单选题You need to design a security patch management strategy. Your solution must meet business and security requirements, and it must accommodate the company’s resource restrictions. What should you do?()A Test and manually deploy updatesB Deploy a Software

题目
单选题
You need to design a security patch management strategy. Your solution must meet business and security requirements, and it must accommodate the company’s resource restrictions. What should you do?()
A

Test and manually deploy updates

B

Deploy a Software Update Services (SUS) server. Test all updates and then approve them. Configure all client computers to automatically obtain updates from the server

C

Test all updates and then use a third-party utility to repackage updates in a Windows Installer file. Deploy the -.msi files by using Group Policy

D

Configure all client computers to use Automatic Updates to obtain security updates from the Windows Update Web site. Test all updates posted to the Windows Update Web site

相似考题

1.你们需要安保专家对场馆做安全评估吗?A.Do you need a security expert to value the potential danger of the region?B.Do you need a security expert to calculate the potential adventure of the area?C.Do you need a security expert to account the potential risks of the region?D.Do you need a security expert to evaluate the potential risks of the place?

2. You are the network administrator for your company. Your network consists of a single Active   Directory domain. Three security groups named Accountants, Processors, and Management are located in an organizational unit (OU) named Accounting. All of the user accounts that belong to these three  groups are also in the Accounting OU. You create a Group Policy object (GPO) and link it to the  Accounting OU. You configure the GPO to disable the display options under the User Configuration  section of the GPO. You need to achieve the following goals: You need to ensure that the GPO applies to  all user accounts that are members of the Processors group. You need to prevent the GPO fromapplying  to any user account that is a member of the Accountants group. You need to prevent the GPO from  applying to any user account that is a member of the Management group, unless the user account is also  a member of the Processors group. What should you do?()A、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL of the GPO to assign the users who are in both the Accountants and Management security groups the Allow - Read and the Allow - Apply Group Policy permissions.B、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Create a new security group named Mixed that contains all the user accounts from the Processors group and the specific user accounts from the Management group to which you want the GPO to apply. Modify the DACL of the GPO to assign the Mixed security group the Allow - Read and the Allow - Apply Group Policy permissions.C、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants security group the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL settings of the GPO to remove the Authenticated Users special group. Modify the DACL settings of the GPO to add the Processors group and assign the Allow - Read and the Allow - Apply Group Policy permissions.D、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants security group the Deny - Read and the Allow - Apply Group Policy permissions. Modify the DACL settings of the GPO to assign the Management security group the Deny - Read and the Deny - Apply Group Policy permissions.

3. You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003.   The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings.   The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers. The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings.   You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements.   What should you do? ()A、 Apply the Setup security.inf template first, the Hisecws.inf template next, and then the Application.inf template.B、 Apply the Application.inf template and then the Hisecws.inf template.C、 Apply the Application.inf template first, the Setup security.inf template next, and then the Hisecws.inf template.D、 Apply the Setup security.inf template and then the Application.inf template.

4.You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do?()A、Create a script that installs the Hisecdc.inf security templateB、Use a GPO to distribute and apply the Hisec.inf security templateC、Use the System Policy Editor to configure each server’s security settingsD、Use a GPO to distribute and apply a custom security template

更多“You need to design a security patch management strategy. You”相关问题

  • 第1题:

    You need to design a method to log changes that are made to servers and domain controllers. You also need to track when administrators modify local security account manager objects on servers. What should you do?()

    • A、Enable failure audit for privilege user and object access on all servers and domain controllers
    • B、Enable success audit for policy change and account management on all servers and domain controllers
    • C、Enable success audit for process tracking and logon events on all servers and domain controllers
    • D、Enable failure audit for system events and directory service access on all servers and domain controllers

    正确答案:B

  • 第2题:

    You need to design a security patch management strategy. Your solution must meet business and security requirements, and it must accommodate the company’s resource restrictions. What should you do?()

    • A、Test and manually deploy updates
    • B、Deploy a Software Update Services (SUS) server. Test all updates and then approve them. Configure all client computers to automatically obtain updates from the server
    • C、Test all updates and then use a third-party utility to repackage updates in a Windows Installer file. Deploy the -.msi files by using Group Policy
    • D、Configure all client computers to use Automatic Updates to obtain security updates from the Windows Update Web site. Test all updates posted to the Windows Update Web site

    正确答案:B

  • 第3题:

    You have an Exchange Server 2010 organization.  You have a global security group named Legal that contains all the members of your companys legaldepartment.  The companys security policy states that the Legal group must be able to search all mailboxes for e-mailmessages that contain specific keywords.  You need to recommend a solution for the organization that complies with the security policy.  What should you include in the solution?()

    • A、a Discovery Management role group
    • B、a legal hold
    • C、administrator audit logging
    • D、Mailbox journaling

    正确答案:A

  • 第4题:

    You need to recommend a management solution for Server1 that meets the company's security  requirements.   What should you include in the recommendation?()

    • A、access-based enumeration (ABE)
    • B、Authentication Mechanism Assurance
    • C、Authorization Manager
    • D、Hyper-V Manager

    正确答案:C

  • 第5题:

    You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?()

    • A、Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domain
    • B、Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security template
    • C、Create a logon script to run the secedit command to analyze all servers in the domain
    • D、Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain

    正确答案:D

  • 第6题:

