
domain controller. It also states that administrative tasks should be performed by
using the Secondary Logon service.
You need to create a new computer account in Active Directory, and you must
comply with the new company security policy.
What should you do?()
A. Log on to Testking1 by using the AdminUser1 user account. Run the dsa.msc command.
B. Log on to Testking1 by using the NetAdmin1 user account. Run the dsa.msc command.
C. Log on to Client1 by using the AdminUser1 user account. Run the runas /user:netadmin1 dsa.msc
D. Log on to Client1 by using the NetAdmin1 user account. Run the runas /user:adminuser1 dsa.msc
相关考题
-
多项选择题
You are the network administrator for The network consists of a single Active Directory domain named The domain contains Windows Server 2003 computers and Windows XP Professional computers. All confidential company files are stored on a file server named TestKing1. The written company security states that all confidential data must be stored and transmitted in a secure manner. To comply with the security policy, you enable Encrypting File System (EFS) on the confidential files. You also add EFS certificates to the data decryption field (DDF) of the confidential files for the users who need to access them. While performing network monitoring, you notice that the confidential files that are stored on TestKing1 are being transmitted over the network without encryption. You must ensure that encryption is always used when the confidential files on TestKing1 are stored and transmitted over the network. What are two possible ways to accomplish this goal?() (Each correct answer presents a complete solution. Choose two)
A. Enable offline files for the confidential files that are stored on TestKing1, and select the Encrypt offline files to secure data check box on the client computers of the users who need to access the files.
B. Use IPSec encryption between TestKing1 and the client computers of the users who need to access the confidential files.
C. Use Server Message Block (SMB) signing between TestKing1 and the client computers of the users who need to access the confidential files.
D. Disable all LM and NTLM authentication methods on TestKing1.
E. Use IIS to publish the confidential files. Enable SSL on the IIS server. Open the files as a Web folder. -
单项选择题
You are the network administrator for TestKing. The network consists of a single Active Directory domain. All network servers run Windows Server 2003. A member server named TestkingA has a locally attached tape device. TestkingA contains several folders and files that are encrypted by using Encrypting File System (EFS). You create a new user account for a new employee named Victoria. Victorias user account is member of the Users group only. You need to ensure that Victoria can back up the encrypted folders and files on TestkingA. Victoria must be assigned the minimum administrative privileges needed to complete this task. What should you do?()
A. Add Victoria's domain user account to the Administrators group.
B. Add Victoria's user account to the Backup Operators group.
C. Assign the Allow - Full Control permission on the encrypted folders and files to Victoria.
D. Designate Victoria as a recovery agent for the encrypted files. -
单项选择题
You are the network administrator for TestKing. The network consists of a single Active Directory domain. All network servers run Windows Server 2003. Half of the client computers run Windows XP Professional, and the other half run Windows NT 4.0 Workstation. You install Terminal Services on three member servers named Testking1, Testking2, and Testking3. Each server has a single Pentium III 600-Mhz CPU with 512 MB of RAM and a single-channel EIDE disk subsystem. You place all three terminal servers in an organizational unit (OU) named Terminal Server. You link a Group Policy Object (GPO) to the Terminal Server OU. Several days after the installation, users report that the performance of all three terminal servers is unacceptably slow. You discover that each server has at least 50 active sessions at once. You need to improve the performance of all three terminal servers. You must achieve this goal by using the minimum amount of administrative effort, without upgrading any hardware. What should you do?()
A. Log on to the console of each terminal server. In the RDP-Tcp connection properties, set the Maximum connections option to 35.
B. Edit the GPO to set the Limit number of connections policy to 35.
C. Modify all domain user accounts to set the When a session limit is reached or broken user property to End session.
D. Edit the GPO to enable the Remove Disconnected option from shutdown dialog policy
