多选题You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003, and all client computers run Windows XP Professional. You are required to implement a backup strategy for

第1题：

You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003, and all client computers run Windows XP Professional. You are required to implement a backup strategy for all five servers on the network. You use the Backup Utility to schedule nightly backup jobs. You create a domain user account named BackupSvc, and add it to the local Backup Operators group on all file servers. The scheduled backup jobs will use BackupSvc to log on to the network Nightly backups occur successfully for six weeks. Then, nightly backups fail on all servers. When you examine the event log of one server, you discover that the password for BackupSvc is expired. You reset the password and select the Password never expires option for BackupSvc. The next day, you discover that the previous night's backup failed on all file servers. You need to ensure that the next night's backup is successful. Which two actions should you perform? (Each correct answer presents part of the solution.（） Choose two)

• A、Stop and restart every file server.
• B、Stop and restart the backup application on every file server.
• C、Change the password for the backup job on every file server.
• D、In Active Directory Users and Computers, increase the value of the Account lockout threshold option.
• E、Unlock the BackupSvc account.

第2题：

You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a network server named Testking1. When you attempt to synchronize Testking1 with the Windows Update servers, you receive an error message. You suspect that your proxy server requires authentication. You open Internet Explorer and verify that you can communicate with an external Web site by using the proxy server. You need to ensure that Testking1 can communicate with the Windows Update servers. What should you do on Testking1?（）

• A、Restart the IIS administration tool.
• B、Configure the Internet Explorer settings to bypass the proxy server.
• C、In the SUS options, configure authentication to the proxy server.
• D、Install the Microsoft Firewall Client.

第3题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.You install Windows Server Update Services （WSUS） on a network server named Server1. When you attempt to synchronize Server1 with the Windows Update servers， you receive an error message. You open Internet Explorer and verify that you can communicate with an external Web site by using the proxy server. You need to ensure that Server1 can communicate with the Windows Update servers.  What should you do on Server1？（）

• A、Restart the IIS administration tool.
• B、Configure the Internet Explorer settings to bypass the proxy server.
• C、In the WSUS options， configure authentication to the proxy server.
• D、Install the ISA Firewall Client.

第4题：

You are the network administrator for . The network consists of a single Active Directory domain named All network servers run Windows Server 2003. All client computers run Windows XP Professional. Multiple users share the same client computer. A server named TestKing2 functions as a file and print server. You set the profile path for all user accounts to //TestKing2/Profiles/username. Some domain users were added to the local Administrators group on the Windows XP Professional computers. A user reports that other users can log on to client computers that he has previously used and gain access to files stored in his My Documents folder on the local hard disk. You need to permanently prevent users from being able to access the My Documents folder of other domain users on the client computers. What should you do?（）

• A、In Active Directory, modify the Default Domain Policy. Disable the Do not check for user ownership of Roaming Profile Folders setting.
• B、In Active Directory, modify the Default Domain Policy. Enable the Delete cached copies of roaming profiles setting.
• C、Log on to all client computers and delete all user profiles from the local hard disks.
• D、Log on to all client computers and configure the Number of previous logons to cache setting to 0.

第5题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional.  You are planning a security update infrastructure.   You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically.  What should you do？ （）

• A、 Schedule the secedit command to run every night.
• B、 Schedule the mbsacli.exe command to run every night.
• C、 Install Microsoft Baseline Security Analyzer （MBSA） on one of the servers. Configure Automatic Updates on all other computers to use that server.
• D、 Install Software Update Services （SUS） on one of the servers. Configure the SUS server to update every night.

第6题：

You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows 2000 Professional with Service Pack 4 or Windows XP Professional. You install Software Update Services (SUS) on a computer named TestKing1. You create a GPO that configures all client computers to receive their software update from TestKing1. One week later, you run Microsoft Baseline Security Analyzer (MBSA) on all client computers to find out whether all updates are being applied. You discover that all the Windows 2000 Professional client computer received updates, but the Windows XP Professional client computers do not receive updates. You verify that the GPO setting was applied on all Windows XP Professional computers. You need to ensure that the Windows XP Professional client computers receive their updates from TestKing1. What should you do?（）

• A、Make all users of the Windows XP Professional client computers members of the Administrators local group.
• B、On all Windows XP Professional client computers, install Service Pack 1.
• C、On all Windows XP Professional client computers, restart Automatic Updates.
• D、On all Windows XP Professional client computers, delete the NoAutoUpdate value under HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU.

第7题：

You are the network administrator for The network consists of a single Active Directory domain named Servers run either Windows 2000 Server or Windows Server 2003. Client computers run either Windows 2000 Professional Service Pack 2 or Windows XP Professional. You need to implement a new software update infrastructure. You discover that security patches, critical updates, and service packs have never been installed on any client computer on the network. You install Software Update Services (SUS) on a Windows Server 2003 computer named Testking5. You must ensure that all client computers receive all Microsoft security patches, critical updates, and service packs. You want to achieve this goal as quickly as possible. Which three actions should you perform? （）(Each correct answer presents part of the solution. Choose three)

• A、Install the Automatic Updates client on all Windows 2000 Professional client computers.
• B、Install the Automatic Updates client on all Windows XP Professional client computers.
• C、Install SUS on a Windows 2000 Server computer.
• D、Modify the Windows Update settings of the Default Domain Controller organizational unit (OU) Group Policy object (GPO) to point client computers to http://testking5.
• E、Modify the Windows Update settings of the Default Domain Policy Group Policy object (GPO) to point client computers to http://testking5.
• F、Upgrade all Windows 2000 Professional client computers to Windows XP Professional.

