A.Link the GPO to the domain and enable System Events option
B.Link the GPO to the domain and enable Audit Object Access option
C.Link the GPO to the Domain Controllers and enable Audit Object Access option
D.Link the GPO to the Domain Controllers and enable Audit Process tracking option
E.Perform all of the above actions
您可能感兴趣的试卷
你可能感兴趣的试题
Certkiller .com has a software evaluation lab. There is a server in the evaluation lab named as CKT. CKT runs Windows Server 2008 and Microsoft Virtual Server 2005 R2. CKT has 200 virtual servers running on an isolated virtual segment to evaluate software. To connect to the internet, it uses physical network interface card.
Certkiller .com requires every server in the company to access Internet.
Certkiller .com security policy dictates that the IP address space used by software evaluation lab must not be used by other networks. Similarly, it states the IP address space used by other networks should not be used by the evaluation lab network. As an administrator you find you that the applications tested in the software evaluation lab need to access normal network to connect to the vendors update servers on the internet. You need to configure all virtual servers on the CKT server to access the internet. You also need to comply with company’s security policy.
Which two actions should you perform to achieve this task()
A.Trigger the Virtual DHCP server for the external virtual network and run ipconfig/renew command on each virtual server
B.On CKT’s physical network interface, activate the Internet Connection Sharing (ICS)
C.Use Certkiller .com intranet IP addresses on all virtual servers on CKT.
D.Add and install a Microsoft Loopback Adapter network interface on CKT. Use a new network interface and create a new virtual network.
E.None of the above
A.Execute Dsmod.exe
B.Use Active Directory Users and Computers
C.Use Active Directory Sites and Computers
D.Execute Ntdstuil.exe with -ato parameter
The corporate network of Certkiller consists of a Windows Server 2008 single Active Directory domain. The domain has two servers named Certkiller 1 and Certkiller 2.
To ensure central monitoring of events you decided to collect all the events on one server, Certkiller 1. To collect events from Certkiller
2. and transfer them to Certkiller 1, you configured the required event subscriptions.
You selected the Normal option for the Event delivery optimization setting by using the HTTP protocol. However, you discovered that none of the subscriptions work.
Which of the following actions would you perform to configure the event collection and event forwarding on the two servers()
A.Through Run window execute the winrm quickconfig command on Certkiller 2.
B.Through Run window execute the wecutil qc command on Certkiller 2.
C.Add the Certkiller 1 account to the Administrators group on Certkiller 2.
D.Through Run window execute the winrm quickconfig command on Certkiller 1.
E.Add the Certkiller 2 account to the Administrators group on Certkiller 1.
F.Through Run window execute the wecutil qc command on Certkiller 1.
Certkiller .com boosts a main office and 20 branch offices. Configured as a separate site, each branch office has a Read-Only Domain Controller (RODC) server installed.
Users in remote offices complain that they are unable to log on to their accounts.
What should you do to make sure that the cached credentials for user accounts are only stored in their local branch office RODC server()
A.Open the RODC computer account security tab and set Allow on the Receive as permission only for the users that are unable to log on to their accounts
B.Add a password replication policy to the main Domain RODC and add user accounts in the security group
C.Configure a unique security group for each branch office and add user accounts to the respective security group. Add the security groups to the password replication allowed group on the main RODC server
D.Configure and add a separate password replication policy on each RODC computer account
Certkiller .com has a network that is comprise of a single Active Directory Domain.
As an administrator at Certkiller .com, you install Active Directory Lightweight Directory Services (AD LDS) on a server that runs Windows Server 2008. To enable Secure Sockets Layer (SSL) based connections to the AD LDS server, you install certificates from a trusted Certification Authority (CA) on the AD LDS server and client computers.
