Your company has a server that runs Windows Server 2008 R2. The server is configured as a remoteaccess server. The external firewall has TCP port 80 and TCP port 443 open for remoteconnections. You have a home computer that runs Windows 7. You need to es

第1题：

Your network consists of a single Active Directory domain. All domain controllers run Windows Server2008 R2. Your company and an external partner plan to collaborate on a project. The external partner has an Active Directory domain that contains Windows Server 2008 R2 domain controllers. You need to design a collaboration solution that meets the following requirements：   èAllows users to prevent sensitive documents from being forwarded to untrusted recipients or from being  printed.   èAllows users in the external partner organization to access the protected content to which they have been granted rights.   èSends all inter-organizational traffic over port 443.   èMinimizes the administrative effort required to manage the external users. What should you include in your design？（）

• A、Establish a federated trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has Microsoft SharePoint Foundation 2010 installed.
• B、Establish a federated trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that runs Microsoft SharePoint 2010 and that has the Active Directory Rights  Management Services （AD？RMS） role installed.
• C、Establish an external forest trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has the Active Directory Certificate Services server role installed. Implement Encrypting File System （EFS）.
• D、Establish an external forest trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has the Active Directory Rights Management Service （AD？RMS）role installed  and Microsoft SharePoint Foundation 2010 installed.

第2题：

Your company has an Active Directory Domain Services (AD DS) domain. All servers run Wind ows Server 2008 R2. All client computers run Windows 7. You have a Remote Desktop Session Host (RD Session Host) server and a Remote Desktop Gateway (RD Gateway) server. You use Windows Firewall on your servers. You need to ensure that users can connect to their virtual desktops. What should you do?（）

• A、Create a Windows Firewall inbound rule for port 443 on the RD Gateway server.
• B、Create a Windows Firewall inbound rule for port 443 on the RD Se ssion Host server.
• C、Create a Windows Firewall inbound rule for port 3389 on the RD Gateway server.
• D、Create a Windows Firewall inbound rule for port 3389 on the RD Session Host server.

第3题：

Your company has a single Active Directory domain. The domain has servers that run Windows Server 2008 R2. You have a server named NAT1 that functions as a NAT server. You need to ensure that administrators can access a server named RDP1 by using Remote Desktop Protocol (RDP). What should you do？（）

• A、Configure NAT1 to forward port 389 to RDP1.
• B、Configure NAT1 to forward port 1432 to RDP1.
• C、Configure NAT1 to forward port 3339 to RDP1.
• D、Configure NAT1 to forward port 3389 to RDP1.

第4题：

You have a server that runs windows server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do?（）

• A、From windows firewall, add an exception.
• B、From windows firewall enable the block all incoming connections option.
• C、From the windows firewall with advanced security snap-in, create an inbound rule.
• D、From the windows firewall with advanced security snap-in, create an outbound rule.

第5题：

Your company has an Active Directory domain. You have a server that runs Windows Server 2008. The Terminal Services role is installed on the server.  The company security policy does not allow users to copy and paste information to a local computer during a Terminal Services session.  You deploy the remote application named APP1.  You need to configure Terminal Services to meet the security requirement. What should you do？（）

• A、Enable the Use temporary folders per session option.
• B、Change the Security Encryption Level to FIPS Compliant.
• C、Deselect the Clipboard option in the RDP Settings for the published application.
• D、Disable the Drive option in the RDP-Tcp Client Setting properties for the server.

第6题：

Your network contains an internal network and a perimeter network. You have one Exchange Server 2010 server on the internal network. You install Windows Server 2008 R2 on a new server in the perimeter network. You need to ensure that you can install the Edge Transport server role on the new server.  What should you do（）？ 

• A、Join the new server to an Active Directory domain.
• B、Install Active？Directory Lightweight Directory Services on the new server.
• C、Run ImportEdgeConfig.ps1 on the existing Exchange Server 2010 server.
• D、Open TCP port 88 and TCP port 3268 on the firewall between the perimeter network and the internal network.

第7题：

You have a computer that runs Windows 7. Your network contains a VPN server that runs Windows Server2008. You need to authenticate to the VPN server by using a smart card.  Which authentication settingshould you choose?（）

• A、CHAP
• B、EAP
• C、MS-CHAP v2
• D、P.AP

第8题：

Your company has a server that runs Windows Server 2008. The Windows SharePoint Services （WSS） role is installed on the Windows Server 2008 server. You need to configure WSS to support SMTP. What should you do？（）

• A、Bind the SharePoint Web site to port 25.
• B、Uninstall and reinstall the WSS role.
• C、Install the SMTP Server feature by using the Server Manager console.
• D、Install the Application Server role by using the Server Manager console.

