You are a network administrator for your company. The network contains a perimeter network. The perimeter network contains four Windows Server 2003, Web Edition computers that are configured as a Network Load Balancing cluster. The cluster hosts an e-commerce Web site that must be available 24 hours per day. The cluster is located in a physically secure data center and uses an Internet-addressable virtual IP address. All servers in the cluster are configured with the Hisecws.inf template. You need to implement protective measures against the cluster’s most significant security vulnerability. What should you do? ()
第1题:
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. You administer a Network Load Balancing cluster that consists of three nodes. Each node runs Windows Server 2003 and contains a single network adapter. The Network Load Balancing cluster can run only in unicast mode. The Network Load Balancing cluster has converged successfully. To increase the utilization of the cluster, you decide to move a particular application to each node of the cluster. For this application to run, you must add a Network Load Balancing port rule to the nodes of the cluster. You start Network Load Balancing Manager on the second node of the cluster. However, Network Load Balancing Manager displays a message that it cannot communicate with the other two nodes of the cluster. You want to add the port rule to the nodes of the cluster. What should you do? ()
第2题:
Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest. The forest contains a single domain. You plan to deploy 10 Edge Transport servers on the perimeter network. You need to recommend a solution for the Edge Transport server deployment. The solution must meet the following requirements: .Allow administrators to apply a single security policy to all Edge Transport servers .Reduce the administrative overhead that is required to manage servers .Minimize the attack surface of the internal network What should you recommend?()
第3题:
Your network contains an internal network and a perimeter network that are separated by a firewall. The perimeter network contains an Exchange Server 2010 Edge Transport server. You plan to deploy an internal Exchange Server 2010 organization that meets the following requirements:.Support EdgeSync synchronization .Support encrypted delivery of outbound e-mail messages to the Edge Transport server .Minimize the attack surface of the internal network Which TCP ports should you allow from the internal network to the perimeter network?()
第4题:
Your company named Contoso, Ltd. has a two-node Network Load Balancing cluster. The cluster is intended to provide high availability and load balancing for only the intranet Web site. The name of the cluster is web.contoso.com. You discover that Contoso users can see the Network Load Balancing cluster in the network neighborhood and can connect to various services by using the web.contoso.com name. The web.contoso.com Network Load Balancing cluster is configured with only one port rule. You need to configure the web.contoso.com Network Load Balancing cluster to accept only HTTP traffic. Which two actions should you perform?()
第5题:
All servers and client computers in your company are configured to use WINS for name resolution. The internal network is separated from a perimeter network (also known as DMZ) by a third-party firewall. Firewall rules do not allow name resolution between the internal network and the perimeter network. You move a Windows Server 2003 server named Server1 to the perimeter network. You need to ensure that all computers on the internal network can connect to Server1 by name. What should you do?()
第6题:
Your network is configured as shown in the following diagram.You deploy an enterprise certification authority (CA) on the internal network. You also deploy a Microsoft Online Responder on the internal network. You need to recommend a secure method for Internet users to verify the validity of individual certificates. The solution must minimize network bandwidth. What should you recommend?()
第7题:
You are the network administrator for The network consists of an internal network and a perimeter network. The internal network is protected by a firewall. The perimeter network is exposed to the Internet. You are deploying 10 Windows Server 2003 computers as Web servers. The servers will be located in the perimeter network. The servers will host only publicly available Web pages. You want to reduce the possibility that users can gain unauthorized access to the servers. You are concerned that a user will probe the Web servers and find ports or services to attack. What should you do?()
第8题:
You are a network administrator for your company. All domain controllers run Windows Server 2003. The network contains 50 Windows 98 client computers, 300 Windows 2000 Professional computers, and 150 Windows XP Professional computers. According to the network design specification, the Kerberos version 5 authentication protocol must be used for all client computers on the internal network. You need to ensure that Kerberos version 5 authentication is used for all client computers on the internal network. What should you do? ()
第9题:
Your network contains an internal network and a perimeter network. The internal network contains a single Active Directory site. The perimeter network contains two Exchange Server 2010 Edge Transport servers. You plan to deploy an Exchange Server 2010 organization on the internal network. You need to plan the deployment of Hub Transport server roles to meet the following requirements:.If a single Hub Transport server fails, e-mail messages from the Internet must be delivered to the Mailboxservers. .If a single Hub Transport server fails, users must be able to send e-mail messages to other users thathave mailboxes on the same Mailbox server. What should you include in the plan?()
第10题:
You are a network administrator for Alpine Ski House. The internal network has an Active Directory-integrated zone for the alpineskihouse.org domain. Computers on the internal network use the Active Directory-integrated DNS service for all host name resolution. The Alpine Ski House Web site and DNS server are hosted at a local ISP. The public Web site for Alpine Ski House is accessed at www.alpineskihouse.com. The DNS server at the ISP hosts the alpineskihouse.com domain. To improve support for the Web site, your company wants to move the Web site and DNS service from the ISP to the company’s perimeter network. The DNS server on the perimeter network must contain only the host (A) resource records for computers on the perimeter network. You install a Windows Server 2003 computer on the perimeter network to host the DNS service for the alpineskihouse.com domain. You need to ensure that the computers on the internal network can properly resolve host names for all internal resources, all perimeter resources, and all Internet resources. Which two actions should you take? ()