Exam Name: Implementing and Administering Security in

Similar documents
Exam Name: Pro: Upgrading to Windows 7 MCITP Enterprise Desktop Support Technician

EXAMGOOD QUESTION & ANSWER. Accurate study guides High passing rate! Exam Good provides update free of charge in one year!

Exam Identity with Windows Server 2016

Exam Questions Demo Microsoft. Exam Questions Managing and Maintaining Windows 8.

Exam Questions

Microsoft. Exam Questions Managing and Maintaining Windows 8.1. Version:Demo

x CH03 2/26/04 1:24 PM Page

Identity with Windows Server 2016

MCSA Windows Server 2012

Vendor: Microsoft. Exam Code: Exam Name: Administering Windows Server Version: Demo

ACCURATE STUDY GUIDES, HIGH PASSING RATE! Question & Answer. Dump Step. provides update free of charge in one year!

At Course Completion: Course Outline: Course 20742: Identity with Windows Server Learning Method: Instructor-led Classroom Learning

Q&As. Identity with Windows Server Pass Microsoft Exam with 100% Guarantee

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Vendor: Microsoft. Exam Code: Exam Name: Implementing a Desktop Infrastructure. Version: Demo

Identity with Windows Server 2016

Advanced Security Measures for Clients and Servers

70-742: Identity in Windows Server Course Overview

M20742-Identity with Windows Server 2016

MCSA Windows Server 2012

Managing and Maintaining Windows 8

20742: Identity with Windows Server 2016

Vendor: Microsoft. Exam Code: Exam Name: Implementing Desktop Application Environments. Version: Demo

METHODOLOGY This program will be conducted with interactive lectures, PowerPoint presentations, discussions and practical exercises.

COURSE OUTLINE. COURSE OBJECTIVES After completing this course, students will be able to: 1 - INSTALLING & CONFIGURING DCS

Identity with Windows Server 2016 (20742)

TestsDumps. Latest Test Dumps for IT Exam Certification

MCSE Server Infrastructure. This Training Program prepares and enables learners to Pass Microsoft MCSE: Server Infrastructure exams

KillTest 䊾 䞣 催 ࢭ ད ᅌ㖦䊛 ᅌ㖦䊛 NZZV ]]] QORRZKYZ TKZ ϔᑈܡ䊏 ᮄ ࢭ

8 Administering Groups

Exam Name: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure

Microsoft Exam Implementing Desktop Application Environments Version: 8.0 [ Total Questions: 85 ]

Designing and Managing a Windows Public Key Infrastructure

Course Content of MCSA ( Microsoft Certified Solutions Associate )

Course Outline 20742B

Vendor: Microsoft. Exam Code: Exam Name: Pro: Windows 7, Enterprise Desktop Administrator. Version: Demo

Microsoft Exam

Implementing Security in Windows 2003 Network (70-299)

Microsoft Designing and Implementing a Server Infrastructure. Download Full Version :

Identity with Microsoft Windows Server 2016 (MS-20742)

Exam Questions Demo Microsoft. Exam Questions

MOC 20411B: Administering Windows Server Course Overview

Microsoft MCSA Exam

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

6293A Troubleshooting and Supporting Windows 7 in the Enterprise

Designing and Implementing a Server Infrastructure

Exam Questions

Microsoft Configuring Advanced Windows Server 2012 Services.

Practice Test. Microsoft Microsoft PRO: Deploying Messaging Solutions with Microsoft Exchange Server Version 2.

Real4Test. Real IT Certification Exam Study materials/braindumps

Microsoft Exam Implementing an Advanced Server Infrastructure Version: 19.0 [ Total Questions: 243 ]

Certification Authority

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

This course provides students with the knowledge and skills to administer Windows Server 2012.

