안녕하세요. 여러분 IT인증시험때문에 수고가 많으십니다. 합격률 100%의 덤프가 바로 여러분의 지름길이 되어드리겠습니다.저희회사 홈페이지에 오셔서 한 번 둘러보십시요. 저희 회사의 최신덤프가 여러분의 걱정을 덜어드릴 것입니다.시험을 보기로 결심한 각 응시자는 가장 안전하고 최신의 공부 자료들을 여기서 받을 수 있을 것입니다.우리의 목적은 확실하게 고객님 시험을 합격하게 하는 것입니다.그럼 좋은 하루 되십시오.
시험번호: 70-299
시험이름: Implementing and Administering Security in a Microsoft Windows Server 2003 Network
Q&A: 42 Q&As
가격(달러):$ 49.00 USD
Q&A: 42 Q&As
가격(달러):$ 49.00 USD
시험문제:
1.You are a security administrator for your company. The network includes a public key infrastructure (PKI)
that supports smart card logon. All client computers have smart card readers. Managers are issued smart
cards. Managers are required to use smart cards when logging on to client computers. You need to
ensure that managers are required to use a smart card when logging on to any client computer and that
all other users are required to use a smart card when logging on to a client computer assigned to a
manager. Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.On the properties of each user account used by a manager, select the Smart card required for
interactive logon check box.
B.On the computer account for each manager’s client computer, edit the DACL so that only managers are
assigned the Allow - Allowed to authenticate permission.
C.Place all client computers used by managers in an organizational unit (OU). Link a new Group Policy
object (GPO) to the OU. Configure the GPO to enforce the Interactive logon: Require smart card setting.
D.Place all client computers used by managers in an organizational unit (OU). Link a new Group Policy
object (GPO) to the OU. Configure the GPO to set the startup type of the Smart Card service to
Automatic.
Answer: A C
2.You are a security administrator for your company. The network consists of an Active Directory forest
that contains two domains. The domains are named treyresearch.com and litwareinc.com. All Active
Directory domains are running at a Windows Server 2000 mixed mode functionality level. Employees in
the help desk department need to modify certain attributes of employee user accounts that reside in the
treyresearch.com domain. The help desk department user accounts reside in the litwareinc.com domain.
You need to create a single group named Help Desk that contains all help desk department user accounts
and that can be granted access to modify the employee user accounts in the treyresearch.com domain.
What should you do?
A.Use a universal security group in the treyresearch.com domain named Help Desk.
B.Use a universal security group in the litwareinc.com domain named Help Desk.
C.Use a global security group in the litwareinc.com domain named Help Desk.
D.Use a global security group in the treyresearch.com domain named Help Desk.
Answer: C
4. You are a security administrator for your company. The network consists of two Active Directory
domains. These domains each belong to separate Active Directory forests. The domain named
graphicdesigninstitute.com is used primarily to support company employees. The domain named
fineartschool.net is used to support company customers. The functional level of all domains is Windows
Server 2003 interim mode. A one-way external trust relationship exists in which the
graphicdesigninstitute.com domain trusts the fineartschool.net domain.
A Windows Server 2003 computer named Server1 is a member of the fineartschool.net domain. Server1
provides customers access to a Microsoft SQL Server 2000 database. The user accounts used by
customers reside in the local account database on Server1. All of the customer user accounts belong to a
local computer group named Customers. SQL Server is configured to use Windows Integrated
authentication.
Your company has additional SQL Server 2000 databases that reside on three Windows Server 2003
computers. These computers are member servers in the graphicdesigninstitute.com domain. The
company’s written security policy states that customer user accounts must reside on computers in the
fineartschool.net domain.
You need to plan a strategy for providing customers with access to the additional databases. You want to
achieve this goal by using the minimum amount of administrative effort.
What should you do?
A.Create a new user account in the fineartschool.net Active Directory domain for each customer. Create a
universal group in the fineartschool.net domain. Add the new customer domain user accounts as
members of the new universal group. Assign this group permissions to access the databases.
B.Create a new user account in the fineartschool.net Active Directory domain for each customer. Create a
global group in the fineartschool.net domain. Add the new customer domain user accounts as members
of the new global group. Assign this group permissions to access the databases.
