You are the administrator of your company's network. You want to configure a Security Policy for the Windows 2000 Professional Computers that are in the sales department.   On one of the computers, you use Security Templates to configure the Security Poli

第1题：

You upgrade all client computers in your network to Windows 2000 Professional. Then you apply the basicwk.inf security template to the computers. Now， none of the users can run the company’s database application. What should you do？（）

• A、Apply the compactws.inf security template to the computers.
• B、Delete the basicwk.inf security template file from the computers.
• C、Use the system policy editor to configure a new security policy for the database application.
• D、For each user account， allow read permission to the database application and in associated files.

第2题：

You are the administrator of Company.com’s Windows 2000 Network.  Your routed TCP/IP network consists of 10 Windows 2000 Server computers and 75 Windows 2000 Professional computers. All computers are in the Company.com domain. Your network uses TCP/IP as the only network protocol. You are installing 10 new Windows 2000 Professional computers. You want to enable the new computers to use host names to connect to shared resources on the network. You configure a TCP/IP address, a gateway address and a subnet mask on each new computer.   You want to complete the configuration to allow the computers to communicate on the network.  What should you do?（）

• A、Configure a HOSTS file.
• B、Configure a LMHOSTS file.
• C、Configure a WINS server database.
• D、Configure a DHCP server address.
• E、Configure at least one DNS address.

第3题：

You are the desktop administrator for one of your company's branch offices. The network in your branch office contains 100 Windows XP Professional computers. The computers are configured with the Compatws.inf security template. One of the network administrators in the company's main office creates a new security template named CompanySec.inf. The new template is designed to be applied to each of the company's Windows XP Professional computers. The users in your branch office have different security requirements from the users in the main office. You need to find out whether the new security template will violate the security requirements of the users in the branch office. What should you do?（）

• A、Run the Secedit.exe command in validation mode and specify the new security template.
• B、Run the Secedit.exe command in configuration mode and specify the new security template. 
• C、Use the Security Configuration and Analysis console to import both templates into a security database, and then perform an Analyze operation. 
• D、Use the Security Configuration and Analysis console to import both templates into a security database, and then perform a Configure operation. 

第4题：

You are the network administrator for ExamSheet.  Computers on your network run Windows 2000 Professional, Windows NT Workstation 4.0 and Windows 98. Ten Windows 2000 Professional computers are located in the research department. These computers contain highly confidential information. You want the 10 Windows 2000 Professional computers to be able to communicate only with other Windows 2000 computers.  What should you do?（）

• A、On the research computers use the Local Computer Policy to disable theAccess this computer  from the networkoption.
• B、Use Security Configuration and Analysis to apply the Highly Secure security template to the research computers.
• C、Add the users of the research computers to the Power Users group on each computer.
• D、On the research computers configure the security settings to prevent anonymous access.

第5题：

You are the administrator of your company’s network. You use Security Templates to configure a Security Policy on the Windows 2000 Professional Computers in the Sales organizational unit （OU）. You notice that the Computers in the Sales OU are not downloading the Security Policy settings. On each computer， the Security Policy appears in the Local Computer Policy， but is not listed as the effective policy. You want all computers in the Sales OU to have the Security Policy listed as the effective policy. How should you accomplish this task？ （）

• A、Use Security Templates to correct the setting and export the security file.
• B、Use Security Configuration and Analysis to import the security setting. Then create a Group policy object （GPO） for the Sales QU.
• C、Use Secedit /RefreshPolicy Machine_Policy command.
• D、Use the Basicwk.inf security file settings， save the security file， and then import the fileto theComputers.

