You enabled an audit policy by

第1题：

You have a computer that runs Windows 7. You need to record when an incoming connection is allowedthrough Windows firewall. What should you do?（）

• A、In Local Group Policy， modify the audit policy.
• B、In Local Group Policy， modify the system audit policy.
• C、From the Windows Firewall with Advanced Security properties， set the logging settings to Log successfulconnections.
• D、From the Windows Firewall with Advanced Security properties， set the Data Protection （Quick Mode）IPSec settings to Advanced.

第2题：

You wish to enable an audit policy for all database users, except SYS, SYSTEM, and SCOTT.You issue the following statements: SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SYS;SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SYSTEM; SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SCOTT; For which database users is the audit policy now active?（）

• A、All users except SYS
• B、All users except SCOTT
• C、All users except sys and SCOTT
• D、All users except sys, system, and SCOTT

第3题：

第4题：

Your company has deployed Network Access Protection （NAP） enforcement for VPNs. You need to ensure that the health of all clients can be monitored and reported. What should you do？（）

• A、Create a Group Policy object （GPO） that enabled Security Center and link the policy to the domain.
• B、Create a Group Policy object （GPO） that enabled Security Center and link the policy to the Domain controllers organizational unit （OU）
• C、Create a Group Policy object （GPO） and set the Require trusted path for credential entry option to eabled. Link the Policy to the domain.
• D、Create a Group Policy object （GPO） and set the Require trusted path for credential entry option to eabled. Link the Policy to the Domain Controllers organizational unit （OU）

第5题：

You need to design a method to log changes that are made to servers and domain controllers. You also need to track when administrators modify local security account manager objects on servers. What should you do？（）

• A、Enable failure audit for privilege user and object access on all servers and domain controllers
• B、Enable success audit for policy change and account management on all servers and domain controllers
• C、Enable success audit for process tracking and logon events on all servers and domain controllers
• D、Enable failure audit for system events and directory service access on all servers and domain controllers

第6题：

You installed Oracle Database 11g afresh. Which statements are true regarding the default audit settings in this database？（） 

• A、 The audit trail is stored in an operating system file.
• B、 Auditing is disabled for all privileges.
• C、 The audit trail is stored in the database.
• D、 Auditing is enabled for all privileges.
• E、 Auditing is enabled for certain privileges related to database security.

第7题：

You need to design an audit strategy for Southbridge Video. Your solution must meet business requirements.What should you do？（）

• A、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO， and link it to the domain. Import the new security template into the new GPO
• B、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO， and link it to the Domain Controllers OU. Import the new security template into the new GPO
• C、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO， and link it to the Domain Controllers OU. Import the new security template into the new GPO
• D、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO， and link it to the domain. Import the new security template into the new GPO

第8题：

第9题：

Certkiller .com has organizational units in the Active Directory domain. There are 10 servers in the organizational unit called Security. As an administrator at Certkiller .com， you generate a Group Policy Object （GPO） and link it to the Security organizational unit. What should you do to monitor the network connections to the servers in Security organizational unit（）

• A、Start the Audit Object Access option
• B、Start the Audit System Events option
• C、Start the Audit Logon Events option
• D、Start the Audit process tracking option
• E、All of the above

第10题：

Your network contains an Active Directory domain. All domain controllers run Windows Server 2008  R2. Client computers run either Windows 7 or Windows Vista Service Pack 2 （SP2）.  You need to audit user access to the administrative shares on the client computers.   What should you do（）

• A、Deploy a logon script that runs Icacls.exe.
• B、Deploy a logon script that runs Auditpol.exe.
• C、From the Default Domain Policy， modify the Advanced Audit Policy Configuration.
• D、From the Default Domain Controllers Policy， modify the Advanced Audit Policy Configuration.