You need to design a Security strategy for the wireless netw

第1题：

You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do？（）

• A、Create a script that installs the Hisecdc.inf security template
• B、Use a GPO to distribute and apply the Hisec.inf security template
• C、Use the System Policy Editor to configure each server’s security settings
• D、Use a GPO to distribute and apply a custom security template

第2题：

Your company’s network includes client computers that run Windows 7. You design a wireless network to use Extensible Authentication Protocol-Transport Level Security （EAP-TLS）.   The Network Policy Server has a certificate installed.   Client computers are unable to connect to the wireless access points.    You need to enable client computers to connect to the wireless network.   What should you do？（）

• A、Configure client computers to use Protected Extensible Authentication Protocol-Microsoft Challenge Handshake Authentication Protocol version 2 （PEAP-MS-CHAP v2）.
• B、Configure client computers to use Protected Extensible Authentication Protocol-Transport Layer Security （PEAP-TLS）.
• C、Install a certificate in the Trusted Root Certification Authorities certificate store.
• D、Install a certificate in the Third-Party Root Certification Authorities certificate store.

第3题：

第4题：

You need to recommend a Group Policy strategy for the Remote Desktop servers. What should you include in the recommendation？（）

• A、block inheritance
• B、loopback processing
• C、security filtering
• D、WMI filtering

第5题：

You need to design an audit strategy for Southbridge Video. Your solution must meet business requirements.What should you do？（）

• A、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO， and link it to the domain. Import the new security template into the new GPO
• B、Create a new security template that enables the Audit account logon events policy for successful and failed attempts. Create a new GPO， and link it to the Domain Controllers OU. Import the new security template into the new GPO
• C、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO， and link it to the Domain Controllers OU. Import the new security template into the new GPO
• D、Create a new security template that enables the Audit logon events policy for successful and failed attempts. Create a new GPO， and link it to the domain. Import the new security template into the new GPO

第6题：

You need to design a security strategy for VPN2. Your solution must meet business requirements. What should you do？（）

• A、Create and configure a new security template. Import the template into the Default Domain Policy Group Policy object （GPO）
• B、Install Internet Authentication Service （IAS） on RAS1. Configure VPN2 to be the RADIUS client of RAS1. Configure the remote access policy on VPN2
• C、Create and configure a new security template. Import the template into the local policy on VPN2
• D、Move VPN2 into the VPN Servers OU. Configure the remote access policy on VPN2

第7题：

You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003.   The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods， audit settings， and account policy settings.   The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements， renaming the administrator account， and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings.   You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized， and that after the deployment， the security settings on all application servers meet the design requirements.   What should you do？ （）

• A、 Apply the Setup security.inf template first， the Hisecws.inf template next， and then the Application.inf template.
• B、 Apply the Application.inf template and then the Hisecws.inf template.
• C、 Apply the Application.inf template first， the Setup security.inf template next， and then the Hisecws.inf template.
• D、 Apply the Setup security.inf template and then the Application.inf template.

第8题：

第9题：

You need to design an access control strategy for the marketing application. You solution must minimize impact on server and network performance. What should you do？（）

• A、Require client computers to connect to the marketing application by using a VPN connection
• B、Use IPSec to encrypt communications between the servers in the New York and Atlanta offices
• C、Require the high security setting on Terminal Services connections to the marketing application
• D、Configure all marketing application Web pages to require SSL

第10题：

You need to design a security strategy for the DHCP servers in the Seattle office. Which two actions should you perform？（）

• A、Disable all unnecessary services on each DHCP server
• B、Modify the discretionary access control lists （DACLs） in Active Directory so that only members of the Enterprise Admins security group can authorize additional DHCP servers
• C、Use an IPSec policy that allows only the packets necessary for DHCP and domain membership for each DHCP server
• D、Install a digital certificate for SSL on each DHCP server