Your network contains an Active Directory domain.     You have a server named Server1 that runs Windows Server 2008 R2. Server1 is an enterprise root certification authority （CA）.   You have a client computer named Computer1 that runs Windows 7. You enabl

第1题：

You have a computer named Computer1 that runs Windows 7. The computer is a member of an ActiveDirectory domain. The network contains a file server named Server1 that runs Windows Server 2008. Youlog on to the computer by using an account named User1. You need to ensure that when you connect toServer1, you authenticate by using an account named Admin1.  What should you do on Computer1?（）

• A、From User Accounts， select Link online IDs.
• B、From Windows CardSpace， select Add a card.
• C、From Credential Manager， select Add a Windows credential.
• D、From Local Security Policy， modify the Access this computer from the network user right

第2题：

Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). You have a server named Server1. Server1 is configured as an enterprise root certification authority (CA). You perform a complete backup of Server1 that includes the system state. Server1 fails. You install a new server named Server1. You need to recover the enterprise root CA. What should you do? （）

• A、Restore the system state backup.
• B、Restore the %systemroot%/system32/certsrv folder.
• C、From the Certificates snap-in, import the enterprise root CA certificate.
• D、From the Certificates snap-in, import the enterprise root CA certificate revocation list (CRL).

第3题：

You have a computer named Computer1 that runs Windows 7. You have a server named Server1 that runsWindows Server 2008. Computer1 and Server1 have IPv4 and IPv6 installed. You need to identify whetheryou can connect to Server1 by using IPv6.  What should you do?（）

• A、Run Ping Server1 -6.
• B、Run Ping Server1 n 6.
• C、Run Net view //Server1.
• D、Open //server1 from the Run dialog box.

第4题：

You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an enterprise root certification authority （CA）. You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do（）

• A、Import the enterprise root CA certificate.
• B、Configure the Certificate Distribution Point （CDP） extension.
• C、Configure the Authority Information Access （AIA） extension.
• D、Add the Server2 computer account to the CertPublishers group.

第5题：

Your network contains a server named Server1.contoso.com. Server1 is located on the internal network. You have a client computer named Computer1 that runs Windows 7. Computer1 is located on a public network that is connected to the Internet. Computer1 is enabled for DirectAccess. You need to verify whether Computer1 can resolve Server1 by using DirectAccess. Which command should you run on Computer1？（）

• A、nbtstat.exe a server1.contoso.com
• B、netsh.exe dnsclient show state
• C、nslookup.exe server1.contoso.com
• D、ping.exe server1.contoso.com

第6题：

Your network contains a Network Policy and Access Services server named Server1. All certificates in theorganization are issued by an enterprise certification authority (CA) named Server2. You have a standalonecomputer named Computer1 that runs Windows 7. Computer1 has a VPN connection that connects toServer1 by using SSTP. You attempt to establish the VPN connection to Server1 and receive the followingerror message: A certificate chain processed, but terminated in a root certificate which is not trusted by thetrust provider. You need to ensure that you can successfully establish the VPN connection to Server1.  What should you do on Computer1?（）

• A、Import the root certificate to the user s Trusted Publishers store.
• B、Import the root certificate to the computer s Trusted Root Certification Authorities store.
• C、Import the server certificate of Server1 to the user s Trusted Root Certification Authorities store.
• D、Import the server certificate of Server1 to the computer s Trusted Root Certification Authorities store.

第7题：

You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2.  Server1 is configured as an Enterprise Root certification authority （CA）. You install the Online  Responder role service on Server2.     You need to configure Server2 to issue certificate revocation lists （CRLs） for the enterprise root  CA.     Which two tasks should you perform（）

• A、Import the enterprise root CA certificate.
• B、Import the OCSP Response Signing certificate.
• C、Add the Server1 computer account to the CertPublishers group.
• D、Set the Startup Type of the Certificate Propagation service to Automatic.

第8题：

Your network contains a stand-alone root certification authority （CA）. You have a server named Server1 that runs Windows Server 2008 R2.  You issue a server certificate to Server1. You deploy Secure Socket Tunneling Protocol （SSTP） on Server1.   You need to recommend a solution that allows external partner computers to access internalnetwork resources by using SSTP.   What should you recommend？（）

• A、Enable Network Access Protection （NAP） on the network.
• B、Deploy the Root CA certificate to the external computers.
• C、Implement the Remote Desktop Connection Broker role service.
• D、Configure the firewall to allow inbound traffic on TCP Port 1723.

第9题：

You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2.   Server1 is configured as an enterprise root certification authority （CA）.    You install the Online Responder role service on Server2.    You need to configure Server1 to support the Online Responder. What should you do（）

• A、Import the enterprise root CA certificate.
• B、Configure the Certificate Revocation List Distribution Point extension.
• C、Configure the Authority Information Access （AIA） extension.
• D、Add the Server2 computer account to the CertPublishers group.

第10题：

Your company has a server named Server1 that runs Windows Server 2008. Server1 is a Windows ServerUpdate Services (WSUS) server. You have a computer named Computer1 that runs Windows 7. Computer1 is configured to obtain updates from Server1. You open the WSUS snap-in on Server1 and discover that Computer1 does not appear. You need to ensure that Computer1 appears in the WSUS snap-in.  What should you do?（）

• A、On Server1， open Windows Update then select Check for updates.
• B、On Server1， run Wsusutil.exe and specify the /import parameter.
• C、On Computer1， open Windows Update and then select Change settings.
• D、On Computer1， run Wuauclt.exe and specify the /detectnow parameter.