시험이름:MCSE 2003 Security Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
Q&A:156 Q&As
업그레이트:2009-05-14
MCSE 2003 Security Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure 70-293BIG5 IT 인증강사 및 제품 전문가는 시험문제를 완벽하게 만들었다,최신시험 문제 0B0 - 410 를 포함하고 모두 정답을 첨부한다, Killtest 인증시험문제를 구매한 손님들이 60일 공짜로 업그레이드서비스를 얻을 수 있다, MCSE 시험 문제에 대하여 전체적인 것을 보장한다, killtest 는 한 번에 인증시험을 통과할 수 있는 것을 도와 줄 것이다,통과하지 못하면 전액 환불한다고 약속한다. killtest 70-293BIG5 시험문제는 완벽한다,덮고 있는 비율은 96%이상이다,답은 이 방면에 경험이 많은 강사들이 푸는 것이다,정확율은 100%이다,우리시험문제 MCSE 70-293BIG5 를 사용해서 시험을 보면 쉽게 시험을 통과할 수 있도록 보장할 것이다.
1. You are the network administrator for your company. The network consists of a single Active Directory
domain. The network contains 50 application servers that run Windows Server 2003. The security
configuration of the application servers is not uniform. The application servers were deployed by local
administrators who configured the settings for each of the application servers differently based on their
knowledge and skills. The application servers are configured with different authentication methods, audit
settings, and account policy settings. The security team recently completed a new network security
design. The design includes a baseline configuration for security settings on all servers. The baseline
security settings use the Hisecws.inf predefined security template. The design also requires modified
settings for servers in an application role. These settings include system service startup requirements,
renaming the administrator account, and more stringent account lockout policies. The security team
created a security template named Application.inf that contains the modified settings. You need to plan
the deployment of the new security design. You need to ensure that all security settings for the application
servers are standardized, and that after the deployment, the security settings on all application servers
meet the design requirements. What should you do?
A. Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf
template.
B. Apply the Application.inf template and then the Hisecws.inf template.
C. Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf
template.
D. Apply the Setup security.inf template and then the Application.inf template.
Answer: A
2. You are a network administrator for your company. The network consists of a single Active Directory
domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. The
Active Directory domain contains three organizational units (OUs): Payroll Users, Payroll Servers, and
Finance Servers. The Windows XP Professional computers used by the users in the payroll department
are in the Payroll Users OU. The Windows Server 2003 computers used by the payroll department are in
the Payroll Servers OU. The Windows Server 2003 computers used by the finance department are in the
Finance Servers OU. You are planning the baseline security configuration for the payroll department. The
company’s written security policy requires that all network communications with servers in the Payroll
Servers OU must be secured by using IPsec. The written security policy states that IPSec must not be
used on any other servers in the company. You need to ensure that the baseline security configuration for
the payroll department complies with the written security policy. You also need to ensure that members of
the Payroll Users OU can access resources in the Payroll Servers OU and in the Finance Servers OU.
What should you do?
A. Create a Group Policy object (GPO) and assign the Secure Server (Require Security) IPSec policy
setting. Link the GPO to only the Payroll Servers OU. Create a second GPO and assign the Client
(Respond Only) IPSec policy setting. Link the second GPO to the Payroll Users OU.
B. Create a Group Policy object (GPO) and assign the Secure Server (Require Security) IPSec policy
setting. Link the GPO to the Payroll Servers OU and to the Finance Servers OU. Create a second GPO
and assign the Client (Respond Only) IPSec policy setting. Link the second GPO to the Payroll Users OU.
C. Create a Group Policy object (GPO) and assign the Server (Request Security) IPSec policy setting.
Link the GPO to only the Payroll Servers OU. Create a second GPO and assign the Client (Respond Only)
| English | Chinese(Traditional) | Chinese(Simplified) | 3
KillTest
Information Co., Ltd. All rights reserved.
IPSec policy setting. Link the second GPO to the Payroll Users OU.
D. Create a Group Policy object (GPO) and assign the Server (Request Security) IPSec policy setting.
Link the GPO to the Payroll Servers OU and to the Finance Servers OU. Create a second GPO and
assign the Client (Respond Only) IPSec policy setting. Link the second GPO to the Payroll Users OU.
Answer: A
3. You are a network administrator for your company. The network consists of a single Active Directory
domain. The network contains 80 Web servers that run Windows 2000 Server. The IIS Lockdown Wizard
is run on all Web servers as they are deployed. Your company is planning to upgrade its Web servers to
Windows Server 2003. You move all Web servers into an organizational unit (OU) named Web Servers.