    多选题
    You need to design a strategy to increase security for the client computers in the finance department. Which two actions should you perform?()
    A

    Enable automatic certificate enrollment

    B

    Enforce smart card logons

    C

    Enable Encrypting File System (EFS) for offline files

    D

    Enable a screen saver password


    正确答案: A,D
    解析: 暂无解析

  • 第7题:

    单选题
    You have a server that runs Windows Server 2003 Service Pack 2 (SP2). You need to compare the current security settings of the server to a security template. Which tool should you use?()
    A

    Security Templates snap-in

    B

    Group Policy Management Console

    C

    Security Configuration and Analysis snap-in

    D

    Microsoft Baseline Security Analyzer (MBSA)


    正确答案: B
    解析: 暂无解析

  • 第8题:

    单选题
    You need to recommend a management solution for the corporate Web sites that meets the museum’s security policy    What should you include in the recommendation?()
    A

    Internet Information Services (IIS) Manager

    B

    Remote Desktop Services (RDS)

    C

    Remote Server Administration Tools (RSAT)

    D

    Windows PowerShell 2.0


    正确答案: A
    解析: 暂无解析

  • 第9题:

    You need to design a method to address the chief information officer’s security concerns. What should you do?()

    • A、Configure Windows Management Instrumentation (WMI) filtering options in the Default Domain Policy GPO
    • B、Use the gpresult command
    • C、Use Mbsacli.exe
    • D、Configure software restriction policy options in the Default Domain Policy GPO

    正确答案:C

  • 第10题:

    You have an Exchange Server 2010 organization that consists of 50 Exchange Server 2010 servers. Your companys security policy states that approved Exchange and Windows Server patches and securityupdates must be applied to all Exchange servers within one week of being released.  You need to recommend a patch management solution that meets the following requirements: .Allow administrators to manually approve patches and security updates .Allow only the installation of approved patches and security updates  .Minimize the administrative effort to deploy patches  .Minimize the deployment costs What should you include in the solution?()

    • A、Microsoft Update
    • B、Microsoft System Center Configuration Manager
    • C、Windows Server Update Services
    • D、Windows Update

    正确答案:C

  • 第11题:

    You have a server that runs Windows Server 2003 Service Pack 2 (SP2).You need to compare the current security settings of the server to a security template. Which tool should you use?()

    • A、Security Templates snap-in 
    • B、Group Policy Management Console 
    • C、Security Configuration and Analysis snap-in 
    • D、Microsoft Baseline Security Analyzer (MBSA)

    正确答案:C

  • 第12题:

    You have an Exchange 2010 organization.You have an administrative user named Admin1.You need to ensure that Admin1 can move mailboxes in the organization.The solution must assign the minimum amount of permissions to Admin1. What should you do?()

    • A、Create a local move request.
    • B、Create a custom Management role.Assign the role to Admin1.
    • C、Add Admin1 to the Organization Management role group.
    • D、Add Admin1 to the Recipient Management security group.

    正确答案:B

  • 第13题:

    单选题
    You need to design a method to deploy security configuration settings to servers. What should you do?()
    A

    Run the Resultant Set of Policy wizard with a Windows Management Instrumentation (WMI) filter on each department’s Server OU

    B

    Log on to each server and use local policy to configure and manage the security settings

    C

    Create a customer security template. Log on to a domain controller and run the seceditcommand to import the security template

    D

    Create a customer security template. Create a GPO and import the security template. Link the GPO to each department’s Server OU


    正确答案: B
    解析: 暂无解析

  • 第14题:

    单选题
    You are designing a group management strategy for users in the finance department. You need to  identify the appropriate changes that need to be made to the current group management strategy. You want to accomplish this goal by using the minimum number of groups.  What should you do?()
    A

     Add the finance users to the financeData group to which the necessary permissions have been assigned.

    B

     Add the finance users to the financeGG group to which the necessary permissions have been assigned.

    C

     Add the finance users to the financeGG group. Then add the financeGG group to the financeData group to which the necessary permissions have been assigned.

    D

     Add the finance users to the financeGG group. Add the financeGG group to the financeUG group to the financeDat group to which the necessary permissions have been assigned.


    正确答案: B
    解析: 暂无解析

  • 第15题:

    单选题
    You need to design a patch management strategy for Southbridge Video. Your solution must meet business requirements. What should you do?()
    A

    Configure all client computers to use Automatic Updates to obtain security patches from the Windows Update Web site. Test and install all patches

    B

    Configure a batch file to download security patches daily. Distribute the security patches by using a.zap file and the Default Domain Policy Group Policy object (GPO)

    C

    Deploy a Software Update Services (SUS) server. Test all security patches and then approve them. Configure all client computers to automatically obtain updates from the server

    D

    Configure a batch file to download security patches daily. Manually install the security patches on all computers


    正确答案: B
    解析: 暂无解析

  • 第16题:

    单选题
    You need to design a method to monitor the security configuration of the IIS server to meet the requirements in the written security policy. What should you do?()
    A

    Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the IIS server computer account

    B

    Run the Microsoft Baseline Security Analyzer (MBSA) on the IIS server and scan for vulnerabilities in Windows and IIS checks

    C

    Run Security Configuration and Analysis to analyze the IIS server’s security settings by using a custom security template

    D

    On the IIS server, run the gpresult command from a command prompt and analyze the output


    正确答案: A
    解析: 暂无解析

相关内容