Your company has a server named FS1. FS1 hosts the domain-based DFS namespace named \\contoso.com\dfs. All domain users store their data in subfolders within the DFS namespace. You need to prevent all users, except administrators, from creating new folders or new files at the root of the \\contoso.com\dfs share.
What should you do?()
A. Run the dfscmd.exe \\FS1\dfs /restore command on FS1.
B. Configure the NTFS permissions for the C:\DFSroots\dfs folder on FS1. Set the Create folders/append data special permission to Deny for the Authenticated Users group. Set the Full Control permission to Allow for the Administrators group.
C. Start the Delegate Management Permissions Wizard for the DFS namespace named \\contoso.com\dfs. Remove all groups that have the permission type Explicit except the Administrators group.
D. Configure the \\FS1\dfs shared folder permissions. Set the permissions for the Authenticated Users group to Reader. Set the permissions for the Administrators group to Co-owner.
您可能感兴趣的试卷
你可能感兴趣的试题
Your company has Active Directory Certificate Services (AD CS) and Network Access Protection (NAP) deployed on the network.You need to ensure that NAP policies are enforced on portable computers that use a wireless connection to access the network.
What should you do?()
A. Configure all access points to use 802.1X authentication.
B. Configure all portable computers to use MS-CHAP v2 authentication.
C. Use the Group Policy Management Console to access the wireless Group Policy settings, and enable the Prevent connections to ad-hoc networks option.
D. Use the Group Policy Management Console to access the wireless Group Policy settings, and disable the Prevent connections to infrastructure networks option.
Your company has deployed Network Access Protection (NAP).You configure secure wireless access to the network by using 802.1X authentication from any access point.You need to ensure that all client computers that access the network are evaluated by NAP.
What should you do?()
A. Configure all access points as RADIUS clients to the Remediation Servers.
B. Configure all access points as RADIUS clients to the Network Policy Server (NPS).
C. Create a Network Policy that defines Remote Access Server as a network connection method.
D. Create a Network Policy that specifies EAP-TLS as the only available authentication method.
A. Create a Group Policy object (GPO) that enables Security Center and link the policy to the domain.
B. Create a Group Policy object (GPO) that enables Security Center and link the policy to the Domain Controllers organizational unit (OU).
C. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the domain.
D. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the Domain Controllers organizational unit (OU).
Your company uses Network Access Protection (NAP) to enforce policies on client computers that connect to the network. Client computers run Windows 7. A Group Policy is used to configure client computers to obtain updates from Windows Server Update Services (WSUS).Company policy requires that updates labeled Important and Critical must be applied before client computers can access network resources.You need to ensure that client computers meet the company policy requirement.
What should you do?()
A. Enable automatic updates on each client.
B. Enable the Security Center on each client.
C. Quarantine clients that do not have all available security updates installed.
D. Disconnect the connection until the required updates are installed.
Your company's corporate network uses Network Access Protection (NAP).Users are able to connect to the corporate network remotely.You need to ensure that data transmissions between remote client computers and the corporate network are as secure as possible.
What should you do?()
A. Apply an IPsec NAP policy.
B. Configure a NAP policy for 802.1X wireless connections.
C. Configure VPN connections to use MS-CHAP v2 authentication.
D. Restrict Dynamic Host Configuration Protocol (DHCP) clients by using NAP.
Network Access Protection (NAP) is configured for the corporate network. Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.
What should you do?()
A. Create an IPsec Enforcement Network policy.
B. Create an 802.1X Enforcement Network policy.
C. Create a Wired Network (IEEE 802.3) Group policy.
D. Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.
Your network contains a server that runs Windows Server 2008 R2. The server has the Network Policy and Access Services server role installed. You need to allow only members of a global group named Group1 VPN access to the network.
What should you do? ()
A. Add Group1 to the RAS and IAS Servers group.
B. Add Group1 to the Network Configuration Operators group.
C. Create a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 1.
D. Create a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 3.
You deploy a Windows Server 2008 R2 VPN server behind a firewall. Remote users connect to theVPN by using portable computers that run Windows 7. The firewall is configured to allow only secured Web communications.You need to enable remote users to connect as securely as possible. You must achieve this goal without opening any additional ports on the firewall.
