You are the desktop administrator for Contoso, Ltd. The company's network contains 1,000 Windows XP Professional computers, which are members of a single Active Directory domain. The computers' hard disks are formatted as NTFS. The company's software developers release a new custom application. The application uses a .dll file named AppLib.dll, which is installed in a folder named \Program Files\Contoso\OpsApp. The company's help desk technicians report that several users experience problems when they use the application because the AppLib.dll file was deleted on their client computers. The company's software developers recommend that you modify the file permissions on AppLib.dll so that users have only Read permission on the file. You need to ensure that all users have only Read permission on the AppLib.dll file on all 1,000 Windows XP Professional computers.
What should you do?（） 

单项选择题You are the desktop administrator for one of your companys branch offices. The network in the branch office contains 20 Windows XP Professional computers. Windows XP Professional was installed on the computers by using a RIS image. The computers also use a security template named Standard.inf, which you created and applied to the computers. The companys information security department releases a new security template named Corporate.inf. You are instructed to apply Corporate.inf to all 20 Windows XP Professional computers in your office. You are also instructed to make a list of all policies that are defined in Corporate.inf but that are not already enforced on the Windows XP Professional computers. You import Corporate.inf into the Security Configuration and Analysis console on your Windows XP Professional computer. The analysis is shown in the exhibit. You need to document the security policies that will be enforced for the first time when Corporate.inf is applied to the computers in your office. Which policies should you document?（）

A.the policies that are displayed with an X or an exclamation point in the analysis
B.the policies that are displayed with a check mark in the analysis 
C.the policies that are displayed as Enabled in the Computer Setting column
D.the policies that are displayed as Disabled in the Computer Setting column

单项选择题You are the administrator of the Windows XP Professional portable computers that are used by your companys sales representatives. The computers are members of a Windows 2000 domain. A Windows 2000 Server computer named Server1 contains the sales data used by the sales representatives in a shared folder named Data. When sales representatives travel, they use the Offline Files feature to access the files in the  Server1 Data shared folder. You want to ensure that the offline files on the portable computers are not accessible by unauthorized persons, in the event that a portable computer is lost. What should you do?（）

A.Instruct the sales representatives to configure the permissions on the offline files on their portable computers to allow access for only their user accounts. 
B.On Server1, configure the permissions on all files in the Data shared folder to allow access for only the sales representatives. 
C.Use a Group Policy object (GPO) to enable the Encrypt the Offline Files cache option for the portable computers. 
D.On the portable computers, enable encryption of the %systemroot%\CSC folder.
E.Apply this setting to the folder and files in the CSC folder.
F.On Server1, encrypt all files in the Data shared folder. 

单项选择题You are a help desk technician for your company. All users have Windows XP Professional computers. Ten users run a custom application named Finance on their computers. Finance stores user passwords in a file named Passwords.ini. By default, the Passwords.ini file is stored in a folder named C: Winnt App1.  The location and name of the file can be changed by an administrator. Each Passwords.ini file is unique. Each computer contains a single logical drive, which is drive C and is formatted as NTFS. In order to comply with a new company security policy, you need to ensure that the Passwords.ini files are encrypted. What should you do?（）

A.In the properties of the C:\Winnt\App1 folder, use Windows Explorer to select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box. 
B.Ask a network administrator to share a new encrypted folder named PassFiles on a network server and to permit users to read the files contained within the folder. Copy the Passwords.ini file from each computer into the PassFiles folder. On each computer, configure Finance to use the Passwords.ini file in the PassFiles folder.
C.Create a folder named C:\Files. Copy the Passwords.ini file to the C:\Files folder. In the properties of the C:\Files folder, select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box. Configure Finance to use the C:\Files\Passwords.ini file. 
D.Create a folder named C:\Files. Move the Passwords.ini file to the C:\Files folder. Instruct the user of each computer to open the properties of the C:\Files folder and select the option to encrypt the contents of the folder. Accept the default settings on the Confirm Attributes Changes dialog box. Configure Finance to use the C:\Files\Passwords.ini file. 

单项选择题You are the administrator of a Windows XP Professional computer named Pro1.  The computer is connected to the Internet. Pro1 provides Internet access to eight other Windows XP Professional computers that are connected to Pro1. You enable Internet Connection Sharing （ICS） and Internet Connection Firewall （ICF） on Pro1. You run an application named App1 on Pro1.  App1 communicates with an online training company on the Internet. In order to display an online seminar， the training company needs to contact the App1 application at port 5800. You want to ensure that the training company can connect to the App1 application. What should you do?（）

A.Configure ICF to enable the Internet Control Message Protocol (ICMP) Allow redirect option. Then start the App1 application that opens port 5800.  
B.Create a new service definition named App1.  Use port 5800 as the external and internal port number. 
C.Edit the %systemroot%\System32\Drivers\Etc\Services file on Pro1 to include a service definition named App1 for port 5800.  
D.Change the TCP/IP settings on Pro1 to enable TCP/IP filtering. Permit network traffic on port 5800. 

单项选择题You are a help desk technician for your company. The company network consists of a single Active Directory domain. All client computers run Windows XP Professional. The help desk technicians use Remote Assistance to remotely control user sessions to provide online support to users. The users currently use Microsoft Exchange and Microsoft Outlook to submit Remote Assistance invitations to the help desk technicians. Stephen is a user in the sales department. Stephen has a portable computer and frequently travels to customer locations. While Stephen is in the corporate office, he submits a Remote Assistance invitation to the help desk. When you attempt to answer the invitation and establish the Remote Assistance session, you receive the error message shown in the exhibit. You verify that Stephens computer is connected to the network and that he did not cancel the invitation. You also verify that the invitation did not expire. You do not experience similar problems when establishing Remote Assistance sessions with other computers. You need to be able to establish a Remote Assistance session with Stephens computer. What should you do?（）

A.Enable the Remote Desktop service definition in Internet Connection Firewall (ICF) on Stephen's computer.
B.Add your user account to the Remote Desktop Users list on Stephen's computer. 
C.In the System properties of Stephen's computer, select the Allow users to connect remotely to this computer option, and add your user account to the list of allowed users. 
D.In the Local Security Policy of Stephen's computer, grant your user account the Allow logon through Terminal Services user right.