You deploy a mobile messaging solution with Microsoft Exchange Server 2003 Service Pack 2.  
When the application is running， it must not be able to access protected registry keys.  
You need to ensure that the application meets the outlined requirement.
What are two possible ways to achieve this goal？（）

单项选择题You deploy a mobile messaging solution by using front-end and back-end servers that run Microsoft Exchange Server 2003 Service Pack 2. Certificates are installed on all Microsoft Windows Mobilebased devices.   You need to allow devices that run Microsoft Windows Mobile 5.0 to perform certificate-based authentication for Microsoft Exchange ActiveSync.   What should you do？（）

A.Configure the front-end server for Kerberos Constrained Delegation （KCD）.
B.Configure a Routing Group Connector between the front-end and back-end servers.
C.Configure the Windows Mobilebased devices with a Point-to-Point Protocol （PPTP） connection.
D.Configure the Windows Mobilebased devices to use Extensible Authentication Protocol （EAP） and either a smart card or a certificate.

单项选择题You deploy mobile devices that run Microsoft Windows Mobile 5.0.   Company security policy requires an authentication process that is stronger than a user name and password combination.   You need to ensure that Microsoft ActiveSync sessions use an authentication process that meets the company security policy.   What should you do？（）

A.Deploy a two-factor authentication process.
B.Deploy a single-factor authentication process.
C.Deploy a simple PIN policy for the Windows Mobilebased devices.
D.Deploy a complex PIN policy for the Windows Mobilebased devices.

多项选择题You deploy mobile devices that run Microsoft Windows Mobile 5.0.   A Microsoft Windows Server 2003 server that runs Routing and Remote Access is configured to allow virtual private network （VPN） connections that are as secure as possible.   You need to connect the Windows Mobilebased devices to the VPN server. You also need to ensure that both ends of the VPN tunnel are authenticated.  Which two actions should you perform？（）

A.Select L2TP/IPSec on each Windows Mobilebased device.
B.Obtain and install a certificate on each Windows Mobilebased device.
C.Configure the appropriate pre-shared key on each Windows Mobilebased device.
D.Select Point-to-Point Tunneling Protocol （PPTP） on each Windows Mobilebased device.

单项选择题A user uses both a Microsoft Windows Mobile 5.0 Smartphonebased device  and a Microsoft Windows Mobile 5.0 Pocket PC Phone Edition device for Over-The-Air （OTA） e-mail. Both devices have Microsoft Messaging and Security Feature Pack installed.   A remote wipe command is issued against the Pocket PC device.   The user reconfigures the ActiveSync settings on the Pocket PC device. When the user attempts synchronization， the device hard-resets again.   You need to ensure that the user can synchronize the Pocket PC device.   What should you do？（）

A.Cancel the remote wipe issued against the Pocket PC device.
B.Instruct the user to configure only one device for ActiveSync.
C.Instruct the user to perform a soft-reset of the Pocket PC device.
D.Instruct the user to perform a manual hard-reset of the Pocket PC device.

单项选择题You deploy a mobile messaging solution with Microsoft Exchange Server 2003 Service Pack 2.   The company security policy requires complex passwords on all the Microsoft Windows Mobilebased devices.   You provide a Microsoft Windows Mobile 5.0 smartphonebased device to a new user. The first time the user uses the device， the user is not prompted for a password. You need to ensure that the user is prompted for a password.   What should you do？（）

A.Instruct the user to set a PIN on the mobile device.
B.Instruct the user to perform Microsoft Exchange ActiveSync synchronization Over-The-Air （OTA）.
C.On the Device Security Settings tab， select the Require both numbers and letters option.
D.Add the user account of the user to the Exceptions list on the Device Security Settings tab.