多选题Cer-tech .com has an Active Directory domain installed on a server that runs Windows Server 2008.Another server named S3 also runs Windows Server 2008. All client machines have Windows Vista. Cer-tech .com has instructed you to install the Terminal Ser

第1题：

Your network consists of a single Active Directory domain named Contoso.com. The domain contains a member server named Server1.  Server1 runs Windows Server 2003 Service Pack 2 （SP2）. Server1 has Windows Support Tools and Resource Kit Tools installed. You need to view the Kerberos tickets issued to Server1.  Which tool should you run？（）

• A、Kerbtray
• B、Sc/query kdc
• C、Netdiag/test：Kerberos
• D、Nltest/sc_query：Contoso.com

第2题：

You are an enterprise administrator for Cer-tech .com. The corporate network of the company consists of asingle Active Directory domain. All the servers on the network run Windows Server 2008 and all the clientcomputers run Windows XP Service Pack 2 （SP2）. All computers are members of the domain. The networkruns a server named Server01 on which the Terminal Services role and the Terminal Services Web Accessrole are installed. The Network Level Authentication is enabled on the server. The Terminal Services WebAccess role uses Active Directory Domain Services （AD DS）. You have been assigned the task to deployand publish an application called App1 on Server01. Which of the following options would you choose toensure that the users can launch App1 on Server01 from the Terminal Services Web Access Web page？（）

• A、Publish App1 on Server01 as a Microsoft Windows Installer package. Distribute the Windows Installer package to the users.
• B、Install the Terminal Services Gateway （TS Gateway） role on Server01 and then reconfigure the remoteapplication publishing for App1 to reflect the change.
• C、Disable publishing to AD DS for the App1.
• D、Install the Remote Desktop Client 6.1 application on the client computers.

第3题：

Your network contains a single Active Directory domain named contoso.com.You have a domain controller named DC1 that runs Windows Server 2003 Service Pack 2 （SP2） that has the DNS Server Windows component installed.  You have a member server named Server1 that runs Windows Server 2003 SP2.Server1 fails to update its host （A） record for the contoso.com domain. You need to verify that DNS requests from Server1 are sent to DC1.  What should you do？（）

• A、On Server1，restart the server， press F8， and enable boot logging.
• B、On Server1，open the properties of the network adapter and install the Network Monitor Driver.
• C、On DC1，open the DNS snap-in and configure debug logging for the DNS Server service.
• D、On DC1，open the DNS snap-in and configure event logging for errors and warnings for the DNS Server service.

第4题：

Certkiller .com has a domain controller that runs Windows Server 2008. The Certkiller .com network boosts 40 Windows Vista client machines. As an administrator at Certkiller .com， you want to deploy Active Directory Certificate service （AD CS） to authorize the network users by issuing digital certificates.  What should you do to manage certificate settings on all machines in a domain from one main location（）

• A、Configure Enterprise CA certificate settings
• B、Configure Enterprise trust certificate settings
• C、Configure Advance CA certificate settings
• D、Configure Group Policy certificate settings
• E、All of the above

第5题：

Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 runs Windows Server 2012 R2. Server2 runs Windows Server 2008 R2 Service Pack 1 （SP1） and has the DHCP Server server role installed. You need to manage DHCP on Server2 by using the DHCP console on Server1. What should you do first？（）

• A、From Windows Firewall with Advanced Security on Server2， create an inbound rule
• B、From Internet Explorer on Server2， download and install Windows Management Framework 3.0.
• C、From Server Manager on Server1， install a feature
• D、From Windows PowerShell on Server2， run Enable PSRemoting

第6题：

Your company has a server named Server1 that runs Windows Server 2008. The Windows Backup and Restore utility is installed on Server1. Server1 fails. You install a new server named Server2 that runs Windows Server 2008. You need to restore the companys Windows SharePoint Services （WSS） site to Server2 What should you do？（）

• A、 Use Wbadmin to restore the system state from backup
• B、 Run Wbadmin with the Get Versions option. Install WSS
• C、 Run Wbadmin with the Start Recovery option. Install WSS
• D、 Use Wbadmin to restore the application and the sites from backup

第7题：

Your network contains an Active Directory domain named contoso.com. The domain contains a  member server named HVServer1. HVServer1 runs Windows Server 2012 and has the Hyper-V server role installed. HVServer1 hosts 10 virtual machines. All of the virtual machines connect to a virtual switch named Switch1. Switch1 is configured as a private network. All of the virtual machines have the DHCP guard and the router guard settings enabled.You install the DHCP server role on a virtual machine named Server 1. You authorize Server1 as a DHCP server in contoso.com. You create an IP scope.You discover that the virtual machines connected to Switch1 do not receive IP settings from Server1. You need to ensure that the virtual machines can use Server1 as a DHCP server.  What should you do？（）

• A、Enable MAC address spoofing on Server1
• B、Disable the DHCP guard on all of the virtual machines that are DHCP clients
• C、Disable the DHCP guard on Server1
• D、Enable single-root I/O virtualization （SR-IOV） on Server1

第8题：

Cer-tech .com has a server that runs Windows Server 2008. A Web Server （IIS） server role is installed onthe server. The server hosts a website that is configured to use only Windows Authentication. The companyhas a security group named EG1 which contains 50 user accounts. You need to prevent this group fromaccessing the website while allowing all other to access the website.  Which website feature should youconfigure to achieve this task？（）

• A、Group Access Policy
• B、Authorization Rules
• C、IIS group permissions
• D、SSL certificates
• E、None of the above

第9题：

第10题：

第11题：

第12题：

第13题：

Your company has an Active Directory domain. A server named Server2 runs Windows Server 2008. All client computers run Windows Vista.  You install the Terminal Services role，Terminal Services Web Access role service，and Terminal Services Gateway role service on Server2.  You need to ensure that all client computers have compliant firewall， antivirus software，and antispyware. Which two actions should you perform？（）

• A、Configure Network Access Protection （NAP） on a server in the domain.
• B、Add the Terminal Services servers to the Windows Authorization Access domain local security group.
• C、Add the Terminal Services client computers to the Windows Authorization Access domain local security group.
• D、Enable the Request clients to send a statement of health option in the Terminal Services client access policy.

