You need to design a group membership strategy for the Edito

第1题：

You need to design a security strategy for the DHCP servers in the Seattle office. Which two actions should you perform？（）

• A、Disable all unnecessary services on each DHCP server
• B、Modify the discretionary access control lists （DACLs） in Active Directory so that only members of the Enterprise Admins security group can authorize additional DHCP servers
• C、Use an IPSec policy that allows only the packets necessary for DHCP and domain membership for each DHCP server
• D、Install a digital certificate for SSL on each DHCP server

第2题：

You need to design a strategy for managing the messages that are sent to the customer service mailboxes. What should you do？（）

• A、Create a separate storage group and database to contain the customer service mailboxes. Enable circular logging for this storage group
• B、Create a separate storage group and database to contain the customer service mailboxes. Set the deleted item retention period for this database to zero
• C、Place the customer service mailboxes on a new mailbox store in the storage group that contains the main office user mailboxes. Enable circular logging for this storage group
• D、Place the customer service mailboxes on a new mailbox store in the storage group that contains the branch office user mailboxes. Set the deleted item retention period for this database to zero

第3题：

第4题：

You need to recommend a strategy for managing Windows Firewall that meets the companys technical requirements. What should you include in the recommendation？（）

• A、domain-based Group Policy objects （GPOs）
• B、local Group Policy objects （GPOs）
• C、Starter Group Policy objects （GPOs）
• D、System Starter Group Policy objects （GPOs）

第5题：

You need to design an administrative control strategy for Denver administrators. What should you do？（）

• A、Create a security group named HelpDesk. Add the HelpDesk group to the Enterprise Admins group in both domains
• B、Create a security group named HelpDesk. Add the HelpDesk group to the Domain Admins groups in both domains
• C、Add the Domain Admins group in the litwareinc.com domain to the Domain Admins group in the contoso.com domain. Delegate full control of the litwareinc.com domain to the Domain Admins group in the contoso.com domain
• D、Create a security group named HelpDesk for each office. Delegate administrative tasks to their respective OU or domain.Delegate full control of the contoso.com domain to the Domain Admins group from the litwareinc.com domain

第6题：

You have an Exchange Server 2010 organization.The organization contains a distribution group named Group1.You need to ensure that a user named User1 can review and approve all messages sent to Group1.You must prevent User1 from modifying the membership of Group1.  What should you do？（）

• A、Add User1 to Group1 Managed by list
• B、Assign User1 as a group moderator for Group1.
• C、Assign the Message Tracking management role to User1.
• D、Add User1 to Group1 and then create a new journal rule.

第7题：

You need to recommend a strategy for delegating administrative rights to Admin1. The strategy must support the company’s planned changes.What should you include in the recommendation？（）

• A、the Authorization Manager snap-in on Node1 and Node2
• B、the Authorization Manager snap-in on the VMs
• C、the Network Configuration Operators local group on each VM
• D、the Network Configuration Operators local group on Node1 and Node2

第8题：

Your company has a single Active Directory Domain Services （AD DS） domain and 1，000 Windows Vista computers.  You are planning to deploy Windows 7 and a custom application.   You have the following requirements：   The application must be available to only a specific group of users. You must be able to monitor application usage.   You need to design a deployment method for the custom application that meets the requirements.  Which deployment method should you use in your design？（）

• A、software installation in Group Policy
• B、startup scripts in Group Policy
• C、Microsoft Application Virtualization （App-V）
• D、baseline Windows 7 image that includes the custom application

第9题：

Your company has a single Active Directory Domain Services （AD DS） domain with Windows Server 2008 R2 member servers and 1，000 Windows 7 client computers. You are designing the deployment of a custom application.   You have the following requirements：   The application must be available to only users who need it. Minimize network traffic during deployment.   You need to design a deployment strategy that meets the requirements.   Which deployment method should you use？（）

• A、RemoteApp and Desktop Connections
• B、software installation in Group Policy
• C、Microsoft Application Virtualization （App-V）
• D、Microsoft System Center Configuration Manager 2007

第10题：

You need to design an access control and permission strategy for user objects in Active Directory.What should you do？（）

• A、Make the members of the AdvancedSupport security group members of the Domain Admins security group
• B、Give each desktop support technician permission to reset passwords for the top-level OU that contains user accounts at their own location
• C、Delegate full control over all OUs that contain user accounts to all AllSupport  security group
• D、Change the permissions on the domain object and its child objects so that the BasicSupport security group is denied permissions. Then， add a permission to each OU that contains user accounts that allows AllSupport security group members to reset passwords in that OU