What should you do?()
A. Create an IPsec tunnel.
B. Create an SSTP VPN connection.
C. Create a PPTP VPN connection.
D. Create an L2TP VPN connection.
Your network contains one Active Directory domain. You have a member server named Server1 that runs Windows Server 2008 R2. The server has the Routing and Remote Access Services role service installed.You implement Network Access Protection (NAP) for the domain.You need to configure the Point-to-Point Protocol (PPP) authentication method on Server1.
Which authentication method should you use?()
A. Challenge Handshake Authentication Protocol (CHAP)
B. Extensible Authentication Protocol (EAP)
C. Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2)
D. Password Authentication Protocol (PAP)
Your company has 10 servers that run Windows Server 2008 R2. The servers have Remote Desktop Protocol (RDP) enabled for server administration. RDP is configured to use default security settings. All administrators' computers run Windows 7. You need to ensure the RDP connections are as secure as possible.
Which two actions should you perform?()
A. Set the security layer for each server to the RDP Security Layer.
B. Configure the firewall on each server to block port 3389.
C. Acquire user certificates from the internal certification authority.
D. Configure each server to allow connections only to Remote Desktop client computers that use Network Level Authentication.
最新试题
Your company has a network that has an Active Directory domain. The domain has two servers named DC1 and DC2. You plan to collect events from DC2 and transfer them to DC1. You configure the required subscriptions by selecting the Normal option for the Event delivery optimization setting and by using the HTTP protocol.You discover that none of the subscriptions work.You need to ensure that the servers support the event collectors.Which three actions should you perform?()
You have a server that runs Windows Server 2008 R2.You create a new quota template. You apply quotas to 100 folders by using the quota template.You need to modify the quota settings for all 100 folders. You must achieve this goal by using the minimum amount of administrative effort.What should you do?()
Your company runs Windows Server Update Services (WSUS) on a server named Server1. Server1runs Windows Server 2008 R2. Server1 is located on the company intranet. You configure the WSUS Web site to use SSL.You need to configure a Group Policy object (GPO) to specify the intranet update locations.Which URLs should you use?()
Your company has a main office and one branch office. The main office has a print server named Printer1. The branch office has a print server named Printer2. Printer1 manages 15 printers and Printer2 manages seven printers. You add Printer2 to the Print Management console on Printer1. You need to send an automatic notification when a printer is not available. What should you do?()
Your company has users who connect remotely to the main office though a Windows Server 2008 VPN server. You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00. What should you do()?
Your company has a server named DC1 that runs Windows Server 2008 R2. Server1 has the DHCPServer server role installed.You find that a desktop computer named Computer1 is unable to obtain an IP configuration from the DHCP server.You install the Microsoft Network Monitor 3.0 application on Server1. You enable P-mode in the Network Monitor application configuration. You plan to capture only the DHCP server-related traffic between Server1 and Computer1.The network interface configuration for the two computers is shown in the following table.Server1 Computer1IP address 192.168.2.1 169.254.15.84MAC address 00-0A-5E-1C-7F-67 00-17-31-D5-5E-FFYou need to build a filter in the Network Monitor application to capture the DHCP traffic between Server1and Computer1.Which filter should you use?()
You deploy Windows Server 2008 VPN server behind a firewall. Remote users connect to the VPN by using portable computers that run Windows Vista with the latest service pack. The firewall is configured to allow only secured web communications. You need to enable remote users to connect as securely as possible. you must achieve this goal without opening any additional ports on the firewall. What should you do ()?
Your company has a network that has 100 servers. You install a new server that runs Windows Server 2008. The server has the Web Server (IIS) role installed. You discover that the Reliability Monitor has no data, and that the system stablitiy chare has never been updated. You nede to configure the server to collect the reliability monitor data. What should you do()?
Your company has a network that has 100 servers. You install a new server that runs Windows Server 2008 R2. The server has the Web Server (IIS) server role installed. After a week, you discover that the Reliability Monitor has no data, and that the Systems Stability chart has never been updated.You need to configure the server to collect the Reliability Monitor data.What should you do?()
You install WSUS on a server that runs Windows Server 2008. You need to ensure that the traffic between the WSUS administrative web site and the server administrators computer is encrypted What should you do()?