单选题Which of the following would be used to monitor unauthorized access to data files?（）A Performance Log and AlertsB Event ViewerC Security Configuration and AnalysisD IP Security Monitor

第1题：

Which two commands can be used to monitor firewall user authentication？（）

• A、show access firewall-authentication
• B、show security firewall-authentication users
• C、show security audit log
• D、show security firewall-authentication history

第2题：

Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are developing a security monitoring plan. You must monitor the files that are stored in a specific directory on a member server. You have the following requirements. Log all attempts to access the files.Retain log information until the full weekly backup occurs. You need to ensure that the security monitoring plan meets the requirements.  What should your plan include？（）

• A、 Configure a directory service access audit policy. Increase the maximum size of the security log.
• B、 Configure a directory service access audit policy. Set the system log to overwrite events older than 7 days.
• C、 Configure an object access audit policy for the directory. Increase the maximum size of the system log.
• D、 Configure an object access audit policy for the directory. Set the security log to overwrite events older than 7 days.

第3题：

A user reports that each day some files are deleted from the department share. The administrator needs to find who deleted these files.  Which of the following actions should the administrator perform？（）

• A、 Enable audit object access and specify files and folders to monitor using Task Manager.
• B、 Enable audit policy change and specify files and folders to monitor using Windows Explorer.
• C、 Enable audit object access and specify files and folders to monitor using Windows Explorer.
• D、 Open Performance Monitor and monitor folder activity.

第4题：

Which of the following tools can an administrator use to get a server baseline？（）

• A、System Resource Monitor
• B、Microsoft Baseline Security Analyzer （MBSA）
• C、Replication Monitor
• D、Performance Monitor

第5题：

Which of the following would be used to test out the security of a specific network by allowing it toreceive security attacks?（）

• A、Honeynet
• B、Honeypot
• C、Vulnerability scanner
• D、Network based IDS

第6题：

Your network contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2).  You create a domain account named Admin1. You need to configure the security for Admin1 to meet the following requirements: Allow Admin1 to monitor events in the system event log and the application event logAllow Admin1 to create and view counter logs in Performance MonitorMinimize the user rights assigned to Admin1 To .which group should you add Admin1?（）

• A、Power Users.
• B、Administrators.
• C、Performance Log Users.
• D、Performance Monitor Users.

第7题：

You need to receive an e-mail message whenever a domain user account is locked out.   Which tool should you use（）

• A、Active Directory Administrative Center
• B、Event Viewer
• C、Resource Monitor
• D、Security Configuration Wizard

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

You need to design a monitoring strategy to meet business requirements for data on servers in the production department. What should you do？（）

• A、Use the Microsoft Baseline Security Analyzer （MBSA） to scan for Windows vulnerabilities on all servers in the production department
• B、Run Security and Configuration Analysis to analyze the security settings of all servers in the production department
• C、Enable auditing for data on each server in the production department. Run System Monitor on all servers in the production department to create a counter log that tracks activity for the Objects performance object
• D、Create a Group Policy Object （GPO） that enables auditing for object access and link it to the product department’s Servers OU. Enable auditing for data on each server in the production department

第14题：

A customer wants to check whether they have the necessary tools enabled to prevent intrusions andvirus attacks on a Windows Vista workstation. Which of the following tools can be used to display thecurrent configuration? （）

• A、Security Center
• B、Event Viewer Security log
• C、Windows Defender
• D、Windows Firewall

第15题：

Which of the following protocols should be used to monitor network performance?（）

• A、SNTP
• B、SMTP
• C、HTTP
• D、SNMP

第16题：

Which of the following would be used to monitor unauthorized access to data files?（）

• A、Performance Log and Alerts
• B、Event Viewer
• C、Security Configuration and Analysis
• D、IP Security Monitor

第17题：

Which of the following WLM commands should be used to monitor performance on a system running wlm？（）

• A、 wlmcntrl
• B、 wlmstat
• C、 wlmcheck
• D、 wlmassign

第18题：

Your network contains a server named Server1 that runs Windows Server 2003 Service Pack 2 （SP2）. You create a domain account named Admin1.  You need to configure the security for Admin1 to meet the following requirements：  （1）Allow Admin1 to monitor events in the system event log and the application event log  （2）Allow Admin1 to create and view counter logs in Performance Monitor  （3）Minimize the user rights assigned to Admin1  To which group should you add Admin1？（）

• A、Power Users
• B、Administrators
• C、Performance Log Users
• D、Performance Monitor Users

第19题：

第20题：

第21题：

第22题：

第23题：

第24题：