Implementing and Administering Security in a Microsoft Windows 2000 Network Course 2820 Five days Instructor-led Published: February 17, 2004


MU2b Authentication, Authorization and Accounting Questions Set 2

TS: Upgrading from Windows Server 2003 MCSA to, Windows Server 2008, Technology Specializations

Microsoft Certified System Engineer

Microsoft Recertification for MCSE: Server Infrastructure. Download Full Version :

Microsoft Exactexams Questions & Answers

Course 10982B: Supporting and Troubleshooting Windows 10

Microsoft Exam Windows Server 2008 Active Directory, Configuring Version: 41.0 [ Total Questions: 631 ]

Vendor: Microsoft. Exam Code: Exam Name: Configuring Advanced Windows Server 2012 Services. Version: Demo

Microsoft Implementing an Advanced Server Infrastructure

Overview. Audience Profile. At Course Completion. Module Title : 10982B: Supporting and Troubleshooting Windows 10. Course Outline :: 10982B::

10982 Supporting and Troubleshooting Windows 10

Microsoft MCSE Exam

Password Reset Utility. Configuration

Designing and Implementing a Server 2012 Infrastructure

Microsoft Exam

Supporting and Troubleshooting Windows 10

DESIGNING AND IMPLEMENTING A SERVER INFRASTRUCTURE

COPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

COURSE OUTLINE: Supporting and Troubleshooting Windows 10

ms-help://ms.technet.2004apr.1033/win2ksrv/tnoffline/prodtechnol/win2ksrv/howto/efsguide.htm

Exam Questions

Policy Settings for Windows Server 2003 (including SP1) and Windows XP (including SP2)

Microsoft Exam

exam.75q. Number: Passing Score: 800 Time Limit: 120 min File Version: 1. Microsoft

Installing and Configuring Windows Server 2012

The safer, easier way to help you pass any IT exams. Exam : Administering Windows Server Title : Version : V16.

Microsoft Certified Solutions Associate (MCSA)

Microsoft Upgrading from Windows Server 2003 MCSA to Windows Server 2008, Technology Specializations

Microsoft EXAM Securing Windows Server 2016 (beta) m/ Product: Demo. For More Information:

Supporting and Troubleshooting Windows 10

Microsoft Designing and Implementing a Server Infrastructure

Windows Server 2003, MCSA Security Specialization Skills Update. Exam.

GSLC. GIAC Security Leadership.

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Microsoft Certified Solutions Expert (MCSE)

Administering Windows Server 2012 (20411D)

Configuring, Managing, and Maintaining Windows Server 2008 R2 Servers

This module provides an overview of multiple Access and Information Protection (AIP) technologies

MOC 6232A: Implementing a Microsoft SQL Server 2008 Database

Microsoft Office Groove Server Groove Manager. Domain Administrator s Guide

Vendor: Microsoft. Exam Code: Exam Name: TS: Microsoft System Center Operations Manager 2007, Configuring. Version: Demo

20413B: Designing and Implementing a Server Infrastructure

ROYAL INSTITUTE OF INFORMATION & MANAGEMENT

Transcription:

Vendor: Microsoft Exam Code: 70-299 Exam Name: Implementing and Administering Security in a Windows Server 2003 Network Version: DEMO

1: You are a security administrator for your company. The network includes a public key infrastructure (PKI) that supports smart card logon. All client computers have smart card readers. Managers are issued smart cards. Managers are required to use smart cards when logging on to client computers. You need to ensure that managers are required to use a smart card when logging on to any client computer and that all other users are required to use a smart card when logging on to a client computer assigned to a manager. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) A.On the properties of each user account used by a manager, select the Smart card required for interactive logon check box. B.On the computer account for each manager's client computer, edit the DACL so that only managers are assigned the Allow - Allowed to authenticate permission. C.Place all client computers used by managers in an organizational unit (OU). Link a new Group Policy object (GPO) to the OU. Configure the GPO to enforce the Interactive logon: Require smart card setting. D.Place all client computers used by managers in an organizational unit (OU). Link a new Group Policy object (GPO) to the OU. Configure the GPO to set the startup type of the Smart Card service to Automatic. Correct Answers: A C 2: You are a security administrator for your company. The network consists of an Active Directory forest that contains two domains. The domains are named treyresearch.com and litwareinc.com. All Active Directory domains are running at a Windows Server 2000 mixed mode functionality level. Employees in the help desk department need to modify certain attributes of employee user accounts that reside in the treyresearch.com domain. The help desk department user accounts reside in the litwareinc.com domain. You need to create a single group named Help Desk that contains all help desk department user accounts and that can be granted access to modify the employee user accounts in the treyresearch.com domain. What should you do? A.Use a universal security group in the treyresearch.com domain named Help Desk. B.Use a universal security group in the litwareinc.com domain named Help Desk. C.Use a global security group in the litwareinc.com domain named Help Desk. D.Use a global security group in the treyresearch.com domain named Help Desk. Correct Answers: C 3: You are a security administrator for Contoso, Ltd. The network consists of a single Active Directory domain named contoso.com. All servers run Windows Server 2003. All client computers run Windows XP Professional. All computers are members of the domain. The company has a main office and three branch offices. Each office is configured as an Active Directory site. Each site contains domain controllers. A domain user named Kim reports that she forgot her password. She works in one of the branch offices. A desktop support technician in the main office resets Kim's password, enables the User must change password at next logon option on Kim's user account, and then tells Kim the new password. Kim attempts to log on by using her new password and reports that she cannot change the password at logon.

