多项选择题

You need to design an access control strategy for the external and intranet Web sites. Which two actions should you perform？（）

A.Enable SSL on the external Web site by using a Microsoft cryptographic service provider （CSP）
B.Enable Microsoft .NET Passport authentication on the external Web site. Use Passport Level 0 with SSL on the external Web site
C.Enable SSL on the external Web site by using a commercial digital certificate
D.Enable SSL on the intranet Web site by using an internal server certificate
E.Enable SSL on the external Web site by using an internal server certificate

<上一题目录下一题>

热门试题

单项选择题YouneedtodesignapatchmanagementstrategyforNorthwindTraders.Whatshouldyoudo？（）

A.Configure the Default Domain Policy Group Policy object （GPO） for the northwindtraders.com domain to configure client computers to download updates from the SUS server in New York. Configure the Default Domain Policy GPO for the boston.northwindtraders.com domain to configure client computers to download updates from the SUS server in New York
B.Use Group Policy to configure client computers to download updates from a Windows Update server on the Internet. Configure the Default Domain Policy Group Policy object （GPO） with a startup script that runs Mbsacli.exe. Configure it to scan the computers in both of the branch offices
C.Install and configure a SUS server in the Boston branch office. Configure the server to download updates from a Windows Update server on the Internet. Configure Microsoft Baseline Security Analyzer （MBSA） to scan for updates and computers in the New York office
D.Install and configure a SUS server in each branch office. Configure the SUS servers to download updates from the New York SUS server. Configure Microsoft Baseline Security Analyzer （MBSA） to scan for updates on computers in the New York office

单项选择题YouneedtodesignaPKIfortheNorthwindTradersinternalnetwork.Whatshouldyoudo？（）

A.Add an enterprise root CA to the northwindtraders.com domain. Configure cross-certification between the northwindtraders.com domain and the boston.northwindtraders.com domain
B.Add an enterprise subordinate issuing CA to the northwindtraders.com domain. Configure qualified subordination for the enterprise subordinate issuing CA in Boston
C.Add enterprise subordinate issuing CAs to the New York， Boston， and Seattle LANs. Configure qualified subordinations for each enterprise subordinate issuing CA
D.Add a stand-alone commercial issuing CA to only the northwindtraders.com domain. Configure cross-certification between the commercial CA and the boston.northwindtraders.com domain

多项选择题YouneedtodesignasecuritystrategyfortheWebfoldersandfilescreatedbytheconsultantsandtheinternalWebdevelopers.Whataretwopossiblewaystoachievethisgoal？（）

A.Require the internal Web developers to use Telnet with Kerberos authentication. Require the consultants to use L2TP with IPSec
B.Require the internal Web developers to use Encrypting File System （EFS） over Web Distributed Authoring and Versioning （WebDAV）. Require the consultants to use Microsoft.NET Passport authentication with Security Level 0
C.Require the internal Web developers to use Web Distributed Authoring and Versioning （WebDAV） over SSL.Require the consultants to use WebDAV over SSL
D.Require the internal Web developers to use L2TP with IPSec. Require the consultants to use Encrypting File System （EFS） over Web Distributed Authoring and Versioning （WebDAV）
E.Require the internal Web developers to use Web Distributed Authoring and Versioning （WebDAV） over SSL.Require the consultants to use L2TP with IPSec

多项选择题Youneedtodesignastrategytoincreasesecurityfortheclientcomputersinthefinancedepartment.Whichtwoactionsshouldyouperform？（）

A.Enable automatic certificate enrollment
B.Enforce smart card logons
C.Enable Encrypting File System （EFS） for offline files
D.Enable a screen saver password

单项选择题YouneedtodesignasecuritystrategyforcommunicationsbetweentheBostonandNewYorkoffices.Whatshouldyoudo？（）

A.Configure RRAS2 as a VPN server. Use Web enrollment to acquire computer certificates for both RRAS1 and RRAS2. Create demand-dial L2TP/IPSec connections on both RRAS1 and RRAS2. Configure dial-out credentials on both RRAS1 and RRAS2. Enable the Basic Firewall settings on RRAS1 and RRAS2
B.Configure RRAS2 as a VPN server. Create demand-dial L2TP/IPSec connections on both RRAS1 and RRAS2. Configure dial-out credentials on both RRAS1 and RRAS2. Configure static routes on both RRAS1 and RRAS2. Set the connection type to persistent on the demand-dial interface on both RRAS1 and RRAS2
C.Create a new OU named RRAS Servers in the boston.northwindtraders.com domain. Move RRAS1 into the RRAS Servers OU. On the Default Domain Policy Group Policy object （GPO）， edit the Secure Server （Require Security） IPSec policy. Configure the IPSec policy to use a certificate for authentication. Specify RRAS2 as the tunnel endpoint. Assign the IPSec policy.
D.Create a new OU named RRAS Server in the northwindtraders.com domain. Move the RRAS2 into the RRAS Servers OU. On the RRAS Servers OU create new Group Policy object （GPO） named IPSECPOL. In IPSECPOL create an IPSec policy and specify RRAS as the tunnel.