多项选择题
A. Connect each server’s serial port to a terminal concentrator. Connect the terminal concentrator to the network.
B. Connect a second network adapter to each server. Connect the second network adapter in each server to a separate network switch. Connect the management port on the switch to a WAN port on the office router. Enable IPSec on the router.
C. Enable Routing and Remote Access on a server in each branch office, and configure it as an L2TP/IPSec VPN server. Configure a remote access policy to allow only authorized administrative staff to make a VPN connection.
D. On each server, enable the Telnet service with a startup parameter of Automatic. Configure Telnet on each server to use only NTLM authentication. Apply the Server (Request Security) IPSec policy to all servers.
E. On each server, enable Emergency Management Services console redirection and the Emergency Management Services Special Administration Console (SAC).
单项选择题 You are the systems engineer for your company. The network consists of a single Active Directory domain. The company has a main office and two branch offices. All servers run Windows Server 2003. All client computers run either Windows XP Professional or Windows 2000 Professional. Each branch office maintains a dedicated 256-Kbps connection to the main office. Each office also maintains a T1 connection to the Internet. Each office has a Microsoft Internet Security and Acceleration (ISA) Server 2000 computer, which provides firewall and proxy services on the Internet connection. Each branch office contains one domain controller and five servers that are not domain controllers. There is minimal administrative staff at the branch offices. A new company policy states that all servers must now be remotely administered by administrators in the main office. The policy states that all remote administration connections must be authenticated by the domain and that all traffic must be encrypted. The policy also states that the remote administration traffic must never be carried in clear text across the Internet. You choose to implement remote administration by enabling Remote Desktop connections on all servers on the network. You decide to use the Internet-connected T1 lines for remote administration connectivity between offices. Because administrative tasks might require simultaneous connections to multiple servers across the network, you need to ensure that administrators do not lose connections to servers in one office when they attempt to connect to servers in another office. What should you do? ()
多项选择题 You are the systems engineer for your company. The network consists of three physical networks connected by hardware-based routers. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. Each physical network contains at least one domain controller and at least one DNS server. One physical network contains a Microsoft Internet Security and Acceleration (ISA) Server array that provides Internet access for the entire company. The network also contains a certificate server. Company management wants to ensure that all data is encrypted on the network and that all computers transmitting data on the network are authenticated. You decide to implement IPSec on all computers on the network. You edit the Default Domain Policy Group Policy object (GPO) to apply the Secure Server (Require Security) IPSec policy. Users immediately report that they cannot access resources located in remote networks. You investigate and discover that all packets are being dropped by the routers. You also discover that Active Directory replication is not functioning between domain controllers in different networks. You need to revise your design and implementation to allow computers to communicate across the entire network. You also need to ensure that the authentication keys are stored encrypted. Which two actions should you take?()
多项选择题 You are the senior systems engineer for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. Client computers in the sales department run Windows NT Workstation 4.0 with the Active Directory Client Extensions software installed. All other client computers run Windows XP Professional. All servers are located in an organizational unit (OU) named Servers. All client computers are located in an OU named Desktops. Four servers contain confidential company information that is used by users in either the finance department or the research department. Users in the sales department also store files and applications on these servers. The company’s written security policy states that for auditing purposes, all network connections to these resources must require authentication at the protocol level. The written security policy also states that all network connections to these resources must be encrypted. The company budget does not allow for the purchase of any new hardware or software. The applications and data located on these servers may not be moved to any other server in the network. You define and assign the appropriate permissions to ensure that only authorized users can access the resources on the servers. You now need to ensure that all connections made to these servers by the users in the finance department and in the research department meet the security guidelines stated by the written security policy. You also need to ensure that all users in the sales department can continue to access their resources. Which two actions should you take?()