第14题：

Cer-tech .com has an Active Directory domain. It has Terminal services installed on the Windows Server2008 computers in the domain. All client machines have Windows Vista as their operating system. Due to anature of work， users are required to view some training videos on Windows Media Player 11 duringTerminal Services session. What should you do to ensure that the users could run Windows Media Player11 during the Terminal services session？（）

• A、On the terminal server， install the Quality Audio Video feature.
• B、Open the Terminal server settings and enable the ’allow desktop applications to run on session’. Disablethe default settings
• C、Install and configure the Desktop Experience feature on the terminal server
• D、Create a group policy object that allows Windows Media Player 11 to set the differential services codepoint value to 10 and apply the policy to the client machines that want to use Windows Media Player 11

第15题：

Cer-tech .com has an Active Directory domain installed on a server that runs Windows Server 2008.Another server named S3 also runs Windows Server 2008. All client machines have Windows Vista. Cer-tech .com has instructed you to install the Terminal Services role， Terminal Services Gateway role andTerminal Services Web Access role service on S3. To protect the network， you want to ensure that all client machines have firewall， antivirus software and anti-spyware software installed. Which actions shouldyou perform to achieve this task？（）

• A、Configure Windows Authorization Access domain local security group and add Terminal Services clientcomputers
• B、Configure Terminal Services client computers to access the Terminal Services health policy.
• C、Set the Request clients to sent a health option statement in the Terminal Services client access policy
• D、Install and configure Network Access Protection （NAP） on the server in the domain

第16题：

Cer-tech .com has a server that runs Windows Server 2008. You have installed the Web Server （IIS） roleon it. Cer-tech plans to host multiple websites on the server. To achieve this you configure a single IPaddress on the server. You also configure all websites to be registered in DNS to point to the single IP address configured on the server. You have to make sure that each and every website responds only to thename requests from all client machines. What should you do to achieve this task？（）

• A、Configure the primary and secondary DNS to point to the server’s IP address
• B、Configure a network address for each website
• C、Assign a unique port for each website
• D、Configure and assign a unique Host Header to each website

第17题：

Cer-tech .com has a server that runs Windows Server 2008.Terminal services role is installed on theserver. As an administrator at Cer-tech .com， you deploy a new application on the server. The applicationcreates a file that has an extension of .bdc you have to make sure that the users can launch applicationremotely from their computer by double-clicking on the .bdc extension. What should you do to achieve thisobjective？（）

• A、Use Terminal Server Web Access website to configure the application as a published application
• B、Configure the remote desktop connection on the client computers to point the terminal services server
• C、Configure the Remote Desktop file to configure application as a published application
• D、Use Windows Installer package file to configure application as a published application

第18题：

Cer-tech .com has a server that hosts an Active Directory domain. A server at Cer-tech .com named Server02 has Terminal services role and Terminal Services web access role installed. It also has a servercalled Server0SA that runs ISA Server 2006. You are assigned the task to deploy Terminal ServicesGateway （TS Gateway） role on a new server called Server04 . Cer-tech .com. Cer-tech .com wants toemploy ISA as the SSL endpoint for Terminal Server connections. After doing the necessary configurations， you succeed in deploying TS Gateway role on Server04 . Cer-tech .com. Now you have toconfigure the ISA for TS connections. To do this you need to configure the TS gateway on Server04 to useISA 2006 on Server02 . What should you do to achieve this objective？（）

• A、On Server04 ， configure the Terminal Services Connection Authorization Policy store to use Server02 ass the Central network policy server
• B、Design an SSL certificate from Server04 and export it to install the SSL certificate on Server02 . Set the ISA service on Server02 to use SSL certificate on Server04
• C、Set the TS gateway to use SSL HTTPS-HTTP bridging
• D、Export an SSL certificate on Server04 and install it on Server02 . Set the TS gateway to accept SSL certificate from Server02

第19题：

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2008 R2. The functional level of the domain is Windows Server 2008 R2. The functional  level of the forest is Windows Server 2008.   You have a member server named Server1 that runs Windows Server 2008.   You need to ensure that you can add Server1 to contoso.com as a domain controller.   What should you run before you promote Server1（）

• A、dcpromo.exe /CreateDCAccount
• B、dcpromo.exe /ReplicaOrNewDomain：replica
• C、Set-ADDomainMode -Identity contoso.com -DomainMode Windows2008Domain
• D、Set-ADForestMode -Identity contoso.com -ForestMode Windows2008R2Forest

第20题：

Cer-tech .com has a server that runs Windows Server 2008. There are four terminal servers installed. Theyare named Server02 ， Server03 ， Server04 ， Server05 . As an administrator at Cer-tech .com， you installthe Terminal Server Session Broker role service on Server02. What tool should you use to configure loadbalancing for the four terminal servers？（）

• A、TS Gateway Manager
• B、Group Policy Manager
• C、Terminal Services Manager
• D、Terminal Services Configuration

第21题：

第22题：

第23题：