You Will Need To Configure The Specified Security Settings On The New File Servers

Explanation:

Choose "The following User", Enter "TestKing1\Tess" in the User Name field, enter kY74X" in the password field.

QUESTION NO: 10

You are the network administrator for TestKing. The network consists of a single Active Directory domain named testking.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers.

All confidential company files are stored on a file server named TestKing1. The written company security states that all confidential data must be stored and transmitted in a secure manner. To comply with the security policy, you enable Encrypting File System (EFS) on the confidential files. You also add EFS certificates to the data decryption field (DDF) of the confidential files for the users who need to access them.

While performing network monitoring, you notice that the confidential files that are stored on TestKing1 are being transmitted over the network without encryption.

You must ensure that encryption is always used when the confidential files on TestKing1 are stored and transmitted over the network.

What are two possible ways to accomplish this goal? (Each correct answer presents a complete solution. Choose two)

A. Enable offline files for the confidential files that are stored on TestKing1, and select the Encrypt offline files to secure data check box on the client computers of the users who need to access the files.

B. Use IPSec encryption between TestKing1 and the client computers of the users who need to access the confidential files.

C. Use Server Message Block (SMB) signing between TestKing1 and the client computers of the users who need to access the confidential files.

D. Disable all LM and NTLM authentication methods on TestKing1.

E. Use IIS to publish the confidential files. Enable SSL on the IIS server.

Open the files as a Web folder.

QUESTION NO: 11

You are the network administrator in the New York office of TestKing. The company network consists of a single Active Directory domain testking.com. The New York office currently contains one Windows Server 2003 file server named TestKingA.

All file servers in the New York office are in an organizational unit (OU) named New York Servers. You have been assigned the Allow - Change permission for a Group Policy object (GPO) named NYServersGPO, which is linked to the New York Servers OU.

The written company security policy states that all new servers must be configured with specified predefined security settings when the servers join the domain. These settings differ slightly for the various company offices.

You plan to install Windows Sever 2003, on 15 new computers, which all functions as file servers. You will need to configure the specified security settings on the new file servers.

TestKingA currently has the specified security settings configured in its local security policy. You need to ensure that the security configuration of the new file servers is identical to that of TestKingA. You export a copy of TestKingA's local security policy settings to a template file.

You need to configure the security settings of the new servers, and you want to use the minimum amount of administrative effort.

What should you do?

A. Use the Security Configuration and Analysis tool on one of the new servers to import the template file.

B. Use the default Domain Security Policy console on one of the new servers to import the template file.

C. Use the Group Policy Editor console to open NYServersGPO and import the template file.

D. Use the default Local Security Policy console on one of the new servers to import the template file.

Answer: C

QUESTION NO: 12

You are the network administrator for Testking. The network consists of a single Active Directory domain named testking.com. The network contains Windows Server 2003 member servers, Windows Server 2003 domain controllers, and Windows XP Professional computers. The relevant portion of the Active Directory structure is in the work area below.

The written company security policy allows users to use Encryption File System (EFS) on only portable computers. The network security administrator creates a separate domain account as the data recover agent (DRA). The Default Domain Policy contains the Internet Explorer security settings that are required on all computers in the domain.

Users are currently able to use EFS on any computer that will support EFS.

You need to configure Group Policy to ensure compliance with the company security policy. You want to link the minimum number of GPOs to accomplish this goal. All other domain GPOs must remain.

How should you configure Group Policy to ensure that users can use EFS on only portable computers?

To answer, drag the appropriate Group Policy setting or settings to the correct organizational unit (OU) or OUs.

Group Policy Settings Select from these

Dp not require a DRA

0 0

Post a comment