Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2.
Server1 has the Active Directory Federation Services (AD FS) Federation Service role service installed.
You plan to deploy AD FS 2.0 on Server2.
You need to export the token-signing certificate from Server1, and then import the certificate to Server2.
Which format should you use to export the certificate()
A.Base-64 encoded X.509 (.cer)
B.Cryptographic Message Syntax Standard PKCS #7 (.p7b)
C.DER encoded binary X.509 (.cer)
D.Personal Information Exchange PKCS #12 (.pfx)
您可能感兴趣的试卷
你可能感兴趣的试题
Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1. The Active Directory Federation Services (AD FS) role is installed on Server1.
Contoso.com is defined as an account store.
A partner company has a Web-based application that uses AD FS authentication. The partner company plans to provide users from contoso.com access to the Web application.
You need to configure AD FS on contoso.com to allow contoso.com users to be authenticated by the
partner company.
What should you create on Server1()
A.a new application
B.a resource partner
C.an account partner
D.an organization claim
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 has the Active Directory Federation Services (AD FS) role installed.
You have an application named App1 that is configured to use Server1 for AD FS authentication.
You deploy a new server named Server2. Server2 is configured as an AD FS 2.0 server.
You need to ensure that App1 can use Server2 for authentication.
What should you do on Server2()
A.Add an attribute store.
B.Create a relying party trust.
C.Create a claims provider trust.
D.Create a relaying provider trust.
You deploy a new Active Directory Federation Services (AD FS) federation server.
You request new certificates for the AD FS federation server.
You need to ensure that the AD FS federation server can use the new certificates.
To which certificate store should you import the certificates()
A.Computer
B.IIS Admin Service service account
C.Local Administrator
D.World Wide Web Publishing Service service account
You deploy an Active Directory Federation Services (AD FS) Federation Service Proxy on a server named Server1.
You need to configure the Windows Firewall on Server1 to allow external users to authenticate by using AD FS.
Which inbound TCP port should you allow on Server1()
A.88
B.135
C.443
D.445
Your network contains a single Active Directory domain. The domain contains five read-only domain
controllers (RODCs) and five writable domain controllers. All servers run Windows Server 2008.
You plan to install a new RODC that runs Windows Server 2008 R2.
You need to ensure that you can add the new RODC to the domain. You want to achieve this goal by using the minimum amount of administrative effort.
Which two actions should you perform()
A.At the command prompt, run adprep.exe /rodcprep.
B.At the command prompt, run adprep.exe /forestprep.
C.At the command prompt, run adprep.exe /domainprep.
D.From Active Directory Domains and Trusts, raise the functional level of the domain.
E.From Active Directory Users and Computers, pre-stage the RODC computer account.
Your company has a main office and a branch office. The branch office has an Active Directory site that contains a read-only domain controller (RODC).
A user from the branch office reports that his account is locked out.
From a writable domain controller in the main office, you discover that the users account is not locked out.
You need to ensure that the user can log on to the domain.
What should you do()
A.Modify the Password Replication Policy.
B.Reset the password of the user account.
C.Run the Knowledge Consistency Checker (KCC) on the RODC.
D.Restore network communication between the branch office and the main office.
Your network contains an Active Directory domain named contoso.com.
The network has a branch office site that contains a read-only domain controller (RODC) named RODC1.
RODC1 runs Windows Server 2008 R2.
A user named User1 logs on to a computer in the branch office site.
You discover that the password of User1 is not stored on RODC1.
You need to ensure that User1’s password is stored on RODC1.
What should you modify()
A.the Member Of properties of RODC1
B.the Member Of properties of User1
C.the Security properties of RODC1
D.the Security properties of User1
Your company has a main office and a branch office. The network contains an Active Directory domain.
The main office contains a writable domain controller named DC1. The branch office contains a read-only domain controller (RODC) named DC2.
You discover that the password of an administrator named Admin1 is cached on DC2. You need to prevent Admin1s password from being cached on DC2.
What should you do()
A.Modify the NTDS Site Settings.
B.Modify the properties of the domain.
C.Create a Password Setting object (PSO).
D.Modify the properties of DC2s computer account.
Your network contains an Active Directory domain. The domain contains two sites named Site1 and Site2. Site1 contains four domain controllers. Site2 contains a read-only domain controller (RODC).
You add a user named User1 to the Allowed RODC Password Replication Group.
The WAN link between Site1 and Site2 fails.
User1 restarts his computer and reports that he is unable to log on to the domain.
The WAN link is restored and User1 reports that he is able to log on to the domain. You need to prevent the problem from reoccurring if the WAN link fails.
What should you do()
A.Create a Password Settings object (PSO) and link the PSO to User1’s user account.
B.Create a Password Settings object (PSO) and link the PSO to the Domain Users group.
C.Add the computer account of the RODC to the Allowed RODC Password Replication Group.
D.Add the computer account of User1’s computer to the Allowed RODC Password Replication Group.
You install a read-only domain controller (RODC) named RODC1.
You need to ensure that a user named User1 can administer RODC1. The solution must minimize the number of permissions assigned to User1.
Which tool should you use()
A.Active Directory Administrative Center
B.Active Directory Users and Computers
C.Dsadd
D.Dsmgmt
最新试题
Your network contain 10 domain controller that run Windows Server R2. The network contain a member server that is configured to collect all of events that occur on the domain controllers. Your need to ensure that administrators are notified when a specific event occurs on any of the domain controllers. You want to achive the goal by using the minimum amount effort. What should you do()
Your network contains an Active Directory domain controller named DC1. DDC1 runs Windows Server 2008 R2. You need to defragment the Active Directory database on DC1. The solution must minimize downtime on DC1. What should you do first()
Your network contains an Active Directory domain. The domain contains a group named Group1. The minimum password lenght for the domain is set to six characters. you need to ensure that the passwords for all users in Group1 are at least 10 characters long. All other users must be able to use passwords that are six characters long. What should you do first()
You have an enterprise subordinate certification authority (CA) configured for key archival. Three key recovery agent certificates are issued. The CA is configured to use two recovery agents. You need to ensure that all of the recovery agent certificates can be used to recover all new private keys. What should you do()
You have a domain controller named Server1 that runs Windows Server 2008 R2. You need to determine the size of the Active Directory database on Server1. What should you do()
Your network contains an Active Directory domain named contoso.com. You have a management computer named Computer1 that runs Windows 7. You need to forward the logon events of all the domain controllers in contoso.com to Computer1. All new domain controllers must be dynamically added to the subscription. What should you do()
Your network contains an Active Directory domain named contoso.com. Contoso.com contains a member server that runs Windows Serever 2008 Standart. You need to install an enterprise subordinate certification authority (CA) that support private key archival. You must achieve this goal by using the minimum amount of administrative effort.What do you do first()
You create a new Active Directory domain. The functional level of the domain is Windows Server 2008 R2. The domain contains five domain controllers. You need to monitor the replication of the group policy template files. Which tool should you use()
Your network contains an Active Directory domain that contains five domain controllers. You have a management computer that runs Windows 7. From the Windows 7 computer, you need to view all account logon failures that occur in the domain. The information must be consolidated on one list. Which command should you run on each domain controller()
You have Active Directory Certificate Services (AD CS) deployed. You create a custom certificate template. You need to ensure that all of the users in the domain automatically enroll for a certificate based on the custom certificate template. Which two actions should you perform()