A.Enable the Audit account management policy in the Def……

单项选择题Your company has file servers located in an organizational unit named Payroll. The file servers  contain payroll files located in a folder named Payroll.     You create a GPO. You need to track which employees access the Payroll files on the file  servers.   What should you do（）

A.Enable the Audit object access option. Link the GPO to the Payroll organizational unit. On the file servers， configure
B.Enable the Audit object access option. Link the GPO to the domain. On the domain controllers， configure Auditing f
C.Enable the Audit process tracking option. Link the GPO to the Domain Controllers organizational unit. On the file se
D.Enable the Audit process tracking option. Link the GPO to the Payroll organizational unit. On the file servers， config

单项选择题Your network consists of a single Active Directory domain. User accounts for engineering  department are located in an OU named Engineering.     You need to create a password policy for the engineering department that is different from your  domain password policy.     What should you do（）

A.Create a new GPO. Link the GPO to the Engineering OU.
B.Create a new GPO. Link the GPO to the domain. Block policy inheritance on all OUs except for the Engineering OU
C.Create a global security group and add all the user accounts for the engineering department to the group. Create a
D.Create a domain local security group and add all the user accounts for the engineering department to the group. Fr

单项选择题Your company has an Active Directory domain.     A user attempts to log on to the domain from a client computer and receives the following  message：  This user account has expired. Ask your administrator to reactivate the account.      You need to ensure that the user is able to log on to the domain.     What should you do（）

A.Modify the properties of the user account to set the account to never expire.
B.Modify the properties of the user account to extend the Logon Hours setting.
C.Modify the properties of the user account to set the password to never expire.
D.Modify the default domain policy to decrease the account lockout duration.

多项选择题You need to ensure that users who enter three successive invalid passwords within 5 minutes are  locked out for 5 minutes.   Which three actions should you perform（）

A.Set the Minimum password age setting to one day.
B.Set the Maximum password age setting to one day.
C.Set the Account lockout duration setting to 5 minutes.
D.Set the Reset account lockout counter after setting to 5 minutes.
E.Set the Account lockout threshold setting to 3 invalid logon attempts.
F.Set the Enforce password history setting to 3 passwords remembered.

多项选择题The default domain GPO in your company is configured by using the following account policy  settings：   - Minimum password length： 8 characters   - Maximum password age： 30 days   - Enforce password history： 12 passwords remembered   - Account lockout threshold： 3 invalid logon attempts .Account lockout duration： 30 minutes     You install Microsoft SQL Server on a computer named Server1 that runs Windows Server 2008  R2. The SQL Server application uses a service account named SQLSrv. The SQLSrv account  has domain user rights.   The SQL Server computer fails after running successfully for several weeks. The SQLSrv user  account is not locked out.     You need to resolve the server failure and prevent recurrence of the failure.     Which two actions should you perform（）

A.Reset the password of the SQLSrv user account.
B.Configure the local security policy on Server1 to grant the Logon as a service right on the SQLSrv user account.
C.Configure the properties of the SQLSrv account to Password never expires.
D.Configure the properties of the SQLSrv account to User cannot change password.
E.Configure the local security policy on Server1 to explicitly grant the SQLSrv user account the Allow logon locally us