You network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2.
You need to reset the Directory Services Restore Mode (DSRM) password on a domain controller. What tool should you use()
A.dsmod
B.ntdsutil
C.Local Users and Groups snap-in
D.Active Directory Users and Computers snap-in
您可能感兴趣的试卷
你可能感兴趣的试题
Your company has a domain controller server that runs the Windows Server 2008 R2 operating system. The server is a backup server. The server has a single 500-GB hard disk that has three partitions for the operating system, applications, and data. You perform daily backups of the server.
The hard disk fails. You replace the hard disk with a new hard disk of the same capacity. You restart the computer on the installation media. You select the Repair your computer option. You need to restore the operating system and all files.
What should you do()
A.Select the System Image Recovery option.
B.Run the Imagex utility at the command prompt.
C.Run the Wbadmin utility at the command prompt.
D.Run the Rollback utility at the command prompt.
Your company has an Active Directory domain that runs Windows Server 2008 R2. The Sales OU
contains an OU for Computers, an OU for Groups, and an OU for Users. You perform nightly backups. An administrator deletes the Groups OU.
You need to restore the Groups OU without affecting users and computers in the Sales OU.
What should you do()
A.Perform an authoritative restore of the Sales OU.
B.Perform an authoritative restore of the Groups OU.
C.Perform a non-authoritative restore of the Groups OU.
D.Perform a non-authoritative restore of the Sales OU.
You have a domain controller that runs Windows Server 2008 R2. The Windows Server Backup
feature is installed on the domain controller.
You need to perform a non-authoritative restore of the domain controller by using an existing backup file. What should you do()
A.Restart the domain controller in Directory Services Restore Mode. Use the WBADMIN command to perform a critical volume restore.
B.Restart the domain controller in Directory Services Restore Mode. Use the Windows Server Backup snap-in to perform a critical volume restore.
C.Restart the domain controller in safe mode. Use the Windows Server Backup snap-in to perform a critical volume restore.
D.Restart the domain controller in safe mode. Use the WBADMIN command to perform a critical volume restore.
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. Auditing is configured to log changes made to the Managed By attribute on group objects in an organizational unit named OU1.
You need to log changes made to the Description attribute on all group objects in OU1 only. What should you do()
A.Run auditpol.exe.
B.Modify the auditing entry for OU1.
C.Modify the auditing entry for the domain.
D.Create a new Group Policy object (GPO). Enable the Audit account management policy setting. Link the GPO to OU1.
A.Enable the Audit account management policy in the Default Domain Controller Policy.
B.Run auditpol.exe and then configure the Security settings of the Domain Controllers OU.
C.Run auditpol.exe and then enable the Audit directory service access setting in the Default Domain policy.
D.From the Default Domain Controllers policy, enable the Audit directory service access setting and enable directory service changes.
Your company has file servers located in an organizational unit named Payroll. The file servers contain payroll files located in a folder named Payroll.
You create a GPO.
You need to track which employees access the Payroll files on the file servers. What should you do()
A.Enable the Audit object access option. Link the GPO to the Payroll organizational unit. On the file servers, configure Auditing for the Everyone group in the Payroll folder.
B.Enable the Audit object access option. Link the GPO to the domain. On the domain controllers, configure Auditing for the Authenticated Users group in the Payroll folder.
C.Enable the Audit process tracking option. Link the GPO to the Domain Controllers organizational unit. On the file servers, configure Auditing for the Authenticated Users group in the Payroll folder.
D.Enable the Audit process tracking option. Link the GPO to the Payroll organizational unit. On the file servers, configure Auditing for the Everyone group in the Payroll folder.
Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering.
You need to create a password policy for the engineering department that is different from your domain password policy.
What should you do()
A.Create a new GPO. Link the GPO to the Engineering OU.
B.Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the Engineering OU.
C.Create a global security group and add all the user accounts for the engineering department to the group. Create a new Password Policy Object (PSO) and apply it to the group.