第9题：

Your network contains a server named Server1 that has Windows Server 2008 R2.An administrator runs the following command on Server1: netsh.exe advfirewall reset You discover that you can no longer access Server1 on port 3389.You need to ensure that you can access Server1 on port 3389.Which firewall rule should you enable？（）

• A、File and Printer Sharing (Echo Request ICMPv4-In)
• B、File and Printer Sharing (SMB-In)
• C、Remote Desktop (TCP-In)
• D、Remote Service Management (RPC)

第10题：

第11题：

第12题：

You configure a new SQL Server 2005 computer to use TCP/IP with all default settings. Your corporate policy requires that each server use a firewall. You find that you can connect to the SQL Server instance from the local computer. However, client computers cannot connect to the SQL Server instance. You need to identify the most likely cause of the connection issues. What should you do first?（）

• A、Ensure that port 1433 is open in your firewall. 
• B、Ensure that port 443 is open in your firewall. 
• C、Ensure that client computers connect by using Shared Memory protocol. 
• D、Ensure that the server is not paused.

第13题：

You have a server that runs Windows Server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do（）

• A、 From Windows Firewall， add an exception
• B、 From windows Firewall enable the block all incoming connections option
• C、 From the Windows Firewall with Advanced Security snap-in， create an inbound rule
• D、 From the Windows Firewall with Advanced Security snap-in， create an outbound rule.

第14题：

You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Windows Firewall allows the following ports on Server1: 53110135 You plan to install a monitoring server on the network. You need to ensure that the monitoring server can use Server1 to relay e-mail messages. You install the SMTP service on Server1.  What should you do next?（）

• A、Install SNMP.
• B、Install the POP3 service.
• C、Create an exception for TCP port 21 in Windows Firewall.
• D、Create an exception for TCP port 25 in Windows Firewall.

第15题：

You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Windows Firewall allows the following ports on Server1:·53 ·110 ·135You plan to install a monitoringserver on the network.You need to ensure that the monitoring server can use Server1 to relay e-mail messages. You install the SMTP service on Server1.  What should you do next?（）

• A、Install SNMP.
• B、Install the POP3 service.
• C、Create an exception for TCP port 21 in Windows Firewall.
• D、Create an exception for TCP port 25 in Windows Firewall.

第16题：

Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. You have a Remote Desktop Session Host (RD Session Host) server and a Remote Desktop Gateway (RD Gateway) server. You use Windows Firewall on your servers. You need to ensure that users can connect to their virtual desktops. What should you do？（）

• A、Create a Windows Firewall inbound rule for port 443 on the RD Gateway server.
• B、Create a Windows Firewall inbound rule for port 443 on the RD Session Host server.
• C、Create a Windows Firewall inbound rule for port 3389 on the RD Gateway server.
• D、Create a Windows Firewall inbound rule for port 3389 on the RD Session Host server.

第17题：

Your company has a server named Server1 that runs Windows Server 2008. Server1 is a Windows ServerUpdate Services (WSUS) server. You have a computer named Computer1 that runs Windows 7. Computer1 is configured to obtain updates from Server1. You open the WSUS snap-in on Server1 and discover that Computer1 does not appear. You need to ensure that Computer1 appears in the WSUS snap-in.  What should you do?（）

• A、On Server1， open Windows Update then select Check for updates.
• B、On Server1， run Wsusutil.exe and specify the /import parameter.
• C、On Computer1， open Windows Update and then select Change settings.
• D、On Computer1， run Wuauclt.exe and specify the /detectnow parameter.

第18题：

Your network contains an internal network and a perimeter network.You have one Exchange Server 2010 server on the internal network. You install Windows Server 2008 R2 on a new server in the perimeter network.You need to ensure that you can install the Edge Transport server role on the new server. What should you do？（）

• A、Join the new server to an Active Directory domain.
• B、Install Active？ Directory Lightweight Directory Services on the new server.
• C、Run ImportEdgeConfig.ps1 on the existing Exchange Server 2010 server.
• D、Open TCP port 88 and TCP port 3268 on the firewall between the perimeter network and the internal network.

第19题：

Your company has a server named Server1 that runs Windows Server 2008 R2. The Windows Server Backup feature is installed on Server1.Server1 fails. You install a new server named Server2 that runs Windows Server 2008 R2.You need to restore the companyˉ Windows SharePoint Services (WSS) site to Server2. What should you do?（）

• A、Use Wbadmin to restore the system state from backup.
• B、Run Wbadmin with the Get Versions option. Install WSS.
• C、Run Wbadmin with the Start Recovery option. Install WSS.
• D、Use Wbadmin to restore the application and the sites from backup.

第20题：

Your network contains an Active Directory domain.     You have a server named Server1 that runs Windows Server 2008 R2. Server1 is an enterprise root certification authority （CA）.   You have a client computer named Computer1 that runs Windows 7. You enable automatic  certificate enrollment for all client computers that run Windows 7. You need to verify that the  Windows 7 client computers can automatically enroll for certificates.     Which command should you run on Computer1（）

• A、certreq.exe -retrieve
• B、certreq.exe -submit
• C、certutil.exe -getkey
• D、certutil.exe -pulse

第21题：

第22题：