Your companys security policy requires complex passwords.  

第1题：

Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008 R2. All servers run Windows Server 2008 R2.   A corporate security policy requires complex passwords for user accounts that have administrator  privileges. You need to design a strategy that meets the following requirements： èEnsures that administrators use complex passwords   èMinimizes the number of servers required to support the solution What should you include in your design？（）

• A、Implement Network Access Protection （NAP）.
• B、Implement Active Directory Rights Management Services （AD RMS）.
• C、Create a new Password Settings Object （PSO） for administrator accounts.
• D、Create a new child domain in the forest. Move all non-administrator accounts to the new domain.Configure a complex password policy in the root domain.

第2题：

Your corporate network has a member server named RAS1 that runs Windows Server 2008 R2. You configure RAS1 to use the Routing and Remote Access Services (RRAS).The companys remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees.You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection.What should you do？（）

• A、Install the Network Policy Server (NPS) server role on RAS1.
• B、Create a remote access policy that requires users to authenticate by using SPAP.
• C、Create a remote access policy that requires users to authenticate by using EAP-TLS.
• D、Create a remote access policy that requires users to authenticate by using MS-CHAP v2.

第3题：

第4题：

Your company’s security policy requires complex passwords.   You have a comma delimited file named import.csv that contains user account information. You  need to create user accounts in the domain by using the import.csv file.   You also need to ensure that the new user accounts are set to use default passwords and are  disabled.     What should you do（）

• A、Modify the userAccountControl attribute to disabled. Run the csvde -i -k -f import.csv command. Run the DSMOD utility
• B、Modify the userAccountControl attribute to accounts disabled. Run the csvde -f import.csv command. Run the DSMOD utility
• C、Modify the userAccountControl attribute to disabled. Run the wscript import.csv command. Run the DSADD utility
• D、Modify the userAccountControl attribute to disabled. Run the ldifde -i -f import.csv command. Run the DSADD utility

第5题：

Your corporate network has a member server named RAS1 that runs Windows Server 2008. You configure RAS1 to use the Routing and Remote Access Service （RRAS） The companys remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees. You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection. What should you do？（）

• A、 Install the Network Policy Server （NPS） on the RAS1 server
• B、 Create a remote access policy that requires users to authenticate by using SPAP
• C、 Create a remote access policy that requires users to authenticate by using EAP-TLS
• D、 Create a remote access policy that requires users to authenticate by using MS-CHAP v2

第6题：

Which statement describes the behavior of a security policy？（）

• A、The implicit default security policy permits all traffic.
• B、Traffic destined to the device itself always requires a security policy.
• C、Traffic destined to the device’s incoming interface does not require a security policy.
• D、The factory-default configuration permits all traffic from all interfaces.

第7题：

You need to design security changes that provide maximum protection for customer data and courier assignments.What should you do？（）

• A、Create a separate domain for courier authentication
• B、Implement smart card authentication for business office users and couriers， upgrading client operating systems as needed. Modify the Web kiosks to require smart card presence for continued access
• C、Modify the Default Domain Policy Group Policy object （GPO） so that couriers must use complex user account passwords. Require all couriers to change their passwords the next time they log on to the Web application
• D、Use Encrypting File System （EFS） to encrypt all files that contain customer data

第8题：

第9题：

You are the administrator of your company’s network. You use Security Templates to configure a Security Policy on the Windows 2000 Professional Computers in the Sales organizational unit （OU）. You notice that the Computers in the Sales OU are not downloading the Security Policy settings. On each computer， the Security Policy appears in the Local Computer Policy， but is not listed as the effective policy. You want all computers in the Sales OU to have the Security Policy listed as the effective policy. How should you accomplish this task？ （）

• A、Use Security Templates to correct the setting and export the security file.
• B、Use Security Configuration and Analysis to import the security setting. Then create a Group policy object （GPO） for the Sales QU.
• C、Use Secedit /RefreshPolicy Machine_Policy command.
• D、Use the Basicwk.inf security file settings， save the security file， and then import the fileto theComputers.

第10题：

You deploy mobile devices that run Microsoft Windows Mobile 5.0.   Company security policy requires an authentication process that is stronger than a user name and password combination.   You need to ensure that Microsoft ActiveSync sessions use an authentication process that meets the company security policy.   What should you do？（）

• A、Deploy a two-factor authentication process.
• B、Deploy a single-factor authentication process.
• C、Deploy a simple PIN policy for the Windows Mobilebased devices.
• D、Deploy a complex PIN policy for the Windows Mobilebased devices.