88
135
443
445
第1题:
Your network contains a single Active Directory domain. You have an Exchange Server 2010 organization that contains a Hub Transport server named Hub1. Hub1 receives all e-mail messages that are sent to your organization from the Internet. A new company security policy states that domain-joined servers must not be accessible directly from theInternet. You need to create a message hygiene solution to meet the following requirements: .Comply with the new security policy .Minimize the amount of spam that is delivered to the internal Exchange servers in the organization What should you do first?()
第2题:
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. The Active Directory Federation Services (AD FS) role is installed on Server1. Contoso.com is defined as an account store. A partner company has a Web-based application that uses AD FS authentication. The partner company plans to provide users from contoso.com access to the Web application. You need to configure AD FS on contoso.com to allow contoso.com users to be authenticated by the partner company. What should you create on Server1()
第3题:
You deploy an Active Directory Federation Services (AD FS) Federation Service Proxy on a server named Server1. You need to configure the Windows Firewall on Server1 to allow external users to authenticate by using AD FS. Which inbound TCP port should you allow on Server1()
第4题:
Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2. Server1 has the Active Directory Federation Services (AD FS) Federation Service role service installed. You plan to deploy AD FS 2.0 on Server2. You need to export the token-signing certificate from Server1, and then import the certificate to Server2. Which format should you use to export the certificate()
第5题:
You deploy a new Active Directory Federation Services (AD FS) federation server. You request new certificates for the AD FS federation server. You need to ensure that the AD FS federation server can use the new certificates. To which certificate store should you import the certificates()
第6题:
You are designing a plan to migrate an existing application to Windows Azure. The application must use the existing Active Directory Domain Services (AD DS) domain. You need to recommend an approach for joining Windows Azure virtual machines to the domain. What should you recommend?()
第7题:
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 has the Active Directory Federation Services (AD FS) role installed. You have an application named App1 that is configured to use Server1 for AD FS authentication. You deploy a new server named Server2. Server2 is configured as an AD FS 2.0 server. You need to ensure that App1 can use Server2 for authentication. What should you do on Server2()
第8题:
Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest. The forest contains a single domain. You plan to deploy 10 Edge Transport servers on the perimeter network. You need to recommend a solution for the Edge Transport server deployment. The solution must meet the following requirements: .Allow administrators to apply a single security policy to all Edge Transport servers .Reduce the administrative overhead that is required to manage servers .Minimize the attack surface of the internal network What should you recommend?()
第9题:
You had installed an Active Directory Federation Services (AD FS) role on a Windows server 2008 in your organization. Now you need to test the connectivity of clients in the network to ensure that they can successfully reach the new Federation server and Federation server is operational. What should you do()
第10题:
As an administrator at Certkiller.com, you have installed an Active Directory forest that has a single domain. You have installed an Active Directory Federation services (AD FS) on the domain member server. What should you do to configure AD FS to make sure that AD FS token contains information from the active directory domain()