You need to design a domain model that meets the company bus

第1题：

Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008 R2. All servers run Windows Server 2008 R2.   A corporate security policy requires complex passwords for user accounts that have administrator  privileges. You need to design a strategy that meets the following requirements： èEnsures that administrators use complex passwords   èMinimizes the number of servers required to support the solution What should you include in your design？（）

• A、Implement Network Access Protection （NAP）.
• B、Implement Active Directory Rights Management Services （AD RMS）.
• C、Create a new Password Settings Object （PSO） for administrator accounts.
• D、Create a new child domain in the forest. Move all non-administrator accounts to the new domain.Configure a complex password policy in the root domain.

第2题：

You work as the enterprise exchange administrator at TestKing.com. TestKing.com makes use of Microsoft Exchange Server messaging solution. The TestKing.com network consists of a single ActiveDirectory domain named testking.com. TestKing.com is configured to run an exchange 2010 environment.  You are planning to design the installation of numerous Mailbox servers. TestKing.com Service LevelAgreement （SLA） requires the following： * The servers need to support 1，500 concurrent connections to mailboxes.* The servers need to maintain a latency of less than 20 milliseconds. You ensure deployment success you need to ensure that your design comply with the Service LevelAgreement （SLA） of TestKing.com. What should you do？（）

• A、The best option is to use the Exchange Server User Monitor （ExMon） tool to check if your design meets the requirements.
• B、The best option is to use the Exchange Server Load Generator （LoadGen） 2010 tool to check if your design meets the requirements.
• C、The best option is to use the Exchange Server Connectivity Analyzer （ExRCA） tool to check if your design meets the requirements.
• D、The best option is to use the Exchange Server Jetstress 2010 tool to check if you design meets there quirements.

第3题：

Your company has a single Active Directory Domain Services （AD DS） domain and 1，000 Windows Vista computers.  You are planning to deploy Windows 7 and a custom application.   You have the following requirements：   The application must be available to only a specific group of users. You must be able to monitor application usage.   You need to design a deployment method for the custom application that meets the requirements.  Which deployment method should you use in your design？（）

• A、software installation in Group Policy
• B、startup scripts in Group Policy
• C、Microsoft Application Virtualization （App-V）
• D、baseline Windows 7 image that includes the custom application

第4题：

You need to design a Security strategy for the wireless network at all resort locations.What should you do？（）

• A、Connect the wireless access points to a dedicated subnet. Allow the subnet direct access to the Internet，but not to the company network.Require company users to establish a VPN to access company resources
• B、Install Internet Authentication Service （IAS） on a domain controller.Configure the wireless access points to require IEEE 802.1x authentication
• C、Establish IPSec policies on all company servers to request encryption from all computers that connect from the wireless IP networks
• D、Configure all wireless access points to require the Wired Equivalent Privacy （WEP） protocol for all connections. Use a Group Policy object （GPO） to distribute the WEP keys to all computers in the domain

第5题：

You need to design a method to log changes that are made to servers and domain controllers. You also need to track when administrators modify local security account manager objects on servers. What should you do？（）

• A、Enable failure audit for privilege user and object access on all servers and domain controllers
• B、Enable success audit for policy change and account management on all servers and domain controllers
• C、Enable success audit for process tracking and logon events on all servers and domain controllers
• D、Enable failure audit for system events and directory service access on all servers and domain controllers

第6题：

You work as the enterprise exchange administrator at Company.com.The Company.com network consists of a single Active Directory domain named Company.com.Company.com has an Exchange Server 2010 organization.Due to circumstances， Company.com has acquired a new Internet domain name.This results in that the employees cannot receive e-mail that is sent to the new Internet domain name.The new Internet domain name is set up as an e-mail address suffix.The Company.com employees need to receive e-mail sent from the new Internet domain name. What should you do？（）

• A、You should consider using an External Relay Accepted Domain.
• B、You should consider using an Authoritative Accepted Domain.
• C、You should consider using a remote domain.
• D、You should consider using a new Receive connector.

第7题：

You need to design a method to implement account policies that meets the requirements in the written security policy. What should you do？（）

• A、Create a GPO and link it to the New York OU， to the Denver OU， and to the Dallas OU.Configure the GPO with the required account policy settings
• B、On all computers in the domain， configure the Local Security Policy7 with the required account policy settings
• C、Configure the Default Domain Policy GPO with the required account policy settings
• D、Configure the Default Domain Controllers Policy GPO with the required account policy settings

第8题：

The company wants to evaluate making all business office users administrators on their client computers. You need to design a method to ensure that this change can be made in a manner that meets business and security requirements. What should you do？（）

• A、On all domain controllers， implement registry access auditing for all registry keys that are considered sensitive by the company’s written security policy
• B、On all client computers， implement logon auditing for all user account logons
• C、On all client computers， configure registry access auditing for all registry keys that are considered sensitive by the company’s written security policy
• D、On all domain controllers， implement logon auditing for all user account logons

第9题：

You need to recommend a solution for the file servers that meets the company's technical requirements.   What should you include in the recommendation？（）

• A、Storage Manager for SANs
• B、Network Load Balancing （NLB）
• C、TCP/IP offload services
• D、the Multipath I/O feature

第10题：

You need to recommend a delegation solution for CA1 that meets the company’s security requirements.   What should you include in the recommendation？（）

• A、access-based enumeration （ABE）
• B、Active Directory delegation
• C、Authorization Manager
• D、role separation