Your network contains a Web server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2).Server1 has one Web site.

You configure Server1 to use a Web server certificate.

Users report that they can access the Web site by using http://server1 and https://server1.

You need to ensure that all traffic to, and from, Server1 is encrypted.

What should you do?

You are the network administrator for Humongous Insurance.The network consists of a single Active Directory domain named humongous.com.The domain contains Windows Server 2003 computers and Windows XP Professional computers.

You configure several Group Policy objects (GPOs) to enforce the use of IPSec for certain types of communication between specified computers.

A server named Server2 runs the Telnet service.A GPO is supposed to ensure that all Telnet connections to Server2 are encrypted by using IPSec.However, when you monitor network traffic, you notice that Telnet connections are not being encrypted.

You need to view all of the IPSec settings that are applied to Server2 by GPOs.

Which tool should you use?

You have a server that runs Windows Server 2003 Service Pack 2 (SP2).The server has Windows Support Tools installed.

The IPSec service fails to start.

You notice that the IPSec service cannot bind to the appropriate TCP and UDP ports.

You need to identify which process is preventing the IPSec service from starting.

Which tool should you use?

Your network consists of a single Active Directory domain.All servers run Windows Server 2003 Service Pack 2 (SP2).

You have a server named Server1 that has Windows Server Update Services (WSUS) 3.0 installed.

You have a server named ExchangeDev that has Microsoft Exchange Server 2003 installed.ExchangeDev is configured to receive updates from Server1.

You need to ensure that only critical updates for Exchange Server 2003 are applied to ExchangeDev without requiring the approval of an administrator.

What should you do?

Your network consists of a single Active Directory domain.All servers run Windows Server 2003 Service Pack 2 (SP2).

You have two member servers named Server1 and Server2. Both servers have Windows Server Update Services (WSUS) 3.0 installed.Server2 is configured in Replica mode and uses Server1 as an upstream server.

You need to ensure that WSUS on Server2 downloads approved updates directly from the Microsoft Update site.

What should you do?

You have a server that runs Windows Server 2003 Service Pack 2 (SP2).

You create a user account named Admin1.

You need to allow Admin1 to restart services and to review the security log.You must minimize the rights assigned to Admin1.

Which group should you add Admin1 to?

Your company has a main office and one branch office.All servers run Windows Server 2003 Service Pack 2 (SP2).

The main office has a third-party gateway device named Gateway1. Gateway1 is connected to the internal network and the Internet.Gateway1 supports IPSec.

In the branch office, you have a server named Server1.

You create an IPSec policy on Server1.

You need to ensure that Server1 can establish an IPSec tunnel to Gateway1.

What should you use to configure the IPSec policy?

You are the network administrator for your company.The network consists of a single Active Directory domain.

The domain contains an organizational unit (OU) named Webservers.The Webservers OU contains the computer accounts of 12 Windows Server 2003 computers that function as intranet Web servers.A Group Policy object (GPO) named WebserversPolicy is linked to the Webservers OU.The GPO is used to configure various settings on the computers in the OU. A global group named WebserverAdmins is a member of the Administrators local group on each intranet Web server.

You plan to install a security scanning application on each intranet Web server.The documentation for the application states that it uses a service account, which must be able to modify the HKEY_LOCAL_MACHINE\SYSTEM key in the registry of every computer on which the application is installed.

You create the service account in the domain.The company’s written security policy states that service accounts must be assigned only the minimum rights and permissions that they require to function.

You need to configure the intranet Web servers so that they comply with the installation requirements of the security scanning application.You also need to comply with the company’s security policy.You want to achieve this goal by using the minimum amount of administrative effort.

What should you do?

Your network consists of a single Active Directory domain.All servers run Windows Server 2003 Service Pack 2 (SP2).All client computers run Windows XP Professional Service Pack 3 (SP3).

Computer accounts for the client computers are located in three organizational units (OUs) named OU1, OU2, and OU3.

You install Windows Server Update Services (WSUS) 3.0 on a member server named Server1. On Server1, you create three WSUS computer groups named OU1, OU2, and OU3.

You need to ensure that each client computer is assigned automatically to the WSUS computer group that corresponds to the OU in which the computer account resides.

Which two actions should you perform? (Each correct answer presents part of the solution.Choose two.)

You have a Web server that runs Windows Server 2003 Service Pack 2 (SP2).

You need to collect the following information from the Web server:
Unauthorized attempts to upload files
Unsuccessful commands that try to run executables

You must achieve this goal by using the minimum amount of administrative effort.

What should you do?