54SA.COM|专注于系统运维管理,为中国SA提供动力!
Getting online shouldn't be tough. $7.99 .COMs
系统管理员之家Banner
当前位置: 主页 > Windows > 微软认证 >

MCSE指导:70-291考题分析

时间:2012-04-16 00:00来源:网络 编辑:lihui

  You are the network administrator for PCjob. The network consists of a single Active Directory domain PCjob.com. The domain contains Windows Server 2003 computers, Windows XP Professional computers, and Windows 2000 Professional computers.

  An IPSec policy is assigned to a server named PCjobA. By using the IP Security Monitor console on PCjobA, you verify the IPSec communication connections, and you notice that all computers that have established security associations (SAs) with PCjobA are displayed by their IP addresses.

 You want computers that have established SAs with PCjobA to be displayed in IP Security Monitor by a fully qualified domain name (FQDN).

  What should you do on PCjobA?

   A. In the assigned policy, add a new rule that filters all TCP and UDP traffic on port 53.

  Configure the filter action to permit unsecured IP packets to pass through.

   B. Open the IP Security Monitor console and configure the properties of PCjobA to enable the Enable DNS name resolution option.

   C. From a command prompt, run the netsh ipsec static show all command.

   D. From a command prompt, run the netsh ipsec dynamic show all command.

  选择:D

  Win2K客户端的SUS配置:

  原题:

  You are the network administrator for PCjob. The network consists of a single Active Directory domain PCjob.com. The domain contains 25 Windows server 2003 computers and 5,000 Windows 2000 Professional computers.

  You install and configure Software Update Services (SUS) on a server named PCjobSrv. All client computer accounts are in the Clients organizational unit (OU). You create a Group Policy object (GPO) named SUSupdates and link it to the Clients OU. You configure the SUSupdates GPO so that client computers obtain security updates from PCjobSrv.

  Three days later, you examine the Windowsupdate.log file on several client computers and discover that they have downloaded Windows security updates from only windowsupdate.microsoft.com.

  You need to configure all client computers to download Windows security updates from PCjobSrv.

  What should you do?

  A. Open the SUSupdates GPO and configure the Configure Automatic Update policy to assign the Auto download and notify for install setting for Windows security updates.

  B. Open the SUSupdates GPO and configure the Configure Automatic Update policy to assign the Auto download and schedule the install setting for Windows security updates.

C. Create software distribution policy for the SUSupdates GPO that assigns the package WUAU22.msi to all client computers.Restart all client computers.

  D. On all client computers, configure the UseWUServer registry value to enable Automatic Updates to use PCjobSrv.

  你是PCjob的网络管理员,网络由一个单独的活动目录域PCjob.com组成,这个域包含25台Windows Server 2003计算机和5000台Windows 2000 Professional计算机。

  你在一台名为PCjobSrv的服务器上安装了Software Update Services(SUS),所有的客户端计算机账号都在Clients组织单元(OU)中。你创建了一组策略对象(GPO)命名为SUSupdates并且链接到Clients OU,你配置SUSupdates GPO让客户端计算机从PCjobSrv获得安全更新。

  三天后,你检查几台客户端计算机的Windowsupdate.log文件并且发现他们只从 Windowsupdate.microsoft.com下载到Windows安全更新。

  你需要配置所有的客户端计算机从PCjobSrv下载安全更新。

  怎么做呢?

  题解:

  作为Windows 2000客户端计算机,是不能够使用从更新服务器上收到的GPO设置的。要解决这个问题,你可以导入一个模板文件,但是这个答案并不在上述的列表中,唯一可供选择的正确答案便只有在所有客户计算机上配置UseWUServer注册表键值来实现使用PCjobSrv来自动更新。

  正确答案:D

  You are the network administrator for PCjob.com.

  A server named PCjobSrvA functions as an intranet Web server for the human resources (HR) department. A server named PCjobSrvB is a Microsoft Exchange 2000 Server mail server. The network configuration is shown in the exhibit.

  PCjobSrvA contains confidential documents that must be accessed daily by users on only the 10.9.8.0 subnet.

  All users must be able to connect to PCjobSrvB.

  You want to configure the TCP/IP properties of PCjobSrvA to prevent any computer in the 10.9.7.0 subnet from establishing a session with PCjobSrvA.

  What should you do?

  A. Configure PCjobSrvA port filtering to block TCP port 80.

[责任编辑:admin]


------分隔线----------------------------
发表评论
请自觉遵守互联网相关的政策法规,严禁发布色情、暴力、反动的言论。
评价:
用户名:
最新评论 进入详细评论页>>