You need to track which employees access the Payroll files on the file servers
Your company has file servers located in an organizational unit named Payroll. The file servers contain payroll files located in a folder named Payroll. You create a GPO. You need to track which employees access the Payroll files on the file servers. What should you do?
You need to view all inbound VPN packets
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the Routing and Remote Access service (RRAS) role service installed. You need to view all inbound VPN packets. The solution must minimize the amount of data collected.
What should you do?
You need to restrict members of a group named Contractors from connecting to the file server computers
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.
Eight Windows Server 2003 computers are members of the domain. These computers are used to store confidential files. They reside in a data center that only lT administration personnel have physical access to.
You need to restrict members of a group named Contractors from connecting to the file server computers. All other employees require access to these computers. What should you do?
You need to move the Active Directory database to a new volume
An Active Directory database is installed on the C volume of a domain controller. You need to move the Active Directory database to a new volume. What should you do?
Which command should you run?
Your network contains a single Active Directory domain. All servers run Windows Server 2008 R2. A DHCP server is deployed on the network and configured to provide IPv6 prefixes. You need to ensure that when you monitor network traffic, you see the interface identifiers derived from the Extended Unique Identifier (EUI)-64 address. Which command should you run?
You need to ensure that SMB communications between the Windows Server 2003 file servers and the client compute
You are a security administrator for your company. The network consists of a single Active Directory domain. Servers run either Windows Server 2003 or Windows 2000 Server. All client computers run Windows 2000 Professional. The latest operating system service pack is installed on each computer.
Thirty Windows Server 2003 computers are members of the domain and function as file servers. Client computers access files on these file servers over the network by using the Server Message Block (SMB) protocol. You are concerned about the possible occurrence of man-in-the-middle attacks during SMB communications. You need to ensure that SMB communications between the Windows Server 2003 file servers and the client computers are cryptographically signed. The file servers must not communicate with client computers if the client computers cannot sign SMB communications.
Client computers must be able to use unsigned SMB communications with all other computers in the domain. What should you do to configure the file servers?
You need to ensure that the Contoso users are able to resolve names from the intranet
Contoso, Ltd. has an Active Directory domain named ad.contoso.com. Fabrikam, Inc. has an Active Directory domain named intranet.fabrikam.com. Fabrikam’s security policy prohibits the transfer of internal DNS zone data outside the Fabrikam network. You need to ensure that the Contoso users are able to resolve names from the intranet.fabrikam.com domain.
What should you do?
You need to capture the HTTP traffic to and from a server every day between 09:00 and 10:00
You need to capture the HTTP traffic to and from a server every day between 09:00 and 10:00.
What should you do?
You need to configure the network so that users can use App1
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.
One hundred users in your company are currently using an application named App1. App1 is stored in a folder on the hard disk of each user’s client computer. To secure App1, you create a new Group Policy object (GPO) named App1 Policy. The App1 Policy GPO contains a file system security policy that applies a custom DACL to App1.
You configure the DACL to assign All users only the Allow – Read permission. You filter the App1 Policy GPO to apply only to computers that have App1 installed. After you apply the App1 GPO, users immediately report that they receive an error message when they attempt to use App1. You delete the entry for App1 in the file system security policy. Users continue to report that they receive the same error message when they attempt to use App1.
You need to configure the network so that users can use App1. You want to achieve this goal by using the minimum amount of administrative effort. What should you do?
Which two roles should you transfer? (Each correct answer presents part of the solution
You are decommissioning domain controllers that hold all forest-wide operations master roles. You need to transfer all forest-wide operations master roles to another domain controller. Which two roles should you transfer? (Each correct answer presents part of the solution. Choose two.)