单项选择题
A. Use Local Security Policy to view the Security Options for Server1.
B. Use Resultant Set of Policy (RSoP) to run an RSoP logging mode query to view the IP Security Policies on Local Computer for Server1.
C. Use Resultant Set of Policy (RSoP) to run an RSoP planning mode query to view the Security Options for Server1.
D. Use IP Security Monitor to view the Active Policy for Server1.
E. Use IP Security Monitor to view the IKE Policies for Server1.
多项选择题 You are the systems engineer for your company. The company has a main office in Los Angeles and two branch offices, one in Chicago and one in New York. The offices are connected to one another by dedicated T1 lines. Each office has its own local IT department and administrative staff. The company network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. All servers support firmware-based console redirection by means of the serial port. The server hardware does not support any other method of console redirection and cannot be upgraded to do so. The company is currently being reorganized. The IT departments from each branch office are being relocated to a new central data center in the Los Angeles office. Several servers from each branch office are also being relocated to the Los Angeles data center. Each branch office will retain 10 servers. A new written security policy includes the following requirements: • All servers must be remotely administered for all administrative tasks. • All servers must be administered from the Los Angeles office. • All remote administration connections must be authenticated and encrypted. Your current network configuration already adheres to the new written security policy for day-to-day server administration tasks performed on the servers. You need to plan a configuration for out-of-band management tasks for each office that meets the new security requirements. Which three actions should you take?()
单项选择题 You are the systems engineer for your company. The network consists of a single Active Directory domain. The company has a main office and two branch offices. All servers run Windows Server 2003. All client computers run either Windows XP Professional or Windows 2000 Professional. Each branch office maintains a dedicated 256-Kbps connection to the main office. Each office also maintains a T1 connection to the Internet. Each office has a Microsoft Internet Security and Acceleration (ISA) Server 2000 computer, which provides firewall and proxy services on the Internet connection. Each branch office contains one domain controller and five servers that are not domain controllers. There is minimal administrative staff at the branch offices. A new company policy states that all servers must now be remotely administered by administrators in the main office. The policy states that all remote administration connections must be authenticated by the domain and that all traffic must be encrypted. The policy also states that the remote administration traffic must never be carried in clear text across the Internet. You choose to implement remote administration by enabling Remote Desktop connections on all servers on the network. You decide to use the Internet-connected T1 lines for remote administration connectivity between offices. Because administrative tasks might require simultaneous connections to multiple servers across the network, you need to ensure that administrators do not lose connections to servers in one office when they attempt to connect to servers in another office. What should you do? ()
多项选择题 You are the systems engineer for your company. The network consists of three physical networks connected by hardware-based routers. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. Each physical network contains at least one domain controller and at least one DNS server. One physical network contains a Microsoft Internet Security and Acceleration (ISA) Server array that provides Internet access for the entire company. The network also contains a certificate server. Company management wants to ensure that all data is encrypted on the network and that all computers transmitting data on the network are authenticated. You decide to implement IPSec on all computers on the network. You edit the Default Domain Policy Group Policy object (GPO) to apply the Secure Server (Require Security) IPSec policy. Users immediately report that they cannot access resources located in remote networks. You investigate and discover that all packets are being dropped by the routers. You also discover that Active Directory replication is not functioning between domain controllers in different networks. You need to revise your design and implementation to allow computers to communicate across the entire network. You also need to ensure that the authentication keys are stored encrypted. Which two actions should you take?()