Your network contains two Active Directory forests named contoso.com and nwtraders.com. A two-way forest trust exists between contoso.com and nwtraders.com. The forest trust is configured to use selective authentication.
Contoso.com contains a server named Server1. Server1 contains a shared folder named Marketing. Nwtraders.com contains a global group named G_Marketing. The Change share permission and the Modify NTFS permissions for the Marketing folder are assignes to the G_Marketing group.
Members of G_Marketing report that they cannot accesss the Marketing folder.
You need to ensure that the G_Marketing members can accesss the folder from the network.
What should you do()
A.From Windows Explorer, modify the NTFS permissions of the folder
B.From Windows Explorer, modify the share permissions of the folder
C.From Active Directory Users and Computers, modify the computer object for Server1
D.From Active Directory Users and Computers, modify the group object for G_Marketing
您可能感兴趣的试卷
你可能感兴趣的试题
Your network contains an Active Directory domain. The domain contains 1000 user accounts. You have a list that contains the mobile phone number of each user You need to add the mobile number of each user to Active Directory.
What should you do()
A.Create a file that contains the mobile phone numbers, and then run ldifde.exe
B.Create a fila that contains the mobile phone numbers, and then run csvde.exe
C.From Adsiedit, select the CN=Users container, and then mofify the properties of the container.
D.From Active Directory Users and Computers, select all of the users, and then modify the properties of the users.
Your network contains an Active Directory domain named contoso.com. All domain controllers and member servers run Windows Server 2008. All client computer run Windows 7. From a client computer, you create an audit policy by using the Advanced Audit Policy Configuration settings in the Default Domain Policy Group Policy object (GPO).
You discover that the audit policy is not applied to the member servers. The audit policy is applied to the client computers.
You need to ensure that the audit policy is applied to all member servers and all client computers.
What should you do()
A.Add a WMI filter to the Default Domain Policy GPO
B.Modify the security settings of the Default Domain Policy GPO
C.Configure a startup script that runs auditpol.exe on the member servers.
D.Configure a startup script that runs auditpol.exe on the domain controllers.
Your network contains an Active Directory domain controller named DC1. DDC1 runs Windows Server 2008 R2.
You need to defragment the Active Directory database on DC1. The solution must minimize downtime on DC1.
What should you do first()
A.At the command prompt, run net stop ntds.
B.At the command prompt, run net stop netlogon.
C.Restart DC1 in Safe Mode.
D.Restart DC1 in Directory Services Restore Mode (DSRM).
Your network contain 10 domain controller that run Windows Server R2.
The network contain a member server that is configured to collect all of events that occur on the domain controllers.
Your need to ensure that administrators are notified when a specific event occurs on any of the domain controllers. You want to achive the goal by using the minimum amount effort.
What should you do()
A.From Event Viewer on the member server, create a subscription.
B.From Event Viewer on each domain controller, create a subscription.
C.From Event Viewer on the member server, run the Create Basic Task Wizard.
D.From Event Viewer on each domain controller,run the Create Basic Task Wizard.
Your network contains an Active Directory domain.
A user named User1 takes a leave of absence for one year.
You need to restrict access to the User1 user account while User1 is away.
What should you do()
A.From the Default Domain Policy, modify the account lockout settings.
B.From the Default Domain Controller Policy, modify the account lockout settings.
C.From the properties of the user account, modify the Account options.
D.From the properties of the user account, modify the Session settings.
Your network contains an Active Directory domain. The domain contains a group named Group1. The minimum password lenght for the domain is set to six characters.
you need to ensure that the passwords for all users in Group1 are at least 10 characters long. All other users must be able to use passwords that are six characters long.
What should you do first()
A.Run the New-ADFineGrainedPasswordPolicy cmdlet.
B.Run the Add-ADFineGrainedPasswordPolicySubject cmdlet.
C.From the Default Domain Policy, modify the password policy.
D.From the Default Domain Controller Policy, modify the password policy.
Your network contains an Active Directory forest. All domain controllers run Windows Server 2008 Standard. The functional level of the domain is Windows Server 2003. You have a certification authority (CA).
