单选题You have a combined Windows 2000 and Windows 98 network that contain sensitive data. You want to utilize as many new Windows 2000 security features as possible. You want to customize a security policy on each computer to ensure that data is kept confid

第1题：

You are the administrator of Company.com's Windows 2000 Network. The routed TCP/IP network that you administer consists of 10 Windows 2000 Server computers and 75 Windows 2000 Professional computers. All computers are members of a single Windows 2000 domain named Company.com. TCP/IP is the only network protocol used at Company's office. You have recently installed 10 new Windows 2000 Professional computers and you want to enable the new computers to use host names to connect to shared resources on the network. You configure a TCP/IP address and a gateway address on each new computer. You want to complete the configuration to allow the computers to communicate on the network.  What should you do?（）

• A、Configure a DNS suffix.
• B、Configure a subnet mask.
• C、Configure an LMHOSTS file.
• D、Configure an Interface metric.
• E、Configure at least one DNS address.

第2题：

You have a combined Windows 2000 and Windows 98 network that contain sensitive data. You want to utilize as many new Windows 2000 security features as possible. You want to customize a security policy on each computer to ensure that data is kept confidential and secured. Allcomputers must still be able to communicate with each other over the network. What should you do？（）

• A、Use the security configuration and analysis console to improve the HISECWS security  template file.
• B、Use the local computer policy to disable the access this computer from the network option.
• C、Use SECEDIT to reconfigure the computer default security settings to not allow anonymous  access to the computer.
• D、Create a policy that excludes write access to the windows 2000 computers then apply the  policy to all non-windows 2000 computers.
• E、None of the above, Windows 9X systems cannot be secured using security template files.

第3题：

You are the administrator of your company’s network. You use Security Templates to configure a Security Policy on the Windows 2000 Professional Computers in the Sales organizational unit （OU）. You notice that the Computers in the Sales OU are not downloading the Security Policy settings. On each computer， the Security Policy appears in the Local Computer Policy， but is not listed as the effective policy. You want all computers in the Sales OU to have the Security Policy listed as the effective policy. How should you accomplish this task？ （）

• A、Use Security Templates to correct the setting and export the security file.
• B、Use Security Configuration and Analysis to import the security setting. Then create a Group policy object （GPO） for the Sales QU.
• C、Use Secedit /RefreshPolicy Machine_Policy command.
• D、Use the Basicwk.inf security file settings， save the security file， and then import the fileto theComputers.

第4题：

You are the network administrator for ExamSheet.net. You administer ExamSheet’s Windows 2000 network. Computers on the network run Windows 2000 Professional， Windows NT Workstation 4.0 and Windows 98. Ten Windows 2000 Professional computers are located in the research department. The users of the Windows 2000 Professional computers run legacy applications which are not certified for Windows 2000. These applications will not run for those users who only have User rights on the computers. You want to uniformly grant the users of these computers with the least possible administrative rights and still allow them to run the applications. What should you do？ （）

• A、On the research computers user the Local Computer Policy to disable theAccess this computer  from the networkoption.
• B、Apply the Compatws.inf security template to the research computers.
• C、Apply the Hisecws.inf security template to the research computers.
• D、On the research computers configure the computer default security settings to prevent anonymous access.

第5题：

You are the administrator of your company's network. Your network has 20 Windows 2000 server computers in the contoso.com domain. Your network also has 250 Windows 98 computers. You want to perform a clean installation of Windows 2000 Professional on all of the Windows 98 computers. All of the Windows 98 computers are identical models and are PXE complaint.   You want to accomplish the following goals:   • An unattended installation of Windows 2000 Professional will be performed.  • An unattended installation of company's standard applications will be performed during the     installation of Windows 2000 Professional.  • Each computer will be assigned a unique security identifier description.  • The unattended installation script will be modified so that the computers automatically join the    contoso.com domain.   You take the following actions:  • Install Windows 2000 Professional on a Windows 98 computer named computer1. • Install and configure computer standard applications on computer1.  • Use Setup Manager on computer1 to create an unattended.txt file based on the current    configuration including domain membership.  • Start the remaining Windows 98 computers and then install Windows 2000 Professional. Use    the unattended.txt file to provide the setting for the installation.   Which result or results do these actions produce?（）

• A、 An unattended installation of Windows 2000 Professional will be performed.
• B、 An unattended installation of company’s standard applications will be performed during the   Installation of Windows 2000 Professional.
• C、 Each computer will be assigned a unique security identifier description.
• D、 The unattended installation script will be modified so that the computers automatically join the  contoso.com domain.

第6题：

You are the network administrator for Company.  A user named Marie uses a Windows 2000 Professional computer named ES1 to process payroll records.  You want to prevent ES1 from being able to communicate with any Windows NT Workstation 4.0， Windows 98 and Windows 95 computers on the network. You also want ES1 to communicate only with other Windows 2000 computers.  What should you do？（）

• A、Close all NetBIOS ports in the Advanced TCP/IP options of ES1.
• B、Disable the Access this computer from network policy in the local security policy settings for ES1.
• C、Import the Securews.inf security template to ES1.
• D、Import the Hisecws.inf security template to ES1.
• E、Clear all WINS client settings on ES1.