You investigate the problem. Kim's user account is not locked out, and it is not disabled. Permissions for the user account are shown in the exhibit. (Click the Exhibit button.) You need to ensure that Kim can log on and change her password. What should you do? A.Assign the SELF group the Allow - Reset Password permission for Kim's user account. B.Assign the SELF group the Allow - Allowed to Authenticate permission for Kim's user account. C.Assign the Everyone group the Allow - Allowed to Authenticate permission for Kim's user account. D.Enable the Let Everyone permissions apply to anonymous users security setting in the domain. E.Reset Kim's password on a domain controller in her branch office. Correct Answers: E 4: You are a security administrator for your company. The network consists of two Active Directory domains. These domains each belong to separate Active Directory forests. The domain named graphicdesigninstitute.com is used primarily to support company employees. The domain named fineartschool.net is used to support company customers. The functional level of all domains is Windows Server 2003 interim mode. A one-way external trust relationship exists in

which the graphicdesigninstitute.com domain trusts the fineartschool.net domain. A Windows Server 2003 computer named Server1 is a member of the fineartschool.net domain. Server1 provides customers access to a Microsoft SQL Server 2000 database. The user accounts used by customers reside in the local account database on Server1. All of the customer user accounts belong to a local computer group named Customers. SQL Server is configured to use Windows Integrated authentication. Your company has additional SQL Server 2000 databases that reside on three Windows Server 2003 computers. These computers are member servers in the graphicdesigninstitute.com domain. The company's written security policy states that customer user accounts must reside on computers in the fineartschool.net domain. You need to plan a strategy for providing customers with access to the additional databases. You want to achieve this goal by using the minimum amount of administrative effort. What should you do? A.Create a new user account in the fineartschool.net Active Directory domain for each customer. Create a universal group in the fineartschool.net domain. Add the new customer domain user accounts as members of the new universal group. Assign this group permissions to access the databases. B.Create a new user account in the fineartschool.net Active Directory domain for each customer. Create a global group in the fineartschool.net domain. Add the new customer domain user accounts as members of the new global group. Assign this group permissions to access the databases. C.Create a new user account in the graphicdesigninstitute.com Active Directory domain for each customer. Create a global group in the fineartschool.net Active Directory domain. Assign the new global group permissions to access the databases. D.Create a new user account in the graphicdesigninstitute.com Active Directory domain for each customer. Create a universal group in the fineartschool.net Active Directory domain. Assign the new universal group permissions to access the databases. Correct Answers: B 5: You are a security administrator for your company. The company has one main office and five branch offices. Network administrators work in the main office and each branch office. Network administrators in the main office frequently create scripts that automate common administrative tasks. You review each script to ensure it does not introduce security vulnerabilities. Scripts that do not introduce security vulnerabilities are considered approved. Occasionally, branch office administrators modify these scripts and distribute the modified scripts to other branch office administrators. Branch office administrators often report that they accidentally run a modified version of a script. You need to ensure that branch office administrators can verify which scripts are approved scripts. What should you do? A.Maintain a list of the dates that the approved scripts were last modified. Instruct branch office administrators to verify the file modification date. B.Digitally sign all approved scripts. Instruct branch office administrators to verify the signature before using a script. C.Distribute all approved scripts to branch office administrators in an e-mail message. D.Place all approved scripts on a file server in the main office. Assign all branch office

