多项选择题

Your company has two domain controllers named DC1 and DC2. DC1 host all domain and forest operations master roles. 
DC1 fails. 
You need to rebuild DC1 by reinstalling the operating system. Youn also need to rollback all operations master roles to their original state. You perform a metadate cleanup and remove all references of DC1. Which three actions should you perform next()

A.A
B.B
C.C
D.D
E.E
F.F

点击查看答案

您可能感兴趣的试卷

你可能感兴趣的试题

1.单项选择题Your company has three Active Directory domains in a single forest. You install a new Active Directory enabled application. The application ads new user attributes to the Active Directory schema. You discover that the Active Directory replication traffic to the Global Catalogs has increased. You need to prevent the new attributes from being replicated to the Global Catalog. You must achieve this goal without affecting application functionality. What should you do()

A.Change the replication interval for the DEFAULTIPSITELINK object to 9990.
B.Change the cost for the DEFAULTIPSITELINK object to 9990.
C.Make the new attributes in the Active Directory as defunct.
D.Modify the properties in the Active Directory schema for the new attributes.

点击查看答案
2.单项选择题You need to deploy a read-only domain controller (RODC) that runs Windows Server 2008. What is the minimal forest functional level that you should use()

A.Windows Server 2008
B.Windows Server 2003 Interim mode
C.Windows 2000 Native mode
D.Windows Server 2003 Native mode

点击查看答案
3.单项选择题Your company has an Active Directory domain. You install an Enterprise Root certification authority (CA) on a member server named Server1. You need to ensure that only the Security Manager is authorized to revoke certificates that are supplied by Server1. What should you do()

A.Remove the Request Certificates permission from the Domain Users group.
B.Remove the Request Certificated permission from the Authenticated Users group.
C.Assign the Allow - Manage CA permission toonly  the Security Manager user Account.
D.Assign the Allow - Issue and Manage Certificates permission to only the Security Manger user account

点击查看答案
4.单项选择题Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008. Auditing is configured to log changes made to the Managed By attribute on group objects in an organizational unit named OUI. You need to log changes made to the Description attribute on all group objects in OUI only. What should you do()

A.Run auditpol.exe.
B.Modify the auditing entry for OUI.
C.Modify the auditing entry for the domain.
D.Create a new Group PolicyObject (GPO). Enable Audit account management policy setting. Link the GPO to OUI.

点击查看答案
5.单项选择题You want users to log on to Active Directory by using a new Principal Name (UPN). You need to modify the UPN suffix for all user accounts. Which tool should you use()

A.Dsmod
B.Netdom
C.Redirusr
D.Active Directory Domains and Trusts

点击查看答案
6.单项选择题You have a Windows Server 2008 that has the Active Directory Certificate Services server role installed. You need to minimize the amount of time it takes to download a certificate revocation list (CRL). What should you do()

A.Install and configure an Online Responder.
B.Install and configure an addtional domain controller.
C.Import the Root CA certificate into the Trusted Root Certification Authorities on all client workstations.
D.Import the Issuing CA certificate into the Trusted Root Certification Authorities on all client workstations.

点击查看答案
7.单项选择题Your company has an Active Directory domain. All servers run Windows Server 2008. Your company uses an ENterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()

A.Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.
B.Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.
C.Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group object.
D.Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.

点击查看答案
8.单项选择题Your company has an Active Directory domain. You install a new domain controller in the domain. Twenty users report that they are unable to log on to the domain. You need to register the SRV records. Which command should you run on the new domain controller()

A.Run the netsh interface reset command.
B.Run the ipconfig /flushdns command.
C.Run the dnscmd /EnlistDirectoryPartition command.
D.Run the sc stop netlogon command followed by the sc start netlogon command.

点击查看答案
9.单项选择题Your network consists of an Active Directory forest that contains two domains. All servers run WindowsServer 2008. All domain controllers are configured as DNS Servers. You have a standard primary zone for dev.contoso.com that is stored on a member server. You need to ensure that all domain controllers can resolve names from the dev.contoso.com zone. What should you do()

A.On the member server, create a stub zone.
B.On the memeber server, create a NS record for each domain controller.
C.On one domain controller, create a conditional forwarder. Configure the conditional forwarder to replicate to all DNS servers in the forest.
D.On one domain controller, create a conditional forwarder. Configure the conditional forwarder to replicate to all DNS servers in the domain.

点击查看答案
10.多项选择题You need to ensure that users who enter three successive invalid passwords within 5 minutes are locked out for five minutes. Which threeactions should you perform()

A.Set the Minimun password age setting to one day.
B.Set the Maximum password age setting to one day.
C.Set the Account lockout duration setting to 5 minutes.
D.Set the Reset account lockout counter after setting to 5 minutes.
E.Set the Account lockout threshold setting to 3 invalid logon attempts.
F.Set the Enforce password history setting to 3 passswords remembered.

点击查看答案

最新试题

Your network contains an Active Directory domain.  A user named User1 takes a leave of absence for one year.  You need to restrict access to the User1 user account while User1 is away.    What should you do()

题型:单项选择题

Your network contain 10 domain controller that run Windows Server    R2.  The network contain a member server that is configured to collect all of events that occur on the  domain controllers.  Your need to ensure that administrators are notified when a specific event occurs on any of the  domain controllers. You want to achive the goal by using the minimum amount effort.  What should you do()

题型:单项选择题

Your network contains an Active Directory domain named contoso.com. The domain contains five  domain controllers.You add a logoff script to an existing Group Policy object (GPO). You need to verify that each  domain controller successfully replicates the updated group policy.    Which two objects should you verify on each domain controller()

题型:多项选择题

Your network contains an Active Directory forest. The forest contains an Acitve Directory site for a  remote office. The remote site contains a read-only domain controller (RODC).    You need to configure the RODC to store only the password of users in the remote site.    What should you do()

题型:单项选择题

You create a new Active Directory domain. The functional level of the domain is Windows Server  2008 R2.  The domain contains five domain controllers. You need to monitor the replication of the group  policy template files. Which tool should you use()

题型:单项选择题

Active Directory Rights Management Services (AD RMS) is deployed on your network.    You need to configure AD RMS to use Kerberos authentication.  Which two actions should you perform()

题型:多项选择题

Your company has four offices.  The network contains a single Active Directory domain.  Each office has domain controller. Each office has an organitational unit (OU) that contains the  user accounts for the users in that office.  In each office, support technicians perform basic troubleshooting for the users in their respective  office.  You need to ensure that the support technicians can reset the password for the user accounts in  their respective office only. The solution must prevent the thechnicians from creating user  accounts.  What shoul you do()

题型:单项选择题

You install a standalone root certification authority (CA) on a server named Server1.  You need to ensure that every computer in the forest has a copy of the root CA certificate  installed in the local computer’s Trusted Root Certification Authorities store.    Which command should you run on Server1()

题型:单项选择题

You have an enterprise subordinate certification authority (CA). You have a custom certificate  template that has a key length of 1,024 bits. The template is enabled for autoenrollment.    You increase the template key length to 2,048 bits.  You need to ensure that all current certificate holders automatically enroll for a certificate that  uses the new template.    Which console should you use()

题型:单项选择题

Your network contains an Active Directory forest. The forest contains two domains. You have a  standalone root certification authority (CA).    On a server in the child domain, you run the Add Roles Wizard and discover that the option to  select an enterprise CA is disabled.    You need to install an enterprise subordinate CA on the server.    What should you use to log on to the new server()

题型:单项选择题