Which tool should you use to test the certificate with AD LDS()
A.Ldp.exe
B.Active Directory Domain services
C.ntdsutil.exe
D.Lds.exe
E.wsamain.exe
F.None of the above
A.Delete all administrative accounts from the RODC’s group
B.Configure the permission to Deny on Receive for administrative accounts on the security tab for Group Policy Object (GPO)
C.Configure the administrative accounts to be added in the Domain RODC Password Replication Denied group
D.Add a new GPO and enable Account Lockout settings. Link it to the remote RODC server and on the security tab on GPO, check the Read Allow and the Apply group policy permissions for the administrators.
E.None of the above
A.Start the Audit Object Access option
B.Start the Audit System Events option
C.Start the Audit Logon Events option
D.Start the Audit process tracking option
E.All of the above
Certkiller is having an Active Directory Rights Management Service (AD RMS) server.
Users machines are running Windows Vista and an Active Directory domain is configured at Microsoft Windows Server 2003 functional level. Users are complaining that they cannot protect their documents. You need to configure AD RMS so that users are able to protect their documents.
What should you do()
A.Use a group policy to install the AD RMS client computers
B.Add the ADRMSADMIN account to the local administrators group on the computers
C.Add the ADRMSSRVC account to the local administrators on the AD RMS server
D.Establish an e-mail account in Active Directory Domain Services (AD DS) for each user
E.Upgrade the active directory domain to the functional level of Windows 2008 server
A.Raise the forest functional level of Forest2 to Windows Server 2003 Interim mode.
B.Raise the forest functional level of Forest2 to Windows Server 2003.
C.Upgrade the domain controllers in Forest2 to Windows Server 2008.
D.Upgrade the domain controllers in Forest2 to Windows Server 2003.
A.Clear the cache on DNS2.
B.Reload the zone on DNS1.
C.Refresh the zone on DNS2.
D.Export the zone from DNS1 and import the zone to DNS2
最新试题
Your network contains three Active Directory forest named Forest1, Forest2, and Forest3. Each forest contains three domains. A two-way forest trust exists between Forest1 and Forest2. A two-way forest trust exists between Forest2 and Forest3. You need to configure the forest to meet the following requirements Users in Forest3 must be able to access resources in Forest1. Users in Forest1 must be able to access resources in Forest3. The number of trusts must be minimized. What should you do()
Your network contains an Active Directory forest. All domain controllers run Windows Server 2008 Standard. The functional level of the domain is Windows Server 2003. You have a certification authority (CA). The relevant servers in the domain are configured as shown in the following table: Server name Operating system Server role Server1 Windows Server 2003 Enterprise root CA Server2 Windows Server 2008 Enterprise subordinate CA Server3 Windows Server 2008 R2 Web Server You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate Enrollment Web Service on the network. What should you do()
What should you do()
Your network contains an Active Directory domain named contoso.com. Contoso.com contains three servers.The servers are configure as shown in the following table. Server name Server roel Service Server1 Certification authority (CA) Server2 Certificate Enrollment Web Service Server3 Certificate Enrollment Policy Web Service You need to ensure that users can manually enroll and renew their certificates by using the Certificate Enrollment Web Service. Which two actions should you perform()
Your network contain 10 domain controller that run Windows Server R2. The network contain a member server that is configured to collect all of events that occur on the domain controllers. Your need to ensure that administrators are notified when a specific event occurs on any of the domain controllers. You want to achive the goal by using the minimum amount effort. What should you do()
Your network contains an Active Directory forest. The forest contains an Acitve Directory site for a remote office. The remote site contains a read-only domain controller (RODC). You need to configure the RODC to store only the password of users in the remote site. What should you do()
You have a domain controller named Server1 that runs Windows Server 2008 R2. You need to determine the size of the Active Directory database on Server1. What should you do()
Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()
Your network contains an Active Directory domain that contains five domain controllers. You have a management computer that runs Windows 7. From the Windows 7 computer, you need to view all account logon failures that occur in the domain. The information must be consolidated on one list. Which command should you run on each domain controller()
Your network contains an Active Directory domain named contoso.com. You have a management computer named Computer1 that runs Windows 7. You need to forward the logon events of all the domain controllers in contoso.com to Computer1. All new domain controllers must be dynamically added to the subscription. What should you do()