单项选择题

Your network consists of a single Active Directory domain. The domain contains an organizational unit （OU） named SecureServers. The SecureServers OU contains a computer account for a server named Server1.
You link a Group Policy object （GPO） to the SecureServers OU. In the GPO， you assign an IPSec policy that requires encryption for all communications. You notice that all communications to Server1 are unencrypted.You need to ensure that all communications to Server1 are encrypted immediately.
What should you do？（）

A.On Server1， run gpudate.exe.
B.On Server1， run gpresult.exe.
C.From the properties of the GPO， enable the Enforced option.
D.From the properties on the SecureServers OU， enable the Block policy inheritance setting.

相关考题

You have two stand-alone servers that run Windows Serve...

单项选择题

You have two stand-alone servers that run Windows Server 2003 Service Pack 2 （SP2）. You assign the Secure Server （Require security） IPSec policy to both servers. From Server1， you notice that you cannot access resources on Server2.
You need to ensure that you can access resources on Server2. All communications between Server1 and Server2 must be encrypted.
What should you do？（）

A.On Server1， assign the Client （Respond only） IPSec policy.
B.On Server2， assign the Server （Request Security） IPSec Policy.
C.On Server1 and Server2， modify the authentication settings in the Secure Server （Require security） IPSec Policy.
D.On Server1 and Server2， enable Master Key perfect forward secrecy （PFS） in the Secure Server （Require security） IPSec Policy.

Your network contains a Terminal Services server named ...

单项选择题

Your network contains a Terminal Services server named Server1 that runs Windows Server 2003 Service Pack 2 （SP2）.
Server1 has a server certificate from a trusted authority installed. All Terminal Services clients have the RDP client version 5.2 installed. You need to ensure that all Terminal Services connections to Server1 use Transport Layer Security.
What should you do？（）

A.In Terminal Services Configuration， change the permissions for Remote Desktop Users to Full Control.
B.In Terminal Services Configuration， change the security layer setting to Negotiate and set the encryption level to High.
C.In Local Security Policy， enable Domain Member： Require strong （Windows 2000 or later） session key.
D.In Local Security Policy， enable Domain Member： Digitally encrypt or sign secure channel data （always）.

Your network contains a Web server named Server1 that r...

单项选择题

Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server （IIS）. Server1 has a server certificate from an Enterprise Certificate Authority （CA） installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser， they receive the following warning message： “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.”
You find that users on the corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1.
What should you do？（）

A.In IIS Manager， enable the Enable client certificate mapping option.
B.In IIS Manager， replace the certificate with a certificate obtained from a public Certification Authority.
C.In Local Security Policy， enable Domain Member： Require strong （Windows 2000 or later） session key.
D.In Local Security Policy， enable Domain Member： Digitally encrypt or sign secure channel data （always）.

MCSE(70-291)