找考题网-背景图
单项选择题

You are the network administrator for The network consists of a single Active Directory domain named
The TestKing Staff department has a Windows 2003 computer that functions as a file server. The computer contains a folder named TestKingData. Auditing is enabled on the TestKingData folder. The TestKing Staff department reports that confidential files were deleted from the folder.
You need to identify the user who deleted the confidential files.
What should you do?()

A. In Event Viewer, create a new log view from the security log. Filter the log view to display only success audits.
B. In Event Viewer, create a new log view from the security log. Filter the log view to display only failure audits.
C. In Event Viewer, create a new log view from the system log. Filter the log view to display only success audits.
D. In Event Viewer, create a new log view from the system log. Filter the log view to display only failure audits.

<上一题 目录 下一题>
热门试题

单项选择题You are the network administrator for The network consists of a single Active Directory domain named All five domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. The domains audit policy ensures that all account logon events are audited. A temporary employee named King uses a client computer named TestKing1. When Kings temporary assignment concludes, his employment is terminated. Now you need to learn the times and dates when King logged on to the domain. You need to accomplish this goal by reviewing the minimum amount of information. What should you do?()

A. Log on to TestKing1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for King's user account.
B. Log on to TestKing1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for the TestKing1 computer account.
C. Use Event Viewer to view the security log on each domain controller. Use the Find option to list only the events for King's user account.
D. Use Event Viewer to view the security log on each domain controller. Set a filter to list only the events for King's user account.
E. Use Event Viewer to view the security log on each domain controller. Set a filter to list only the events for the TestKing1 computer account.

单项选择题You are the network administrator for the Berlin office of The company network consists of a single Active Directory domain named The Berlin office contains 15 file servers that contain confidential files. All the file servers run either Windows Server 2003 or Windows 2000 Server. All the file servers are in the BerlinFilePrint organizational unit (OU). TestKings security department sets a rule that specifies the size and retention settings for the Security event log of all file servers. The rule also specified that local administrators on servers cannot override the changes you make to the settings for the Security event log. You need to define a method to modify the Security event log settings on each file server in the Berlin office in order to meet the states requirements. What should you do?()

A. Modify the local security policy on each file server.Define the size and retention settings for the Security event log.
B. Create a security template on one of the file servers by using the Security Configuration and Analysis tool. Define the size and retention settings for the Security event log in the template. Import the security template into the local security policy of the other 14 file servers.
C. Use Event Viewer to modify the event log properties on each file server. Define the size and retention settings for the Security event log.
D. Create a new Group Policy object (GPO) and link it to the BerlinFilePrint OU. In the GPO, define the size and retention settings for the Security event log.

多项选择题You are the network administrator for The company contains of a main office and five branch offices. Network servers are installed in each office. All servers run 2003 The technical support stuff is located in the main office. Users in the branch office do not have the Log on locally right on local servers. Servers in the branch office collect auditing information. You need the ability to review the ability to review the auditing information located on each branch office server while you are working at the main office. You also need to save the auditing information on each branch office server on the local hard drive. Which two actions should you perform?() (Each correct answer presents part of the solution. Choose two.)

A. From the Security Configuration and Analysis snap-in save the appropriate .inf file on the local hard drive.
B. Solicit Remote Assistance from each branch office server.
C. From Computer Management open Event Viewer, save the appropriate .evt file on the local hard drive
D. Run secedit.exe, specify the appropriate parameter
E. Establish a Remote Desktop client session with each branch office server

单项选择题You are the network administrator for Among other duties you administer a Windows 2003 server named TestKingB. You install Terminal Services on TestKingB. You add users from the TestKing support department to the Power Users group and to the Remote Desktop Users group on TestKingB. You notice that TestKingB is periodically unavailable. You open Event Viewer on TestKingB and discover that the server was restarted accidentally by users in the TestKing support department. You need to ensure that users in the TestKing support department can establish a Terminal Services session and can manage local user accounts on TestKingB. However, they should not have the ability to restart TestKingB. Which action or actions should you perform? Select all that apply.()

A. Remove the TestKing Support department user accounts from the Power Users group.
B. Remove the TestKing Support department user accounts from the Remote Desktop Users group.
C. Remove the Power Users group from the Shut down the system user right.
D. Add the Power Users group to the Deny log on locally user right.
E. Modify the permission on the RDP-Tcp connection by using Terminal Services Configuration. Assign the Power Users group the Deny - Full Control permission

单项选择题Exhibit: You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows XP Professional. Users in the human resources department are members of a domain user group named TestKingHR. You create and share a folder named TestKingHRFiles on a member server named TestKing4. You configure permissions on the TestKingHRFiles as shown in the exhibit. Marie, a user in the human resources department, create a file in TestKingHRFiles. At Maries request, you assign the Deny - Delete special permission on her file to the HR Group. The next day, Veronika reports that her file is deleted. You need to reconfigure the permissions on TestKingHRFiles. You must fulfil the following requirements: 1. Members of the TestKingHR group must be able to read, create, and modify files. 2. Members of the TestKingHR group must not be able to delete files on which they have no access permission. 3. Members of the TestKingHR group must not be able to delete files that they do not have permission to delete. What should you do?()

A. In the share permissions, assign the Deny - Change permission to the TestKingHR group.
B. In the NTFS permissions, assign the Allow - Read permission to the TestKingHR group.
C. In the share permissions, assign the Allow - Read permission to the TestKingHR group.
D. In the NTFS permissions, assign the Allow - Modify permission to the TestKingHR group.