Your company has a single domain named...

单项选择题X 纠错

Your company has a single domain named contoso.com. The contoso.com DNS zone is Active Directory-integrated.Your partner company has a single domain named partner.com. The partner.com DNS zone is Active Directory-integrated.The IP addresses of the DNS servers in the partner domain will change.You need to ensure name resolution for users in contoso.com to resources in partner.com.What should you do？（）

A. Create a stub zone for partner.com on each DNS server in contoso.com.
B. Configure the Zone Replication Scope for partner.com to replicate to all DNS servers in the forest.
C. Configure an application directory partition in the contoso.com forest. Enlist all DNS servers in the contoso.com forest in the partition.
D. Configure an application directory partition in the partner forest. Enlist all DNS servers in the partner forest in the partition.

参考答案：

进入题库练习

单项选择题

Your company has four DNS servers that run Windows Server 2008. Each server has a static IP address. You need to prevent DHCP from assigning the addresses of the DNS servers to DHCP clients. What should you do？（）

A. Create a new scope for the DNS servers.
B. Create a reservation for the DHCP server
C. Configure the 005 Name Servers scope option
D. Configure an exclusion that contains the IP addresses of the four DNS servers

点击查看答案进入题库练习

单项选择题

You have a DHCP server that runs Windows Server 2008. The DHCP server has two network connections named LAN1 and LAN2. You need to prevent the DHCP server from responding to DHCP client requests on LAN2. The server must continue to respond to non-DHCP client requests on LAN2. What should you do？（）

A. From the DHCP snap-in， modify the bindings to associate only LAN1 with the DHCP service
B. From the DHCP snap-in， create a new multicast scope
C. From the properties of the LAN1 network connection， set the metric value to 1
D. From the properties of the LAN2 network connection， set the metric value to 1

点击查看答案进入题库练习

单项选择题

Your company has a server named Server1 that runs a Server Core installation of Windows Server 2008 R2, and the DNS Server server role. Server1 has one network interface named Local Area Connection. The static IP address of the network interface is configured as 10.0.0.1.You need to create a DNS zone named local.contoso.com on Server1.Which command should you use？（）

A. ipconfig /registerdns:local.contoso.com
B. dnscmd Server1 /ZoneAdd local.contoso.com /DSPrimary
C. dnscmd Server1 /ZoneAdd local.contoso.com /Primary /file local.contoso.com.dns
D. netsh interface ipv4 set dnsserver name=local.contoso.com

点击查看答案进入题库练习

单项选择题

You have a DHCP server that runs Windows Server 2008. The DHCP server has two network connections named LAN1 and LAN2. You need to prevent the DHCP server from responding to DHCP client requests on LAN2. The server must continue to respond to non-DHCP client requests on LAN2. What should you do？（）

A. From the DHCP snap-in， modify the bindings to associate only LAN1 with the DHCP service
B. From the DHCP snap-in， create a new multicast scope
C. From the properties of the LAN1 network connection， set the metric value to 1
D. From the properties of the LAN2 network connection， set the metric value to 1

点击查看答案进入题库练习

多项选择题

Your company has 10 servers that run Windows Server 2008. The servers have Remote Desktop Protocol （RDP） enabled for server administration. RDP is configured to use default security settings. All administrators’ computers run Windows Vista. You need to ensure the RDP connections are as secure as possible.Which two actions should you perform？（）

A.Set the security layer for each server to the RDP Security Layer.
B.Configure the firewall on each server to block port 3389.
C.Acquire user certificates from the internal certification authority.
D.Configure each server to allow connections only to Remote Desktop client computers that use Network Level Authentication.

点击查看答案进入题库练习

单项选择题

Your network consists of a single Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2008. All client computers run Windows Vista. All computers are members of theActive Directory domain. You assign the Secure Server （Require Security） IPsec policy to Server1 by using a GPO. Users report that they fail to connect to Server1. You need to ensure that users can connect to Server1. All connections to Server1 must be encrypted. What should you do？（）

A. Restart the IPsec Policy Agent service on Server1
B. Assign the Client （Respond Only） IPsec policy to Server1
C. Assign the Server （Request Security） IPsec Policy to Server1
D. Assign the Client （Respond Only） IPsec policy to all client computers

点击查看答案进入题库练习

单项选择题

Your company has a main office and a branch office. The company network has two WINS servers. You have an application that requires NetBIOS name resolution.The WINS servers are configured as shown in the following table. Location Server name IP address Main office DC1 10.1.0.23 .Branch office DC2 10.6.0.254.You discover that the WINS addresses on all client computers in both offices are configured in the following order of use: 10.1.0.23 10.6.0.254 You reconfigure the WINS addresses on all client computers in the branch office in the following order of use: 10.6.0.254 10.1.0.23 After the reconfiguration, users in the branch office are unable to connect to the servers that are located in the main office.You need to restore name resolution in the branch office.What should you do？（）

A. Configure the burst handling option on DC2.
B. Configure DC1 and DC2 as WINS push/pull replication partners.
C. In the WINS server properties on DC1, increase the Renew interval setting to 1 day.
D. In the WINS server properties on DC2, increase the Renew interval setting to 1 day.

点击查看答案进入题库练习

单项选择题

Your corporate network has a member server named RAS1 that runs Windows Server 2008. You configure RAS1 to use the Routing and Remote Access Services （RRAS）. 󰙴The company s remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees. You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection. What should you do？（）

A.Install the Network Policy Server （NPS） on the RAS1 server.
B.Create a remote access policy that requires users to authenticate by using SPAP.
C.Create a remote access policy that requires users to authenticate by using EAP-TLS.
D.Create a remote access policy that requires users to authenticate by using MS-CHAP v2.

点击查看答案进入题库练习

单项选择题

Your company has an Active Directory forest. The corporate network uses DHCP to configure client computer IP addresses. The DHCP server has a DHCP client reservation for a portable computer named WKS1. You install a second DHCP server on the network. You need to ensure that WKS1 receives the DHCP reservation from the DHCP service. What should you do？（）

A. Run the ipconfig /renew command on WKS1
B. Run the netsh add helper command on WKS1
C. Add the DHCP reservation for WKS1 to the second DHCP server
D. Add both DHCP servers to the RAS and IAS Servers group in the Active Directory domain

点击查看答案进入题库练习

多项选择题

Your company has a single Active Directory domain. All servers run Windows Server 2008. The company network has 10 servers that perform as Web servers. All confidential files are located on a server named FSS1. The company security policy states that all confidential data must be transmitted in the most securemanner. When you monitor the network， you notice that the confidential files are stored on the FSS1 server are being transmitted over the network without encryption. You need to ensure taht encryption is always used when the confidential files on the FSS1 server are transmitted over the network. What are two possible ways to achieve this goal？（）

A. Deactivate all LM and NTLM authentication methods on the FSS1 server
B. Use IIS to publish the confidentials files. activate SSL on the ISS server， and then open the files as a web folder.
C. Use IPSec encryption between the FSS1 server and the computers of the users who need to access the confidential files
D. Use the Server Message Block （SMB） signing between the FSS1 server and the computers of the users who want to access the confidential files.
E. Activate offline files for the confidential files that are stored on the FSS1 server. In the Folder Advanced.Properties dialog box， select the Encrypt contents to secure data option.

点击查看答案进入题库练习