administrators only the Allow - Read permission for the folder that contains the approved scripts. Instruct administrators to copy scripts from this file server. Correct Answers: B 6: You are a security administrator at your company. The network consists of a single Active Directory domain. The network contains Windows 2000 Professional client computers and Windows Server 2003 computers. Three Windows Server 2003 computers are named CA1, CA2, and CA3. You want to implement a public key infrastructure (PKI) to support the security requirements in your company. All certification authorities (CAs) must belong to the same CA hierarchy. You plan to install Certificate Services on CA1 first. CA1 will not be connected to the network and will be stored in a locked cabinet in the company data center. You plan to use CA2 to issue certificates for IPSec and Encrypting File System (EFS). You will configure CA2 to automatically issue these certificates. You plan to use CA3 to issue certificates that enable business partners to authenticate to your IIS Web site. CA3 will not be a member of the Active Directory domain. You need to configure Certificate Services on each server to fulfill the server's designated role. What should you do? To answer, drag the appropriate Certificate Services configuration roles to the correct server locations in the work area. Correct Answers: See Full Version 7: You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. You company uses the Internet to sell products. Customers place and view the status of orders by using a Web application named App1. App1 is hosted on a Windows Server 2003 computer that runs IIS. Users access App1 by using various Web browsers. You configure SSL for connections to App1. The company's written security policy states the following requirements: All users must enter a user name and password when they access App1. All users must use the same authentication method. All users must use credentials in the company's domain. You need to configure IIS to support the required authentication. What should you do? To answer, configure the appropriate option or options in the dialog box in the work area.

Correct Answers: See Full Version 8: You are a security administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional. Users store files on a server named Server1. These files are confidential and must be encrypted at all times while on Server1. You configure a new certification authority (CA) and issue certificates that support Encrypting File System (EFS) to all users. Users report that they cannot encrypt files that are stored on Server1. They report that they can encrypt files that are stored locally on their client computers. You need to ensure that users can encrypt files that are stored on Server1. What should you do? A.Enroll Server1 for a Computer certificate that supports file encryption. B.Configure a new EFS recovery agent. Deploy the EFS recovery agent by using Active Directory. C.Configure the Server1 computer account to be trusted for delegation. D.Enroll each client computer for a Computer certificate that supports file encryption. Correct Answers: C 9: You are a security administrator for your company. The network consists of two Active Directory domains named adatum.com and proseware.com. These domains are in the same Active Directory forest. The adatum.com Active Directory domain operates at a Windows 2000 mixed mode domain functional level. The proseware.com Active Directory domain operates at a Windows 2000 native mode domain functional level.

An application runs on four Windows Server 2003 computers. These computers are domain member servers in the adatum.com Active Directory domain. Authorized users in both the adatum.com and the proseware.com domains require access to this application. The network is depicted in the exhibit. (Click the Exhibit button.) You need to plan an authorization model to control user access to the application. You will place adatum.com user accounts in a group named Adatum AppUsers. You will place proseware.com user accounts in a group named Proseware AppUsers. You will use a group named AppResources to assign permissions that allow access to the application. You need to choose the appropriate types of groups to implement your plan. Which three types of groups should you choose? (Each correct answer presents part of the solution. Choose three.) A.Use a global group named Adatum AppUsers in the adatum.com domain. B.Use a domain local group named Adatum AppUsers in the adatum.com domain. C.Use a global group named Proseware AppUsers in the proseware.com domain. D.Use a domain local group named Proseware AppUsers in the proseware.com domain. E.Use a global group named AppResources that contains the Adatum AppUsers and the Proseware AppUsers groups in the adatum.com domain. F.Use a global group named AppResources that contains the Adatum AppUsers and the Proseware AppUsers groups in the proseware.com domain. G.Use a domain local group named AppResources that contains the Adatum AppUsers and the Proseware AppUsers groups in the adatum.com domain. H.Use a domain local group named AppResources that contains the Adatum AppUsers and the Proseware AppUsers groups in the proseware.com domain. Correct Answers: A C G 10: You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. The company occasionally experiences downtime because of malicious Internet worms that arrive as Microsoft Visual Basic Scripting Edition (VBS) files. You examine several client computers and discover that VBS files are downloaded by using Microsoft Outlook, instant messaging, or peer-to-peer file sharing programs. You need to prevent users from running VBS files regardless of how they arrive on client computers. What should you do? A.Use a software restriction policy to disable all unauthorized scripts. B.Use an Administrative Template to ensure that Outlook and Internet Explorer are in the

Restricted Sites security zone. C.Use a centralized logon script to rename the Wscript.exe file on each computer to contain a nonexecutable extension. D.Use a file system security policy to assign the Deny - Execute permission for the Wscript.exe file. Correct Answers: A

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback