You are the administrator of 30 Windows XP Professional computers. The computers are not members of a domain. Users of the Windows XP Professional computers encrypt files on the local computers. A user named Stephen reports that he cannot remember his current password. However, he does remember his previous password. Before he changed to his current password, Stephen created a password reset disk. You want to ensure that Stephen can log on to his Windows XP Professional computer again, and that he can open the encrypted files.
What should you do?（） 

单项选择题You are a help desk technician for your company. Your company’s network includes an Active Directory domain and Windows XP Professional computers that are configured as members of the domain. Company policy prohibits users from accessing their computers unless they are authenticated by a domain controller. However, users report that they can log on to their computers, even though a network administrator has told them that a domain controller is not available. As a test, you log off of your computer and disconnect it from the network. You discover that you can log on by using your domain user account. You need to ensure that users cannot access their computers unless they are authenticated by a domain controller. How should you configure the local computer policy on these computers? （）

A.Enable the Require domain controller to unlock policy.
B.Set the Number of previous logons to cache policy to 0.  
C.Remove all user and group accounts from the Log on locally user right. 
D.Remove all user and group accounts from the Access this computer from the network user right. 

单项选择题You are the desktop administrator for one of your companys branch offices. The network in your branch office contains 100 Windows XP Professional computers. The computers are configured with the Compatws.inf security template. One of the network administrators in the companys main office creates a new security template named CompanySec.inf. The new template is designed to be applied to each of the companys Windows XP Professional computers. The users in your branch office have different security requirements from the users in the main office. You need to find out whether the new security template will violate the security requirements of the users in the branch office. What should you do?（）

A.Run the Secedit.exe command in validation mode and specify the new security template.
B.Run the Secedit.exe command in configuration mode and specify the new security template. 
C.Use the Security Configuration and Analysis console to import both templates into a security database, and then perform an Analyze operation. 
D.Use the Security Configuration and Analysis console to import both templates into a security database, and then perform a Configure operation. 

多项选择题You are the desktop administrator for your company. The companys network contains 500 Windows XP Professional computers. The information security department releases a new security template named NewSec.inf. You import NewSec.inf into a security database named NewSec.sdb. You analyze the result, and you review the changes that the template makes. You examine the security policies that are defined in NewSec.inf. You discover that the settings in NewSec.inf have not been implemented on your computer. You need to ensure that the settings in NewSec.inf overwrite the settings in your computers local security policy. What are two possible ways to achieve this goal?（）

A.Run the Secedit /configure /db C:\NewSec.sdb command.
B.Run the Secedit /refreshpolicy machine_policy command.
C.Copy NewSec.inf to the C:\Windows\Inf folder. 
D.Copy NewSec.sdb to the C:\Windows\System32\Microsoft\Protect folder. 
E.Use the Security Configuration and Analysis console to open NewSec.sdb and then to perform a Configure operation. 
F.Use the Security Configuration and Analysis console to export NewSec.sdb to the Defltwk.inf security template. 

单项选择题You are the desktop administrator for your company. The companys network consists of a single Microsoft Windows NT domain. The network contains 2,000 Windows XP Professional computers.  The information security department releases a new security template named NewSecurity.inf. You are instructed to apply the new template to all 2,000 Windows XP Professional computers. You use the Security Configuration and Analysis console to import NewSecurity.inf into a security database named NewSec.sdb. You copy NewSec.sdb to a folder named Sec on a server named Server1. You need to apply NewSecurity.inf to the Windows XP Professional computers. What should you do?（）

A.Use the Security Configuration and Analysis console to export a template named NewSec.inf from NewSec.sdb. Copy NewSec.inf to each client computer. 
B.Write a logon script that copies NewSec.sdb to the %systemroot%\System32 folder on each client computer. 
C.Copy NewSec.sdb to the Netlogon shared folder on each domain controller. 
D.Write a logon script that runs the Secedit /configure /db \\Server1\Sec\NewSec.sdb command. Apply the logon script to all domain user accounts. 

单项选择题You are the desktop administrator for Contoso, Ltd. The companys network contains 1,000 Windows XP Professional computers, which are members of a single Active Directory domain. The computers hard disks are formatted as NTFS. The companys software developers release a new custom application. The application uses a .dll file named AppLib.dll, which is installed in a folder named  Program Files Contoso OpsApp. The companys help desk technicians report that several users experience problems when they use the application because the AppLib.dll file was deleted on their client computers. The companys software developers recommend that you modify the file permissions on AppLib.dll so that users have only Read permission on the file. You need to ensure that all users have only Read permission on the AppLib.dll file on all 1,000 Windows XP Professional computers. What should you do?（）

A.Write a logon script that moves the AppLib.dll file into the %systemroot%\System32 folder.
B.Ensure that Windows File Protection is enabled on all 1,000 Windows XP Professional computers.
C.Apply the logon script to all domain user accounts. 
D.Use the Security Configuration and Analysis console to create a new security template that modifies the file permissions on AppLib.dll. 
E.Use Active Directory Group Policy to import and apply the template to all 1,000 Windows XP Professional computers. 
F.Repackage the custom application in a Windows Installer package.