第7题：

第8题：

第9题：

第10题：

第11题：

第12题：

第13题：

You are the administrator of your company’s network. Ten Windows 2000 Professional computers are located in the Research department. The computers contain highly confidential information. You want the 10 computers to be able to communicate with other Windows 2000 Professional computers on the network. However, you do not want them to communicate with computers that are not running Windows 2000, including those that are running Windows 95, Windows 98 and Windows NT.  You want to configure a security policy on each computer to ensure that the confidential information is secure. What should you do?（）

• A、Use Security Configuration and Analysis to import the Hisecws.inf security template file to modify the default security settings.
• B、Use security templates to create a security template file and import the security settings to modify the default security settings.
• C、Use the local computer policy to disable the access to this computer from the network option.
• D、Use Secedit.exe to reconfigure the computers’ default security settings to not allow anonymous access to the computers.

第14题：

You want to prevent a Windows 2000 Professional computer named Payroll5 from communicating on your network with Windows NT 4.0， Windows 95， and Windows 98 computers. You want to enable the payroll5 computer to communicate on your network with other Windows 2000 computers only. What should you do？（）

• A、Close all NetBIOS ports in the advanced TCP/IP options of Payroll5.
• B、Import the Hisecws.inf security template to payroll5.
• C、Disable access this computer from network in the local security policy settings for payroll5.
• D、Clear all WINS client settings on payroll5.

第15题：

You are the network administrator for ExamSheet.  Computers on your network run Windows 2000 Professional, Windows NT Workstation 4.0 and Windows 98. Ten Windows 2000 Professional computers are located in the research department. These computers contain highly confidential information. You want the 10 Windows 2000 Professional computers to be able to communicate only with other Windows 2000 computers.  What should you do?（）

• A、On the research computers use the Local Computer Policy to disable theAccess this computer  from the networkoption.
• B、Use Security Configuration and Analysis to apply the Highly Secure security template to the research computers.
• C、Add the users of the research computers to the Power Users group on each computer.
• D、On the research computers configure the security settings to prevent anonymous access.

第16题：

You are the network administrator for The network consists of a single Active Directory domain named Servers run either Windows 2000 Server or Windows Server 2003. Client computers run either Windows 2000 Professional Service Pack 2 or Windows XP Professional. You need to implement a new software update infrastructure. You discover that security patches, critical updates, and service packs have never been installed on any client computer on the network. You install Software Update Services (SUS) on a Windows Server 2003 computer named Testking5. You must ensure that all client computers receive all Microsoft security patches, critical updates, and service packs. You want to achieve this goal as quickly as possible. Which three actions should you perform? （）(Each correct answer presents part of the solution. Choose three)

• A、Install the Automatic Updates client on all Windows 2000 Professional client computers.
• B、Install the Automatic Updates client on all Windows XP Professional client computers.
• C、Install SUS on a Windows 2000 Server computer.
• D、Modify the Windows Update settings of the Default Domain Controller organizational unit (OU) Group Policy object (GPO) to point client computers to http://testking5.
• E、Modify the Windows Update settings of the Default Domain Policy Group Policy object (GPO) to point client computers to http://testking5.
• F、Upgrade all Windows 2000 Professional client computers to Windows XP Professional.

第17题：

You are the administrator of a Windows 2000 network.  You upgrade five computers in the sales department to Windows 2000 Professional. You then apply the Basicwk.inf security template to the upgraded computers. The remaining computers in the sales department are using Windows NT Workstation 4.0. When users log on to the Windows 2000 Professional computers they report that they are unable to run the company’s database application.  When the users log on to Windows NT Workstation 4.0 computers they are able to run the database application.  You want the users of Windows 2000 Professional computers to be able to run the database application.  What should you do? （）

• A、Apply the Securews.inf security template to the computers.
• B、Apply the Compatsws.inf security template to the computers.
• C、Delete the Basicwk.inf security template file from the computers.
• D、For each user account， grant Read permission to the database application and its associated files.
• E、Use the System Policy Editor to configure a new security policy for the database application.

第18题：

You are the network administrator for ExamSheet.net. You administer ExamSheet’s Windows 2000 network. You upgrade 10 computers in the Accounting department from Windows NT Workstation 4.0 to Windows 2000 Professional. All of the upgraded computers are configured to have the default security settings. For security purposes you want to ensure that these computers can only communicate with other Windows 2000 computers.  What should you do？（）

• A、On each computer configure separate memory spaces for each financial and credit applications.
• B、Apply Highly Secure security template to the local security policy of the computers in the Accounting department.
• C、Apply Compatible security template to the local security policy of the computers in the Accounting department.
• D、Add each user account to the Power Users group on that user’s computer.

第19题：

第20题：

第21题：

第22题：

第23题：

第24题：