PrepAway - Latest Free Exam Questions & Answers

Author: seenagape

Which two actions should you perform? (Each correct answer presents part of the solution

Leave a comment

You are building a test environment to evaluate DNS Security Extensions (DNSSEC). You have a domain controller named Server1 that runs Windows Server 2008 R2 in your test environment.

Server1 has the DNS Server server role installed.

You need to configure Server1 to support the DNSSEC evaluation. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

You need to ensure that all computers in Segment B automatically install security patches

Leave a comment

You are the security administrator for your company. The network consists of two segments named Segment A and Segment B. The client computers on the network run Windows XP Professional. The servers run Windows Server 2003.

Segment A contains a single server named Server1. Segment B contains all other computers, including a server named Server2. The company’s written security policy states that Segment B must not be connected to the lnternet. Segment A is allowed to connect to the lnternet. There is no network connection between Segment A and Segment B. You can copy files from Segment A to Segment B only by using a CD-ROM to transport the files between the two segments. The network topology is displayed in the exhibit. (Click the Exhibit button.)

You are planning a patch management infrastructure. On Segment B, you install Software Update Services (SUS) on Server2. You configure Automatic Updates on all computers in Segment B to use http://Server2 and to install security patches.

You need to ensure that all computers in Segment B automatically install security patches. What should you do?

You need to apply desktop restrictions to the sales executives group

Leave a comment

Your company has an Active Directory domain that has an organizational unit named Sales. The Sales organizational unit contains two global security groups named sales managers and sales executives. You need to apply desktop restrictions to the sales executives group. You must not apply these desktop restrictions to the sales managers group. You create a GPO named DesktopLockdown and link it to the Sales organizational unit. What should you do next?

You need to ensure that Kim can log on and change her password

12 comments

You are a security administrator for Contoso, Ltd. The network consists of a single Active Directory domain named contoso.com. All servers run Windows Server 2003. All client computers run Windows XP Professional. All computers are members of the domain.

The company has a main office and three branch offices. Each office is configured as an Active Directory site. Each site contains domain controllers. A domain user named Kim reports that she forgot her password. She works in one of the branch offices. A des op support technician in the main office resets Kim’s password, enables the User must change password at next logon option on Kim’s user account, and then tells Kim the new password. Kim attempts to log on by using her new password and reports that she cannot change the password at logon. You investigate the problem. Kim’s user account is not locked out, and it is not disabled. Permissions for the user account are shown in the exhibit. (Refer to the Exhibit.)

You need to ensure that Kim can log on and change her password. What should you do?

Which two actions should you perform? (Each correct answer presents part of the solution

Leave a comment

Your company has an Active Directory forest that contains client computers that run Windows Vista and Microsoft Windows XP. You need to ensure that users are able to install approved application updates on their computers. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

You need to ensure that Server1 authenticates users based on possession of their certificate

Leave a comment

You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows 2000 Professional.

You manage a Windows Server 2003 computer named Server1 that is a domain member server. You use IIS on Server1 to host an Internet Web site. Approximately 4,000 employees of your company connect over the lnternet to access company confidential data on Server1. You control access to data on Server1 by using NTFS file permissions assigned to groups. Different groups are assigned access to different files. Employees must have access only to files that they are assigned access to based on their membership in a group. You enable SSL on Server1 to protect confidential data while it is in transit. You issue each employee an Authenticated Session certificate and store a copy of that certificate with their user account in the Active Directory domain.

You need to ensure that Server1 authenticates users based on possession of their certificate. What should you do?

You need to ensure that the health certificates are only valid for four hours

Leave a comment

Your network contains an Active Directory domain. The domain contains an enterprise certification authority (CA) named Server1 and a server named Server2. On Server2, you deploy Network Policy Server (NPS) and you configure a Network Access Protection (NAP) enforcement policy for IPSec. From the Health Registration Authority snap-in on Server2, you set the lifetime of health certificates to four hours. You discover that the validity period of the health certificates issued to client computers is one year.

You need to ensure that the health certificates are only valid for four hours. What should you do?


Page 5,593 of 6,830« First...102030...5,5915,5925,5935,5945,595...5,6005,6105,620...Last »