What are two possible ways to achieve this goal? (Each correct answer presents a complete solution
You need to relocate the existing user and computer objects in your company to different organizational units. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
You need to enable forest-wide single name resolution
Your company has an Active Directory forest. All domain controllers run the DNS Server server role. The company plans to decommission the WINS service. You need to enable forest-wide single name resolution. What should you do?
You need to ensure that all computers in Segment B automatically install security patches
You are the security administrator for your company. The network consists of two segments named Segment A and Segment B. The client computers on the network run Windows XP Professional. The servers run Windows Server 2003.
Segment A contains a single server named Server1. Segment B contains all other computers, including a server named Server2. The company’s written security policy states that Segment B must not be connected to the lnternet. Segment A is allowed to connect to the lnternet. There is no network connection between Segment A and Segment B. You can copy files from Segment A to Segment B only by using a CD-ROM to transport the files between the two segments. The network topology is displayed in the exhibit. (Refer to the Exhibit.)
You are planning a patch management infrastructure. On Segment B, you install Software Update Services (SUS) on Server2. You configure Automatic Updates on all computers in Segment B to use http://Server2 and to install security patches.
You need to ensure that all computers in Segment B automatically install security patches. What should you do?
You need to allow users to request certificates from a Web interface
You have a Windows Server 2008 R2 Enterprise Root CA . Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA .
You need to allow users to request certificates from a Web interface. You install the Active Directory Certificate Services (AD CS) server role.
What should you do next?
You need to ensure that the NPS log files on Server1 contain information of client connections
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the Network_Policy Server (NPS) role installed.
You need to ensure that the NPS log files on Server1 contain information of client connections.
What should you do?
You need to produce a report that identifies which Microsoft security patches are not installed on the Web ser
You are a security administrator for your company. The network consists of a single Active Directory domain. The network contains Windows Server 2003 computers.
Twelve of the Windows Server 2003 computers are configured as Web servers.
You need to produce a report that identifies which Microsoft security patches are not installed on the Web servers. What should you do?
You need to ensure the UPN suffix for contoso
Your company has a single Active Directory domain named intranet.contoso.com. All domain controllers run Windows Server 2008 R2. The domain functional level is Windows 2000 native and the forest functional level is Windows 2000.
You need to ensure the UPN suffix for contoso.com is available for user accounts.
What should you do first?
Which command should you use?
Your company has a server named Server1 that runs a Server Core installation of Windows Server 2008 R2, and the DNS Server server role. Server1 has one network interface named Local Area Connection. The static IP address of the network interface is configured as 10.0.0.1. You need to create a DNS zone named local.contoso.com on Server1.
Which command should you use?
You need to maintain security patches by using the minimum amount of administrative effort
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003.
The company’s written security policy states that security patches must be manually installed on servers by administrators. You need to configure the network to comply with the written security policy.
You need to maintain security patches by using the minimum amount of administrative effort. What should you do?
You need to ensure that all domain controllers immediately receive the new NS record
Your network consists of an Active Directory forest that contains one domain. All domain controllers run Windows Server 2008 R2 and are configured as DNS servers. You have an Active Directory- integrated zone.
You have two Active Directory sites. Each site contains five domain controllers.
You add a new NS record to the zone.
You need to ensure that all domain controllers immediately receive the new NS record.
What should you do?