Certkiller .com has a main office and a branch office. Certkiller .com’s network consists of a single Active Directory forest. Some of the servers in the network run Windows Server 2008 and the rest run Windows server 2003.
You are the administrator at Certkiller .com. You have installed Active Directory Domain Services (AD DS) on a computer that runs Windows Server 2008. The branch office is located in a physically insecure place. It has not IT personnel onsite and there are no administrators over there. You need to setup a Read-Only Domain Controller (RODC) on the Server Core installation computer in the branch office. What should you do to setup RODC on the computer in branch office()
A.Execute an attended installation of AD DS
B.Execute an unattended installation of AD DS
C.Execute RODC through AD DS
D.Execute AD DS by using deploying the image of AD DS
E.none of the above
您可能感兴趣的试卷
你可能感兴趣的试题
Certkiller .com boosts a two-node Network Load Balancing cluster which is called web. CK1 .com. The purpose of this cluster is to provide load balancing and high availability of the intranet website only. With monitoring the cluster, you discover that the users can view the Network Load Balancing cluster in their Network Neighborhood and they can use it to connect to various services by using the name web. CK1 .com.
You also discover that there is only one port rule configured for Network Load Balancing cluster.
You have to configure web. CK1 .com NLB cluster to accept HTTP traffic only. Which two actions should you perform to achieve this objective()
A.Create a new rule for TCP port 80 by using the Network Load Balancing Cluster console
B.Run the wlbs disable command on the cluster nodes
C.Assign a unique port rule for NLB cluster by using the NLB Cluster console
D.Delete the default port rules through Network Load Balancing Cluster console
As the Certkiller administrator you had installed a read-only domain controller (RODC) server at remote location.
The remote location doesn’t provide enough physical security for the server.
What should you do to allow administrative accounts to replicate authentication information to Read-Only Domain Controllers()
A.Remove any administrative accounts from RODC’s group
B.Add administrative accounts to the domain Allowed RODC Password Replication group
C.Set the Deny on Receive as permission for administrative accounts on the RODC computer account security tab for the Group Policy Object (GPO)
D.Configure a new Group Policy Object (GPO) with the Account Lockout settings enabled. Link the GPO to the remote location. Activate the Read Allow and the Apply group policy Allow permissions for the administrators on the Security tab for the GPO.
E.None of the above
A.Configure the GPO to assign the application to the computer account. Link the SalesAPP GPO to the domain.
B.Configure the GPO to assign the application to the user account. Link the SalesAPP GPO to the Sales organizational unit in each location.
C.Configure the GPO to publish the application to the user account. Link the SalesAPP GPO to the Sales organizational unit in each location.
D.Configure the GPO to assign the application to the computer account. Link the SalesAPP GPO to the Sales organizational unit in each location.
A.From the Schema snap-in, create multiple class schema objects.
B.From the ADSI Edit snap-in, create multiple Password Setting objects.
C.From the Security Configuration Wizard, create multiple security policies.
D.From the Group Policy Management snap-in, create multiple Group Policy objects.
A.Select the Startup repair option.
B.Select the System restore option.
C.Run the Rollback utility at the command prompt.
D.Run the Wbadmin utility at the command prompt.
A.Run Event Viewer.
B.View the Netlogon.log file.
C.Run the Security and Configuration Wizard.
D.View the Security tab on the domain controller computer object.
A.Perform an authoritative restore of the Sales OU.
B.Perform an authoritative restore of the Groups OU.
C.Perform a non-authoritative restore of the Groups OU.
D.Perform a non-authoritative restore of the Sales OU.
A.Run the netdom remove DC1 command
B.Run the nltest /remove_server: DC1 command
C.Run the Dcpromo utility. Remove the Active Directory Domain Services role.
D.Reset the Domain Controller computer account by using the Active Directory Users and Computers utility.
A.configure event log subscriptions.
B.Start the System Performance data collector set.
C.start the Active Directory Diagnostics data collector set.
D.Install Network Monitor and create a new a new capture.
A.Configure auditing in the Certification Services snap-in.
B.Enable auditing of successful and failed attempts to change permissions on files in the %SYSTEM32% \CertSrv directory.
C.Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%\CertLog directory.
D.Enable the Audit object access setting in the Local Security Policy for the Certification Services server.
最新试题
Your network contains three Active Directory forest named Forest1, Forest2, and Forest3. Each forest contains three domains. A two-way forest trust exists between Forest1 and Forest2. A two-way forest trust exists between Forest2 and Forest3. You need to configure the forest to meet the following requirements Users in Forest3 must be able to access resources in Forest1. Users in Forest1 must be able to access resources in Forest3. The number of trusts must be minimized. What should you do()
Your network contain 10 domain controller that run Windows Server R2. The network contain a member server that is configured to collect all of events that occur on the domain controllers. Your need to ensure that administrators are notified when a specific event occurs on any of the domain controllers. You want to achive the goal by using the minimum amount effort. What should you do()
You have an enterprise subordinate certification authority (CA). The CA is configured to use a hardware security module. You need to back up Active Directory Certificate Services on the CA. Which command should you run()
Your network contains an Active Directory domain that has two sites. You need to identify whether logon scripts are replicated to all domain controllers. Which folder should you verify()
Your network contains an Active Directory forest. The forest contains two domain controllers. The domain controllers are configured as shown in the following table. All client computers run Windows 7. You need to ensure that all client computers in the domain keep the same time as an external time server. What should you do()
Your network contains an Active Directory domain. A user named User1 takes a leave of absence for one year. You need to restrict access to the User1 user account while User1 is away. What should you do()
You need to compact an Active Directory database on a domain controller that runs windows Server 2008 R2. What should you do()
Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()
Your network contains an Active Directory domain named contoso.com. All domain controllers and member servers run Windows Server 2008. All client computer run Windows 7. From a client computer, you create an audit policy by using the Advanced Audit Policy Configuration settings in the Default Domain Policy Group Policy object (GPO). You discover that the audit policy is not applied to the member servers. The audit policy is applied to the client computers. You need to ensure that the audit policy is applied to all member servers and all client computers. What should you do()
You have an enterprise subordinate certification authority (CA). You have a group named Group1. You need to allow members of Group1 to publish new certificate revocation lists. Members of Group1 must not be allowed to revoke certificates. What should you do()