You have two stand-alone servers that run Windows Server 2003 Service Pack 2 (SP2). You assign the Secure Server (Require security) IPSec policy to both servers. From Server1, you notice that you cannot access resources on Server2.You need to ensure that 

第1题：

Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2).You have two servers named Server1 and Server2. Both servers have Windows Server Update Services (WSUS) 3.0 installed.You need to configure WSUS so that Server2 uses Server1 as the upstream server. What should you do on Server2?（）

• A、From the command prompt, run wuauclt.exe. 
• B、From the command prompt, run wsusutil.exe. 
• C、From the Update Services console, run the WSUS Server Configuration Wizard. 
• D、From the Local Computer Policy, specify the location on the intranet for the Microsoft update service.

第2题：

Your company has two offices. All servers run Windows Server 2003 Service Pack 2 （SP2）.You need to ensure that Server1 can communicate with Web servers on the Internet.  Which default gateway should you assign to Server1？（）

• A、10.10.10.129
• B、10.10.11.1
• C、131.107.1.1
• D、192.168.1.1

第3题：

Your network consists of a single Active Directory domain and a single subnet. The network is not connected to the Internet. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3).You have a DHCP server named Server1. All client computers receive their IP configurations from Server1. You implement a new server named Server2. You connect Server2 to the internal network and the Internet. You then configure Server2 as a network address translation (NAT) router. From a client computer, you discover that you cannot access any Internet servers. From Server2, you verify that you can access Internet servers and internal servers. You need to ensure that all internal computers can access Internet servers.  What should you do?（） 

• A、On Server2, add a new route. 
• B、On Server1, create a multicast scope. 
• C、On Server1, add the Router scope option. 
• D、On Server2, modify the default gateway address.

第4题：

You are the administrator of an Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. A server named Filesrv1 contains confidential data that is only available to users in the human resources （HR） department.  You want all computers in the HR department to connect to Filesrv1 by using an IPSec policy. You assign the Server （Request Security） IPSec policy to Filesrv1. Using Network Monitor， you notice that some computers in the HR department connect to Filesrv1 without using the IPSec policy.   You need to configure Filesrv1 to ensure that all computers connect to it by using the IPSec policy.   What should you do？（）

• A、Assign the Secure Server（Require Security） IPSec policy.
• B、Assign the Client （Respond Only)IPSec policy.
• C、Unassign the Server（Request Security IPSec policy.
• D、Restart the IPSec Services service.

第5题：

You have a server named Server1 that runs Windows Server 2003 Service Pack 2 （SP2）.  You open the IP Security Monitor snap-in and see the information shown in the exhibit. （Click the Exhibit button.） You need to ensure that all communications to Server1 are encrypted.  What should you do？（）

• A、Modify the Local Security Policy on Server1.
• B、Modify the Research IPSec Policy Group Policy object.
• C、Enable Windows Firewall and do not allow exceptions.
• D、From the Properties of the Local Area Connection， modify the Authentication settings.

第6题：

You have two servers named Server1 and Server2 that run Windows Server 2003 Service Pack 2 (SP2). Both servers have Remote Desktop enabled. You log on to the console of Server1 and begin to defragment the C: volume. You log on to Server2. From Server2, you need to view the status of the defragment job on Server1. What should you do? （）

• A、Run defrag.exe //server1/c$ -a.
• B、Run mstsc.exe /server:Server1.
• C、Run compmgmt.msc, and then connect to Server1.
• D、Run mstsc.exe /console, and then connect to Server1.

第7题：

Your network consists of a single Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2008 R2. All client computers run Windows 7. All computers are members of the Active Directory domain.You assign the Secure Server (Require Security) IPsec policy to Server1 by using a Group Policy object(GPO).Users report that they fail to connect to Server1.You need to ensure that users can connect to Server1. All connections to Server1 must be encrypted.What should you do？（）

• A、Restart the IPsec Policy Agent service on Server1.
• B、Assign the Client (Respond Only) IPsec policy to Server1.
• C、Assign the Server (Request Security) IPsec policy to Server1.
• D、Assign the Client (Respond Only) IPsec policy to all client computers.

第8题：

Your network contsists of a single Active Directory domain. The domain contains a server named Server 1 that runs Windows Server 2008. All client computers run Windows Vista. All computers are members of the Active Directory domain. You assign the Secure Server （Require Security） IPsec policy to Server1 by using a GPO. Users report that they fail to connect to Server1. You need to ensure that users can connect to Server1. All connections to Server1 must be encrypted. What should you do？（）

• A、Restart the IPsec Policy Agent service on Server1
• B、Assign the Client （Respond Only） IPsec policy to Server1
• C、Assign the Server （Request Security） IPsec policy to Server1
• D、Assign the Client （Respond Only） IPsec policy to all client computers.