You are planning a baseline security configuration for the Web servers. The company’s written security
policy states that all unnecessary services must be disabled on servers. Testing shows that the server
upgrade process leaves the following unnecessary service enabled: .SMTP .Telnet Your plan for the
baseline security configuration for Web servers must comply with the written security policy. You need to
ensure that unnecessary services are always disabled on the Web servers. What should you do?
A. Create a Group Policy object (GPO) to apply a logon script that disables the unnecessary services.
Link the GPO to the Web Servers OU.
B. Create a Group Policy object (GPO) and import the Hisecws.inf security template. Link the GPO to the
Web Servers OU.
C. Create a Group Policy object (GPO) to set the startup type of the unnecessary services to Disabled.
Link the GPO to the Web Servers OU.
D. Create a Group Policy object (GPO) to apply a startup script to stop the unnecessary services. Link the
GPO to the Web Servers OU.
Answer: C
4. You are the network administrator for your company. The network consists of a single Active Directory
domain. The functional level of the domain is Windows Server 2003. The domain contains an
organizational unit (OU) named Servers that contains all of the company’s Windows Server 2003
resource servers. The domain also contains an OU named Workstations that contains all of the
company’s Windows XP Professional client computers. You configure a baseline security template for
resource servers named Server.inf and a baseline security template for client computers named
Workstation.inf. The Server.inf template contains hundreds of settings, including file and registry
permission settings that have inheritance propagation enabled. The Workstation.inf template contains 20
security settings, none of which contain file or registry permissions settings. The resource servers operate
at near capacity during business hours. You need to apply the baseline security templates so that the
settings will be periodically enforced. You need to accomplish this task by using the minimum amount of
administrative effort and while minimizing the performance impact on the resource servers. What should
you do?
A. Create a Group Policy object (GPO) and link it to the domain. Import both the Server.inf and the
Workstation.inf templates into the GPO.
B. Import both the Server.inf and the Workstation.inf templates into the Default Domain Policy Group
Policy object (GPO).
C. On each resource server, create a weekly scheduled task to apply the Server.inf settings during
offpeak
hours by using the secedit command. Create a Group Policy object (GPO) and link it to the
Workstations OU. Import the Workstation.inf template into the GPO.
D. On each resource server, create a weekly scheduled task to apply the Server.inf settings during
offpeak
hours by using the secedit command. Import the Workstation.inf template into the Default
Domain Policy Group Policy object (GPO).
Answer: C
5. You are the network administrator for your company. The network consists of a single Active Directory
domain.The company’s written security policy requires that computers in a file server role must have a
minimum file size for event log settings. In the past, logged events were lost because the size of the event
log files was too small. You want to ensure that the event log files are large enough to hold history. You
also want the security event log to be cleared manually to ensure that no security information is lost. The
application log must clear events as needed. You create a security template named Fileserver.inf to meet
the requirements. You need to test each file server and take the appropriate corrective action if needed.
You audit a file server by using Fileserver.inf and receive the results shown in the exhibit. (Click the Exhibit
button.) You want to make only the changes that are required to meet the requirements. Which two
actions should you take? (Each correct answer presents part of the solution. Choose two.)
A. Correct the Maximum application log size setting on the file server.
B. Correct the Maximum security log size setting on the file server.
C. Correct the Maximum system log size setting on the file server.
D. Correct the Retention method for application log setting on the file server.
E. Correct the Retention method for security log setting on the file server. F. Correct the Retention method
for system log setting for the file server.
Answer: B AND E
6. You are the network administrator for your company. The network consists of a single Active Directory
domain. All domain controllers run Windows Server 2003. All client computers run Windows XP
Professional. The company has legacy applications that run on UNIX servers. The legacy applications
use the LDAP protocol to query Active Directory for employee information. The domain controllers are
currently configured with the default security settings. You need to configure enhanced security for the
domain controllers. In particular, you want to configure stronger password settings, audit settings, and
lockout settings. You want to minimize interference with the proper functioning of thelegacy applications.
You decide to use the predefined security templates. You need to choose the appropriate predefined
security template to apply to the domain controllers. What should you do?
A. Apply the Setup security.inf template to the domain controllers.
B. Apply the DC security.inf template to the domain controllers.
C. Apply the Securedc.inf template to the domain controllers.
D. Apply the Rootsec.inf template to the domain controllers.
Answer: C
Link: http://demo.killtest.com/70-293BIG5.zip
오늘 저희회사에서 덤프를 구매하셨던 고객만이 혜택을 받을 수 있습니다. 한 과목을 구매하시면 10%, 두 과목이나 그 이상을 구매하시면 20%를 할인해 드립니다. 그리고 다섯 과목을 구매하시면 더 큰 혜택이 당신을 기다릴 것입니다. 합격률 100%의 인기 많은 덤프, 이렇게 좋은 기회를 두고 이직도 망설이십니까? 걱정하지 마시고 빨리 사세요^^