The relevant servers in the domain are configured as shown in the following table:
Server name Operating system Server role
Server1 Windows Server 2003 Enterprise root CA Server2 Windows Server 2008 Enterprise subordinate CA Server3 Windows Server 2008 R2 Web Server
You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate Enrollment Web Service on the network.
What should you do()
A.Upgrade Server1 to Windows Server 2008 R2.
B.Upgrade Server2 to Windows Server 2008 R2.
C.Raise the functional level of the domain to Windows Server 2008.
D.Install the Windows Server 2008 R2 Active Directory Schema updates.
You have an enterprise subordinate certification authority (CA). You have a custom certificate template that has a key length of 1,024 bits. The template is enabled for autoenrollment.
You increase the template key length to 2,048 bits.
You need to ensure that all current certificate holders automatically enroll for a certificate that uses the new template.
Which console should you use()
A.Active Directory Administrative Center
B.Certification Authority
C.Certificate Templates
D.Group Policy Management
You have an enterprise subordinate certification authority (CA). You have a custom Version 3 certificate template.
Users can enroll for certificates based on the custom certificate template by using the Certificates console.
The certificate template is unavailable for Web enrollment. You need to ensure that the certificate template is available on the Web enrollment pages.
What should you do()
A.Run certutil.exe -pulse.
B.Run certutil.exe -installcert.
C.Change the certificate template to a Version 2 certificate template.
D.On the certificate template, assign the Autoenroll permission to the users.
You have Active Directory Certificate Services (AD CS) deployed. You create a custom certificate template.
You need to ensure that all of the users in the domain automatically enroll for a certificate based on the custom certificate template.
Which two actions should you perform()
A.In a Group Policy object (GPO), configure the autoenrollment settings.
B.In a Group Policy object (GPO), configure the Automatic Certificate Request Settings.
C.On the certificate template, assign the Read and Autoenroll permission to the Authenticated Users group.
D.On the certificate template, assign the Read, Enroll, and Autoenroll permission to the Domain Users group.
最新试题
Your network contains a single Active Directory domain named contoso.com. An administrator accidentally deletes the _msdsc.contoso.com zone. You recreate the _msdsc.contoso.com zone. You need to ensure that the _msdsc.contoso.com zone contains all of the required DNS records. What should you do on each domain controller()
Your company has four offices. The network contains a single Active Directory domain. Each office has domain controller. Each office has an organitational unit (OU) that contains the user accounts for the users in that office. In each office, support technicians perform basic troubleshooting for the users in their respective office. You need to ensure that the support technicians can reset the password for the user accounts in their respective office only. The solution must prevent the thechnicians from creating user accounts. What shoul you do()
Your network contains an Active Directory domain named contoso.com. All domain controllers and member servers run Windows Server 2008. All client computer run Windows 7. From a client computer, you create an audit policy by using the Advanced Audit Policy Configuration settings in the Default Domain Policy Group Policy object (GPO). You discover that the audit policy is not applied to the member servers. The audit policy is applied to the client computers. You need to ensure that the audit policy is applied to all member servers and all client computers. What should you do()
Your network contain 10 domain controller that run Windows Server R2. The network contain a member server that is configured to collect all of events that occur on the domain controllers. Your need to ensure that administrators are notified when a specific event occurs on any of the domain controllers. You want to achive the goal by using the minimum amount effort. What should you do()
Active Directory Rights Management Services (AD RMS) is deployed on your network. You need to configure AD RMS to use Kerberos authentication. Which two actions should you perform()
Your network contains an Active Directory domain. The domain contains 1000 user accounts. You have a list that contains the mobile phone number of each user You need to add the mobile number of each user to Active Directory. What should you do()
Your network contains an Active Directory domain that has two sites. You need to identify whether logon scripts are replicated to all domain controllers. Which folder should you verify()
You need to receive an e-mail message whenever a domain user account is locked out. Which tool should you use()
Your network contains an Active Directory domain. A user named User1 takes a leave of absence for one year. You need to restrict access to the User1 user account while User1 is away. What should you do()
Your network contains an Active Directory forest. The forest contains an Acitve Directory site for a remote office. The remote site contains a read-only domain controller (RODC). You need to configure the RODC to store only the password of users in the remote site. What should you do()