单项选择题

You are the network administrator for your company. The network consists of a single Active
Directory forest. The forest consists of 19 Active Directory domains. Fifteen of the domains contain Windows Server 2003 domain controllers. The functional level of all the domains is Windows 2000 native. The network also consists of a single Microsoft Exchange 2000 Server organization. You need to create groups that can be used only to send e-mail messages to user accounts throughout the company. You want to achieve this goal by using the minimum amount of replication traffic and minimizing the size of the Active Directory database. You need to create a plan for creating e-mail groups for your company.
What should you do？（）

A. Create global distribution groups in each domain. Make the appropriate users from each domain members of the global distribution group in the same domain. Create universal distribution groups. Make the global distribution groups in each domain members of the universal distribution groups.
B. Create global security groups in each domain. Make the appropriate users from each domain members of the security group in the same domain. Create universal security groups. Make the global security groups in each domain members of the universal security groups.
C. Create universal distribution groups. Make the appropriate users from each domain members of a universal distribution group.
D. Create universal security groups. Make the appropriate users from each domain members of a universal security group.

<上一题目录下一题>

热门试题

多项选择题Your company has a single Active Directory directory service forest. All user accounts are located in the Users container. You need to create a number of organizational units （OUs） that will be used to store user accounts. What are two possible ways to achieve this goal？（）

A. Use the Active Directory Sites and Services snap-in.
B. Use the Active Directory Users and Computers snap-in.
C. Use the Dsadd command-line tool with the OU parameter.
D. Use the Dsmod command-line tool with the OU parameter.

单项选择题You are the network administrator for your company. Your network consists of a single Active Directory domain. Three security groups named Accountants， Processors， and Management are located in an organizational unit （OU） named Accounting. All of the user accounts that belong to these three groups are also in the Accounting OU. You create a Group Policy object （GPO） and link it to the Accounting OU. You configure the GPO to disable the display options under the User Configuration section of the GPO. You need to achieve the following goals： You need to ensure that the GPO applies to all user accounts that are members of the Processors group. You need to prevent the GPO fromapplying to any user account that is a member of the Accountants group. You need to prevent the GPO from applying to any user account that is a member of the Management group， unless the user account is also a member of the Processors group. What should you do？（）

A. Modify the discretionary access control list （DACL） settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL of the GPO to assign the users who are in both the Accountants and Management security groups the Allow - Read and the Allow - Apply Group Policy permissions.
B. Modify the discretionary access control list （DACL） settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Create a new security group named Mixed that contains all the user accounts from the Processors group and the specific user accounts from the Management group to which you want the GPO to apply. Modify the DACL of the GPO to assign the Mixed security group the Allow - Read and the Allow - Apply Group Policy permissions.
C. Modify the discretionary access control list （DACL） settings of the GPO to assign the Accountants security group the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL settings of the GPO to remove the Authenticated Users special group. Modify the DACL settings of the GPO to add the Processors group and assign the Allow - Read and the Allow - Apply Group Policy permissions.
D. Modify the discretionary access control list （DACL） settings of the GPO to assign the Accountants security group the Deny - Read and the Allow - Apply Group Policy permissions. Modify the DACL settings of the GPO to assign the Management security group the Deny - Read and the Deny - Apply Group Policy permissions.

单项选择题You have a single Active Directory directory service domain. All client computers run either Windows Vista or Windows XP. You create and configure a Group Policy object （GPO） named Secure Client Computer. You need to ensure that the Secure Client Computer GPO is automatically applied to current and future Windows XP client computers. What should you do？（）

A. Create a WMI filter that limits the scope of the Secure Client Computer GPO to the Windows XP operating system. Link the WMI filter to the GPO. Link the GPO to the domain.
B. Create a global security group that contains all of the Windows XP client computers. Edit the permissions of the Secure Client Computer GPO to allow the global security group the Read and Apply Group Policy permissions. Link the Secure Client Computer GPO to the domain.
C. Use the Delegation of Control Wizard at the domain level， and delegate the Generate Resultant Set of policy （Planning） right to the Windows XP client computers. Link the Secure Client Computer GPO to the domain.
D. Use the Delegation of Control Wizard at the domain level， and delegate the Generate Resultant Set of policy （Logging） right to the Windows XP client computers. Link the Secure Client Computer GPO to the domain.

多项选择题Your network consists of Windows XP computers in a single Active Directory directory service domain. All computers are located in a single Active Directory site. You need to design and deploy a new Group Policy object （GPO） that automatically installs a custom application on computers. What are two possible ways to achieve this goal？（）

A. Link the GPO to the domain and assign the application.
B. Link the GPO to the site and assign the application.
C. Link the GPO to the domain and publish the application.
D. Link the GPO to the site and publish the application.

单项选择题Your company plans to distribute an application to all of its client computers by using GroupPolicy. You save a file named setup.msi to a local folder on the domain controller. You assign the Authenticated Users group the Read and Read &&ensp;Execute permissions for the folder. You create a new Group Policy object （GPO） and a new Computer Configuration software installation package， and you point the package to the setup.msi file in the local folder. You link the GPO to an organizational unit （OU） that contains a computer object for a test client computer. When you log on to the test client computer， you notice that the application is not installed. You need to ensure that the application is installed on the test computer. What should you do？（）

A. Modify the permissions on the folder that contains the setup.msi file so that authenticated users have the List Folder Contents permission. Log off the client computer and then log on.
B. Modify the permissions on the folder that contains the setup.msi file so that authenticated users have the List Folder Contents permission. Restart the client computer.
C. Place the setup.msi file into a shared folder. Modify the software installation package to point to the shared folder. Log off the client computer and then log on.
D. Place the setup.msi file into a shared folder. Modify the software installation package to point to the shared folder. Restart the client computer.