单选题Which of the following is true regarding NetWare Directory Services （NDS） configuration？（）A Remote users can access the tree through dial-in connections.B Mobile users do not require changing the NDS name context.C Remote users do not require a special

第1题：

Your network consists of a single Active Directory domain. The remote access permission for all users is set to Control access through Remote Access Policy. You have a VPN server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). The current configuration allows all authenticated users to establish VPN connections to Server1. You create a global group named Group1.You need to prevent all members of Group1 from establishing VPN connections to Server1. What should you do?（）

• A、From the local computer policy on Server1, modify the Account Policies settings. 
• B、From Active Directory Users and Computers, modify the Security settings of Group1. 
• C、From the Routing and Remote Access snap-in, create a new remote access policy. 
• D、From the Routing and Remote Access snap-in, open the properties of Server1 and modify the security options.

第2题：

You need to design an e-mail access strategy for remote users. What should you do? （） 

• A、 Instruct remote users to connect to their e-mail by using RPC
• B、 Instruct remote users to connect to Outlook Web Access by using only HTTPS
• C、 Instruct remote users to connect to the company network by using PPTP connections
• D、 Instruct remote users to connectd to their e-mail by using RPC over HTTP Configure the HTTP servers to require encryption.

第3题：

You are designing a security strategy for users who need remote access to the corporate network.  What should you do？（）

• A、 Configure Internet Authentication Service （IAS） for accounting.
• B、 Configure the server running Routing and Remote Access to support L2TP.
• C、 Configure the server running Routing and Remote Access to restrict dial-in traffic to the NewApp servers only.
• D、 Create a separate account for remote access users. Configure these accounts to access the NewApp server only.

第4题：

You need to design a remote access authentication strategy that will allow users in the IT department to remotely connect to the network. Your solution must meet security requirements. What should you do？（）

• A、Install Internet Authentication Services （IAS） on a server in the den.corp.woodgrovebank.com domain. Configure the VPN servers as RADIUS clients
• B、Install Internet Authentication Services （IAS） on a stand-alone server in the Denver extranet. Create local user accounts for the IT personnel on the IAS server. Configure the VPN servers as RADIUS clients
• C、Create a remote access policy on each of the VPN servers. Configure the policy to use the den.corp.woodgrovebank.com to authenticate remote access users. Configure the policy to require L2TP to establish a connection
• D、Create a remote access policy on each of the VPN servers. Create local user accounts for the IT personnel on the VPN servers. Configure the policy to use the VPN servers’ local accounts database to authenticate users. Configure the policy to require L2TP to establish a connection

第5题：

You need to design access to e-mail by Internet users. What should you do？（）

• A、Configure front-end servers to use HTTP to communicate with back-end servers
• B、Configure the internal firewall to allow IPSec traffic between front-end and back-end Exchange servers
• C、Require all users to encrypt all outbound e-mail messages
• D、Issue digital certificates to all remote users. Require the certificates to be used when authenticating to Outlook Web Access

第6题：

第7题：

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

Your network consists of a single Active Directory domain. All servers run Windows Server 2008 R2.   All client computers run Windows 7. Some users have laptop computers and work remotely from home.   You need to plan a data provisioning infrastructure to secure sensitive files. Your plan must meet the following requirements:   èFiles must be stored in an encrypted format.   èFiles must be accessible by remote users over the Internet.   èFiles must be encrypted while they are transmitted over the Internet. What should you include in your plan?（）

• A、Deploy one Microsoft SharePoint Foundation 2010 site. Require users to access the SharePoint site by using a Secure Socket Transmission Protocol （SSTP） connection.
• B、Deploy two Microsoft SharePoint Foundation 2010 sites.Configure one site for internal users. Configure the other site for remote users. Publish the SharePoint sites by using HTTPS.
• C、Configure a Network Policy and Access Services （NPAS） server to act as a VPN server. Require remote users to access the files by using an IPsec connection to the VPN server.
• D、Store all sensitive files in folders that are encrypted by using Encrypting File System （EFS）. Require  remote users to access the files by using Secure Socket Transmission Protocol （SSTP）.

第14题：

Your network consists of a single Active Directory domain. The network contains a server that runs Windows Server 2003 Service Pack 2 （SP2）. The server has an application that runs as a service. The application uses a domain service account to access other servers in the domain. Security policies require that users reset their passwords every 30 days. After the application runs for a month， the application fails.You need to ensure that the application starts and can access the remote servers. What should you do？（）

• A、In the Services snap-in, set the service to log on as the Local System account and start the service.
• B、In the Services snap-in, set the service to log on as the Local Administrator account and start the service.
• C、In Active Directory Users and Computers, reset the server’s computer account. In the Services snap-in, start the service.
• D、In Active Directory Users and Computers, set the Account Expires option to Never. In the Services snap-in, start the service. 

第15题：

You need to design a security strategy for a remote e-mail access. What should you do？（）

• A、Require remote users to access e-mails by using Outlook Mobile Access
• B、Require Outlook Web Access users to install the secure MIME ActiveX-Control and to encrypt all messages
• C、On Outlook Web Access servers that accept connections from the Internet configure IIS to require SSL for all connections
• D、On Outlook Web Access servers that accept connections from the Internet configure IIS to require Integrated Windows Authentication

第16题：

Your company consists of a single Active Directory domain that is configured in Windows 2000 native mode. All servers run Windows Server 2003 Service Pack 2 (SP2). You deploy a Routing and Remote Access server to provide VPN access to the network.You need to ensure that only members of a group named Sales can access the network through the VPN. The solution must minimize the administrative effort required to manage remote access.  What should you do?（）

• A、Allow dial-in access for the user accounts of all Sales group members. 
• B、Deny dial-in access for the user accounts of all users except the Sales group members. 
• C、Create a remote access policy and assign the Allow - Remote Access permission. Add the Windows-Groups condition and specify the Sales group. 
• D、Create a remote access policy and assign the Deny - Remote Access permission. Add the Windows-Groups condition and specify all Active Directory groups except for Sales.

第17题：

第18题：

第19题：

第20题：

第21题：

第22题：

第23题：

第24题：