You are the network administrator for Active Directory domain. The
domain includes Windows Server 2003 domain controllers and Windows XP
Professional client computers.
A new administrator named Sandra is hired to assist you in deploying Windows XP
Professional to 100 new computers. Sandra installs the operating system on a new
computer named TestKing11.
However, when Sandra tries to log on to the domain from TestKing11, she is
unsuccessful. The logon dialog box does now allow her to view and select the domain
name.
You need to ensure that Sandra can log on to the domain from TestKing11.
What should you do?（）

单项选择题You are the domain administrator for TestKings Active Directory domain. The domain consists of four domain controllers named TestkingDC1, TestkingDC2, TestkingDC3, and TestkingDC4. TestkingDC1 and TestkingDC2 run Windows 2000 Server and have the latest service pack installed. TestkingDC3 and TestkingDC4 run Windows Server 2003. All client computers run Windows XP Professional and have the latest service pack installed. You have a new client computer that you plan to use to perform domain administration functions. You need to be able to manage Active Directory users and computers remotely. What should you do?（）

A. Install the Windows Support Tools from the Windows Server 2003 installation CD on your client computer.
B. Install the Adminpak.msi file from the Windows Server 2003 installation CD on your client computer.
C. Use the Help and Support Center tools on your client computer to connect to the domain controller that you need to manage.
D. Use Computer Management on your client computer to connect to the domain controller that you need to manage.

单项选择题You are the network administrator for TestKing. The network consists of a single Active Directory domain. All servers run Windows Server 2003. The domain contains two domain controllers named Testking1 and Testking2. You use a Windows XP Professional client computer named Client1. In Active Directory, the domain administrator creates two new user accounts named NetAdmin1 and AdminUser1. The NetAdmin1 account is a member of the Domain Admins global group. The AdminUser1 account is a member of only the Users local group. You assign the AdminUser1 logon account the Allow log on locally user right in the Default Domain Controller Group Policy object (GPO). A new written security policy states that user accounts that are member of the Domain Admins global group should not be used to log on to the console of a domain controller. It also states that administrative tasks should be performed by using the Secondary Logon service. You need to create a new computer account in Active Directory, and you must comply with the new company security policy. What should you do?（）

A. Log on to Testking1 by using the AdminUser1 user account. Run the dsa.msc command.
B. Log on to Testking1 by using the NetAdmin1 user account. Run the dsa.msc command.
C. Log on to Client1 by using the AdminUser1 user account. Run the runas /user:netadmin1 dsa.msc
D. Log on to Client1 by using the NetAdmin1 user account. Run the runas /user:adminuser1 dsa.msc

多项选择题You are the network administrator for The network consists of a single Active Directory domain named The domain contains Windows Server 2003 computers and Windows XP Professional computers. All confidential company files are stored on a file server named TestKing1. The written company security states that all confidential data must be stored and transmitted in a secure manner. To comply with the security policy, you enable Encrypting File System (EFS) on the confidential files. You also add EFS certificates to the data decryption field (DDF) of the confidential files for the users who need to access them. While performing network monitoring, you notice that the confidential files that are stored on TestKing1 are being transmitted over the network without encryption. You must ensure that encryption is always used when the confidential files on TestKing1 are stored and transmitted over the network. What are two possible ways to accomplish this goal?（） (Each correct answer presents a complete solution. Choose two)

A. Enable offline files for the confidential files that are stored on TestKing1, and select the Encrypt offline files to secure data check box on the client computers of the users who need to access the files.
B. Use IPSec encryption between TestKing1 and the client computers of the users who need to access the confidential files.
C. Use Server Message Block (SMB) signing between TestKing1 and the client computers of the users who need to access the confidential files.
D. Disable all LM and NTLM authentication methods on TestKing1.
E. Use IIS to publish the confidential files. Enable SSL on the IIS server. Open the files as a Web folder.

单项选择题You are the network administrator for TestKing. The network consists of a single Active Directory domain. All network servers run Windows Server 2003. A member server named TestkingA has a locally attached tape device. TestkingA contains several folders and files that are encrypted by using Encrypting File System (EFS). You create a new user account for a new employee named Victoria. Victorias user account is member of the Users group only. You need to ensure that Victoria can back up the encrypted folders and files on TestkingA. Victoria must be assigned the minimum administrative privileges needed to complete this task. What should you do?（）

A. Add Victoria's domain user account to the Administrators group.
B. Add Victoria's user account to the Backup Operators group.
C. Assign the Allow - Full Control permission on the encrypted folders and files to Victoria.
D. Designate Victoria as a recovery agent for the encrypted files.

单项选择题You are the network administrator for TestKing. The network consists of a single Active Directory domain. All network servers run Windows Server 2003. Half of the client computers run Windows XP Professional, and the other half run Windows NT 4.0 Workstation. You install Terminal Services on three member servers named Testking1, Testking2, and Testking3. Each server has a single Pentium III 600-Mhz CPU with 512 MB of RAM and a single-channel EIDE disk subsystem. You place all three terminal servers in an organizational unit (OU) named Terminal Server. You link a Group Policy Object (GPO) to the Terminal Server OU. Several days after the installation, users report that the performance of all three terminal servers is unacceptably slow. You discover that each server has at least 50 active sessions at once. You need to improve the performance of all three terminal servers. You must achieve this goal by using the minimum amount of administrative effort, without upgrading any hardware. What should you do?（）

A. Log on to the console of each terminal server. In the RDP-Tcp connection properties, set the Maximum connections option to 35.
B. Edit the GPO to set the Limit number of connections policy to 35.
C. Modify all domain user accounts to set the When a session limit is reached or broken user property to End session.
D. Edit the GPO to enable the Remove Disconnected option from shutdown dialog policy