C.Create a new user account in the graphicdesigninstitute.com Active Directory domain for each
customer. Create a global group in the fineartschool.net Active Directory domain. Assign the new global
group permissions to access the databases.
D.Create a new user account in the graphicdesigninstitute.com Active Directory domain for each
customer. Create a universal group in the fineartschool.net Active Directory domain. Assign the new
universal group permissions to access the databases.
Answer: B
that supports smart card logon. All client computers have smart card readers. Managers are issued smart
cards. Managers are required to use smart cards when logging on to client computers. You need to
ensure that managers are required to use a smart card when logging on to any client computer and that
all other users are required to use a smart card when logging on to a client computer assigned to a
manager. Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.On the properties of each user account used by a manager, select the Smart card required for
interactive logon check box.
B.On the computer account for each manager’s client computer, edit the DACL so that only managers are
assigned the Allow - Allowed to authenticate permission.
C.Place all client computers used by managers in an organizational unit (OU). Link a new Group Policy
object (GPO) to the OU. Configure the GPO to enforce the Interactive logon: Require smart card setting.
D.Place all client computers used by managers in an organizational unit (OU). Link a new Group Policy
object (GPO) to the OU. Configure the GPO to set the startup type of the Smart Card service to
Automatic.
Answer: A C
2.You are a security administrator for your company. The network consists of an Active Directory forest
that contains two domains. The domains are named treyresearch.com and litwareinc.com. All Active
Directory domains are running at a Windows Server 2000 mixed mode functionality level. Employees in
the help desk department need to modify certain attributes of employee user accounts that reside in the
treyresearch.com domain. The help desk department user accounts reside in the litwareinc.com domain.
You need to create a single group named Help Desk that contains all help desk department user accounts
and that can be granted access to modify the employee user accounts in the treyresearch.com domain.
What should you do?
A.Use a universal security group in the treyresearch.com domain named Help Desk.
B.Use a universal security group in the litwareinc.com domain named Help Desk.
C.Use a global security group in the litwareinc.com domain named Help Desk.
D.Use a global security group in the treyresearch.com domain named Help Desk.
Answer: C
4. You are a security administrator for your company. The network consists of two Active Directory
domains. These domains each belong to separate Active Directory forests. The domain named
graphicdesigninstitute.com is used primarily to support company employees. The domain named
fineartschool.net is used to support company customers. The functional level of all domains is Windows
Server 2003 interim mode. A one-way external trust relationship exists in which the
graphicdesigninstitute.com domain trusts the fineartschool.net domain.
A Windows Server 2003 computer named Server1 is a member of the fineartschool.net domain. Server1
provides customers access to a Microsoft SQL Server 2000 database. The user accounts used by
customers reside in the local account database on Server1. All of the customer user accounts belong to a
local computer group named Customers. SQL Server is configured to use Windows Integrated
authentication.
Your company has additional SQL Server 2000 databases that reside on three Windows Server 2003
computers. These computers are member servers in the graphicdesigninstitute.com domain. The
company’s written security policy states that customer user accounts must reside on computers in the
fineartschool.net domain.
You need to plan a strategy for providing customers with access to the additional databases. You want to
achieve this goal by using the minimum amount of administrative effort.
What should you do?
A.Create a new user account in the fineartschool.net Active Directory domain for each customer. Create a
universal group in the fineartschool.net domain. Add the new customer domain user accounts as
members of the new universal group. Assign this group permissions to access the databases.
B.Create a new user account in the fineartschool.net Active Directory domain for each customer. Create a
global group in the fineartschool.net domain. Add the new customer domain user accounts as members
of the new global group. Assign this group permissions to access the databases.
C.Create a new user account in the graphicdesigninstitute.com Active Directory domain for each
customer. Create a global group in the fineartschool.net Active Directory domain. Assign the new global
group permissions to access the databases.
D.Create a new user account in the graphicdesigninstitute.com Active Directory domain for each
customer. Create a universal group in the fineartschool.net Active Directory domain. Assign the new
universal group permissions to access the databases.
Answer: B
매달에 제시간 업데이트 할테니까 걱정하지 마세요!
저희회사의 홈페이지 바로가기:www.killtest.kr