D.Create a domain local security group and add all the user accounts for the engineering department to the group. From the Active Directory Users and Computer console, select the group and run the Delegation of Control Wizard.
A.Modify the properties of the user account to set the account to never expire.
B.Modify the properties of the user account to extend the Logon Hours setting.
C.Modify the properties of the user account to set the password to never expire.
D.Modify the default domain policy to decrease the account lockout duration.
You need to ensure that users who enter three successive invalid passwords within 5 minutes are
locked out for 5 minutes.
Which three actions should you perform()
A.Set the Minimum password age setting to one day.
B.Set the Maximum password age setting to one day.
C.Set the Account lockout duration setting to 5 minutes.
D.Set the Reset account lockout counter after setting to 5 minutes.
E.Set the Account lockout threshold setting to 3 invalid logon attempts.
F.Set the Enforce password history setting to 3 passwords remembered.
The default domain GPO in your company is configured by using the following account policy settings:
( Minimum password length: 8 characters .Maximum password age: 30 days.
Enforce password history: 12 passwords remembered .Account lockout threshold: 3 invalid logon attempts .Account lockout duration: 30 minutes
You install Microsoft SQL Server on a computer named Server1 that runs Windows Server 2008 R2. The SQL Server application uses a service account named SQLSrv. The SQLSrv account has domain user rights.
The SQL Server computer fails after running successfully for several weeks. The SQLSrv user account is not locked out.
You need to resolve the server failure and prevent recurrence of the failure.
Which two actions should you perform()
A.Reset the password of the SQLSrv user account.
B.Configure the local security policy on Server1 to grant the Logon as a service right on the SQLSrv user
C.Configure the properties of the SQLSrv account to Password never expires.
D.Configure the properties of the SQLSrv account to User cannot change password.
E.Configure the local security policy on Server1 to explicitly grant the SQLSrv user account the allow logon locally user right.
最新试题
Your network contains an Active Directory domain that has two sites. You need to identify whether logon scripts are replicated to all domain controllers. Which folder should you verify()
Your network contains an Active Directory domain. The domain contains a group named Group1. The minimum password lenght for the domain is set to six characters. you need to ensure that the passwords for all users in Group1 are at least 10 characters long. All other users must be able to use passwords that are six characters long. What should you do first()
You have a domain controller named Server1 that runs Windows Server 2008 R2. You need to determine the size of the Active Directory database on Server1. What should you do()
Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()
Your network contains an Active Directory domain that contains five domain controllers. You have a management computer that runs Windows 7. From the Windows 7 computer, you need to view all account logon failures that occur in the domain. The information must be consolidated on one list. Which command should you run on each domain controller()
Your network contains an Active Directory domain named contoso.com. Contoso.com contains a member server that runs Windows Serever 2008 Standart. You need to install an enterprise subordinate certification authority (CA) that support private key archival. You must achieve this goal by using the minimum amount of administrative effort.What do you do first()
You create a new Active Directory domain. The functional level of the domain is Windows Server 2008 R2. The domain contains five domain controllers. You need to monitor the replication of the group policy template files. Which tool should you use()
Your company has four offices. The network contains a single Active Directory domain. Each office has domain controller. Each office has an organitational unit (OU) that contains the user accounts for the users in that office. In each office, support technicians perform basic troubleshooting for the users in their respective office. You need to ensure that the support technicians can reset the password for the user accounts in their respective office only. The solution must prevent the thechnicians from creating user accounts. What shoul you do()
You remotely monitor several domain controllers. You run winrm.exe quickconfig on each domain controller. You need to create a WMI script query to retrieve information from the bios of each domain controller. Which format should you use to write the query()
You have an enterprise subordinate certification authority (CA). You have a custom Version 3 certificate template. Users can enroll for certificates based on the custom certificate template by using the Certificates console. The certificate template is unavailable for Web enrollment. You need to ensure that the certificate template is available on the Web enrollment pages. What should you do()