第6题：

You are the network administrator for Company.  You have been assigned the task to upgrade the 23 Windows NT Workstation 4.0 computers in the accounting department to Windows 2000 Professional. Users in the accounting department run a peer-to-peer financial and credit application on their computers. The application requires that information is passed between the accounting department computers over the network. You upgrade all the computers and configure them to have the default security settings. You want to ensure that network traffic between accounting computers is secure. What should you do? （）

• A、Disable NetBIOS over TCP/IP on the accounting department computers.
• B、Apply the Hisecws.inf security template to the local security policy on the accounting department computers.
• C、Enable the Encrypting File System （EFS） on all files used by the financial and credit application on the accounting department computers.
• D、Configure port filters for each port used by the financial and credit application on the accounting department computers.

第7题：

You are the administrator of your company’s network. Ten Windows 2000 Professional computers are located in the Research department. The computers contain highly confidential information. You want the 10 computers to be able to communicate with other Windows 2000 Professional computers on the network. However, you do not want them to communicate with computers that are not running Windows 2000, including those that are running Windows 95, Windows 98 and Windows NT.  You want to configure a security policy on each computer to ensure that the confidential information is secure. What should you do?（）

• A、Use Security Configuration and Analysis to import the Hisecws.inf security template file to modify the default security settings.
• B、Use security templates to create a security template file and import the security settings to modify the default security settings.
• C、Use the local computer policy to disable the access to this computer from the network option.
• D、Use Secedit.exe to reconfigure the computers’ default security settings to not allow anonymous access to the computers.

第8题：

You are the administrator of Company.com's Windows 2000 Network. The routed TCP/IP network that you administer consists of 10 Windows 2000 Server computers and 75 Windows 2000 Professional computers. All computers are members of a single Windows 2000 domain named Company.com. TCP/IP is the only network protocol used at Company's office. You have recently installed 10 new Windows 2000 Professional computers and you want to enable the new computers to use host names to connect to shared resources on the network. You configure a TCP/IP address and a gateway address on each new computer. You want to complete the configuration to allow the computers to communicate on the network.  What should you do?（）

• A、Configure a DNS suffix.
• B、Configure a subnet mask.
• C、Configure an LMHOSTS file.
• D、Configure an Interface metric.
• E、Configure at least one DNS address.

第9题：

You are the network administrator for The network consists of a single Active Directory domain The domain contains 25 Windows server 2003 computers and 5,000 Windows 2000 Professional computers. You install and configure Software Update Services (SUS) on a server named TestKingSrv. All client computer accounts are in the Clients organizational unit (OU). You create a Group Policy object (GPO) named SUSupdates and link it to the Clients OU. You configure the SUSupdates GPO so that client computers obtain security updates from TestKingSrv. Three days later, you examine the Windowsupdate.log file on several client computers and discover that they have downloaded Windows security updates from only You need to configure all client computers to download Windows security updates from TestKingSrv. What should you do?（）

• A、Open the SUSupdates GPO and configure the Configure Automatic Update policy to assign the Auto download and notify for install setting for Windows security updates.
• B、Open the SUSupdates GPO and configure the Configure Automatic Update policy to assign the Auto download and schedule the install setting for Windows security updates.
• C、Create software distribution policy for the SUSupdates GPO that assigns the package WUAU22.msi to all client computers. Restart all client computers.
• D、On all client computers, configure the UseWUServer registry value to enable Automatic Updates to use TestKingSrv.

第10题：

You are the administrator of your company's network. You install 220 new Windows 2000 Professional computers in the Sales department. Two weeks later users report that five of the computers have stopped responding. You troubleshoot the five computers and find that the users have attached USB devices and have installed device drivers that are not supported by Windows 2000 Professional. You want to ensure that it does not happen again. You decide to configure the computer to install device drivers only for the devices that are included on the current hardware compatibility list (HCL). What should you do?（）

• A、Use NTFS permission to restrict users access to the C:///WinNT/driver cache folder.
• B、Use NTFS permission to restrict users access to the C:///WinNT/system32/drivers folder.
• C、Configure Windows 2000 Professional to enable driver signing verification.
• D、Configure Windows 2000 Professional to trust the Microsoft certificate authority （CA）.