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

ou are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company’s written security policy states that all network connections with these servers must be encrypted by using an IPSec policy.You place the two servers in an organizational unit （OU） named SecureServers. You configure a Group Policy object （GPO） that requires encryption for all connections. You assign the GPO to the SecureServers OU.  You need to verify that users are connecting to the two servers by using encrypted connections.   What should you do？（）

• A、Run the net view command.
• B、Run the gpresult command.
• C、Use the IP Security Monitor console.
• D、Use the IPSec Policy Management console.

第14题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. You need to implement a new software update infrastructure.  You discover that security patches， critical updates， and service packs have never been installed on any client computer on the network. You install Windows Server Update Services （WSUS） on a Windows Server 2003 computer named Server5. You synchronize and approve all of the current security patches， critical updates， and service packs. You need to ensure that all client computers receive all Microsoft security patches， critical updates， and service packs.  Which two actions should you perform？（）

• A、Open the WSUS console. Select the option to automatically approve WSUS updates.
• B、Install the Automatic Updates client on all client computers.
• C、Modify the Microsoft Update settings of the Default Domain Controller organizational unit （OU） Group Policy object （GPO） to point client computers to http ：//server5.
• D、Modify the Microsoft Update settings of the Default Domain Policy Group Policy object （GPO） to point client computers to http： //server5.
• E、Open the WSUS console. Create a target group and assign all client computers to the group.

第15题：

Your network consists of a single Active Directory domain and a single subnet. The network is not connected to the Internet. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3).You have a DHCP server named Server1. All client computers receive their IP configurations from Server1. You implement a new server named Server2. You connect Server2 to the internal network and the Internet. You then configure Server2 as a network address translation (NAT) router. From a client computer, you discover that you cannot access any Internet servers. From Server2, you verify that you can access Internet servers and internal servers. You need to ensure that all internal computers can access Internet servers.  What should you do?（） 

• A、On Server2, add a new route. 
• B、On Server1, create a multicast scope. 
• C、On Server1, add the Router scope option. 
• D、On Server2, modify the default gateway address.

第16题：

You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003, and all client computers run Windows XP Professional. You create a shared folder named TestKing Docs on a member server named TestKing3. TestKing Docs will store project documents. You need to ensure that users can access previous version of the documents in TestKing Docs. What should you do?（）

• A、Modify the Offline Settings option for TestKing Docs to make all files available offline.
• B、Configure shadow copies of the volume containing TestKing Docs.
• C、Use Task Scheduler to create a job that uses the Copy command to copy all changed documents to another folder every day.
• D、Use the Backup utility to schedule a backup of all changed documents every hou

第17题：

You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003, and all client computers run Windows XP Professional. You create a shared folder named Client Docs on a member server named TestKing13. Client Docs will store project documents. You configure shadow copies for the volume containing Client Docs. You need to enable client computers to access previous version of the documents in Client Docs. What should you do?（）

• A、Create a Group Policy object (GPO) to enable Offline Files on all client computers.
• B、On each client computer, customize the view for Client Docs to use the Documents (for any file type) folder template.
• C、Create a Group Policy object (GPO) that installs the Previous Versions client software on all client computers.
• D、Assign the Allow - Full Control permission on Client Docs to all users.
• E、On each client computer, install the Backup utility and schedule a daily backup.

第18题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run either Windows 2000 Professional with Service Pack 4 or Windows XP Professional. You install Windows Server Update Services （WSUS） on a computer named Server2. You create a Group Policy object （GPO） that configures all client computers to receive software updates from Server2. One week later， you run Microsoft Baseline Security Analyzer （MBSA） on all client computers to find out whether all updates are being applied. You discover that all of the Windows 2000 Professional client computers receive updates， but the Windows XP Professional client computers do not receive updates.  You verify that the GPO setting was applied on all Windows XP Professional computers. You need to ensure that the Windows XP Professional client computers receive their updates from Server2.   What should you do？（）

• A、Make all users of Windows XP Professional client computers members of the Administrators local group.
• B、On all Windows XP Professional client computers， install the latest service pack.
• C、On all Windows XP Professional client computers， use the gpupdate /force command.
• D、On all Windows XP Professional client computers， delete the NoAutoUpdate value under HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU.

第19题：

You are the network administrator for The network consists of a sing Active Directory domain named All domain controllers run Windows Server 2003. All client computers run Windows XP Professional with default settings. Some users have portable computers, and the rest have desktop computers. You need to ensure that all users are authenticated by a domain controller whenthey log on. How should you modify the local security policy?（）

• A、Require authentication by a domain controller to unlock the client computer.
• B、Cache zero interactive logons.
• C、Cache 50 interactive logons.
• D、Grant the Log on locally user right to the Users group.

第20题：

第21题：

第22题：

第23题：

第24题：