You are the desktop administrator for your company. The……

单项选择题You are the desktop administrator for Contoso, Ltd. The companys network contains 1,000 Windows XP Professional computers, which are members of a single Active Directory domain. The computers hard disks are formatted as NTFS. The companys software developers release a new custom application. The application uses a .dll file named AppLib.dll, which is installed in a folder named  Program Files Contoso OpsApp. The companys help desk technicians report that several users experience problems when they use the application because the AppLib.dll file was deleted on their client computers. The companys software developers recommend that you modify the file permissions on AppLib.dll so that users have only Read permission on the file. You need to ensure that all users have only Read permission on the AppLib.dll file on all 1,000 Windows XP Professional computers. What should you do?（）

A.Write a logon script that moves the AppLib.dll file into the %systemroot%\System32 folder.
B.Ensure that Windows File Protection is enabled on all 1,000 Windows XP Professional computers.
C.Apply the logon script to all domain user accounts. 
D.Use the Security Configuration and Analysis console to create a new security template that modifies the file permissions on AppLib.dll. 
E.Use Active Directory Group Policy to import and apply the template to all 1,000 Windows XP Professional computers. 
F.Repackage the custom application in a Windows Installer package. 

单项选择题You are the desktop administrator for one of your companys branch offices. The network in the branch office contains 20 Windows XP Professional computers. Windows XP Professional was installed on the computers by using a RIS image. The computers also use a security template named Standard.inf, which you created and applied to the computers. The companys information security department releases a new security template named Corporate.inf. You are instructed to apply Corporate.inf to all 20 Windows XP Professional computers in your office. You are also instructed to make a list of all policies that are defined in Corporate.inf but that are not already enforced on the Windows XP Professional computers. You import Corporate.inf into the Security Configuration and Analysis console on your Windows XP Professional computer. The analysis is shown in the exhibit. You need to document the security policies that will be enforced for the first time when Corporate.inf is applied to the computers in your office. Which policies should you document?（）

A.the policies that are displayed with an X or an exclamation point in the analysis
B.the policies that are displayed with a check mark in the analysis 
C.the policies that are displayed as Enabled in the Computer Setting column
D.the policies that are displayed as Disabled in the Computer Setting column

单项选择题You are the administrator of the Windows XP Professional portable computers that are used by your companys sales representatives. The computers are members of a Windows 2000 domain. A Windows 2000 Server computer named Server1 contains the sales data used by the sales representatives in a shared folder named Data. When sales representatives travel, they use the Offline Files feature to access the files in the  Server1 Data shared folder. You want to ensure that the offline files on the portable computers are not accessible by unauthorized persons, in the event that a portable computer is lost. What should you do?（）

A.Instruct the sales representatives to configure the permissions on the offline files on their portable computers to allow access for only their user accounts. 
B.On Server1, configure the permissions on all files in the Data shared folder to allow access for only the sales representatives. 
C.Use a Group Policy object (GPO) to enable the Encrypt the Offline Files cache option for the portable computers. 
D.On the portable computers, enable encryption of the %systemroot%\CSC folder.
E.Apply this setting to the folder and files in the CSC folder.
F.On Server1, encrypt all files in the Data shared folder. 

单项选择题You are a help desk technician for your company. All users have Windows XP Professional computers. Ten users run a custom application named Finance on their computers. Finance stores user passwords in a file named Passwords.ini. By default, the Passwords.ini file is stored in a folder named C: Winnt App1.  The location and name of the file can be changed by an administrator. Each Passwords.ini file is unique. Each computer contains a single logical drive, which is drive C and is formatted as NTFS. In order to comply with a new company security policy, you need to ensure that the Passwords.ini files are encrypted. What should you do?（）

A.In the properties of the C:\Winnt\App1 folder, use Windows Explorer to select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box. 
B.Ask a network administrator to share a new encrypted folder named PassFiles on a network server and to permit users to read the files contained within the folder. Copy the Passwords.ini file from each computer into the PassFiles folder. On each computer, configure Finance to use the Passwords.ini file in the PassFiles folder.
C.Create a folder named C:\Files. Copy the Passwords.ini file to the C:\Files folder. In the properties of the C:\Files folder, select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box. Configure Finance to use the C:\Files\Passwords.ini file. 
D.Create a folder named C:\Files. Move the Passwords.ini file to the C:\Files folder. Instruct the user of each computer to open the properties of the C:\Files folder and select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box. Configure Finance to use the C:\Files\Passwords.ini file. 

单项选择题You are the administrator of a Windows XP Professional computer named Pro1.  The computer is connected to the Internet. Pro1 provides Internet access to eight other Windows XP Professional computers that are connected to Pro1. You enable Internet Connection Sharing （ICS） and Internet Connection Firewall （ICF） on Pro1. You run an application named App1 on Pro1.  App1 communicates with an online training company on the Internet. In order to display an online seminar， the training company needs to contact the App1 application at port 5800. You want to ensure that the training company can connect to the App1 application. What should you do?（）

A.Configure ICF to enable the Internet Control Message Protocol (ICMP) Allow redirect option. Then start the App1 application that opens port 5800.  
B.Create a new service definition named App1.  Use port 5800 as the external and internal port number. 
C.Edit the %systemroot%\System32\Drivers\Etc\Services file on Pro1 to include a service definition named App1 for port 5800.  
D.Change the TCP/IP settings on Pro1 to enable TCP/IP filtering. Permit network traffic on port 5800.