第9题：

第10题：

第11题：

第12题：

第13题：

Your network consists of single active domain. The domain contains a serve named server1 that runs windows server 2008 all client computers run windows vista. All computers are members of the active directory domain. You assign the secure server (Require Security) IPsec policy to server1 by using a GPO. Users report that they fail to connect to server1. You need to ensure that users can connect to server1. All connections to server1 must be encrypted. What should you do?（）

• A、Restart the IPsec policy agent service on server1.
• B、Assign the client (Respond only ) IPsec policy to Server1.
• C、Assign the server (Request Security) ipsec policy to server1.
• D、Assign the client (Respond Only) IPsec policy to all client computes.

第14题：

You have two stand-alone servers that run Windows Server 2003 Service Pack 2 （SP2）. You assign the Secure Server （Require security） IPSec policy to both servers. From Server1， you notice that you cannot access resources on Server2. You need to ensure that you can access resources on Server2. All communications between Server1 and Server2 must be encrypted.  What should you do？（）

• A、On Server1， assign the Client （Respond only） IPSec policy.
• B、On Server2， assign the Server （Request Security） IPSec Policy.
• C、On Server1 and Server2， modify the authentication settings in the Secure Server （Require security） IPSec Policy.
• D、On Server1 and Server2， enable Master Key perfect forward secrecy （PFS） in the Secure Server （Require security） IPSec Policy.

第15题：

You have two servers named Server1 and Server2 that run Windows Server 2003 Service Pack 2 （SP2）.On Server1， you install an application that runs as a service named App1. App1 will save files to a file share on Server2.You perform the following actions：  （1）Create a domain account named App1Service.  （2）Set the password for App1Service.  （3）Create a file share on Server2.  （4）Grant App1Service the Allow - Change share permission.  You need to ensure that App1 can save files to the share on Server2. What should you do？（）

• A、From the Services snap-in, configure the Log On settings.
• B、From the Services snap-in, configure the Recovery settings. 
• C、From Local Security Policy, disable the Network access: Shares that can be accessed anonymously setting. 
• D、From Local Security Policy, disable the Network access: Let Everyone permissions apply to anonymous users setting. 

第16题：

You have two servers that run Windows Server 2008 named Server1 and Server2. You install WSUS on both servers. You need to configure WSUS on Server1 to receive updates from Server2. What should you do on Server1？ （）

• A、 Configure a proxy server
• B、 Configure a upstream server
• C、 Create a new replica group
• D、 Create a new computer group

第17题：

Your network contains a Web server named Server1 that runs Windows Server 2003 Service Pack 2 （SP2）. Server1 has one Web site.  You configure Server1 to use a Web server certificate. Users report that they can access the Web site by using http：//server1 and https：//server1. You need to ensure that all traffic to， and from， Server1 is encrypted. What should you do？（）

• A、In IIS Manager， enable the Require secure channel （SSL） option.
• B、In IIS Manager， enable the Digest authentication for Windows domain servers option.
• C、In Local Security Policy， enable Domain Member： Require strong （Windows 2000 or later） session key.
• D、In Local Security Policy， enable Domain Member： Digitally encrypt or sign secure channel data （always）.

第18题：

You have two stand-alone servers named Server1 and Server2. Both servers run Windows Server 2003 Service Pack 2 （SP2）.On Server1， you save the local security policy as a template. You need to import the template to Server2. What should you run on Server2？（）

• A、the Security Templates snap-in
• B、the Security Configuration Wizard
• C、the Microsoft Baseline Security Analyzer
• D、the Security Configuration and Analysis snap-in

第19题：

Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2).You have a VPN server named Server1. You have an Internet Authentication Service (IAS) server named Server2. You need to ensure that all VPN connections to Server1 are authenticated by Server2.Which two actions should you perform?（）

• A、From the Internet Authentication Service snap-in on Server2, create a new RADIUS client. 
• B、From the Internet Authentication Service snap-in on Server2, create a new remote access policy. 
• C、From the Routing and Remote Access snap-in, configure Server1 to use RADIUS accounting. 
• D、From the Routing and Remote Access snap-in, configure Server1 to use RADIUS authentication. 

第20题：

Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). You have two servers named Server1 and Server2. Both servers have Windows Server Update Services (WSUS) 3.0 installed.You need to ensure that Server2 automatically receives the same update approvals as Server1.What should you do?（）

• A、On Server2, modify the Update Source and Proxy Server settings. 
• B、On Server2, modify the Update Files and Languages settings. 
• C、On Server2, run the Windows Server Update Services 3.0 setup wizard. 
• D、On Server1, run the WSUS Server Configuration Wizard.

第21题：

第22题：

第23题：

第24题：