多项选择题
You are the network administrator for The network consists of a single Active Directory domain named The domain contains Windows Server 2003 computers and Windows XP Professional computers.
All confidential company files are stored on a file server named TestKing1. The written company security states that all confidential data must be stored and transmitted in a secure manner. To comply with the security policy, you enable Encrypting File System (EFS) on the confidential files. You also add EFS certificates to the data decryption field (DDF) of the confidential files for the users who need to access them.
While performing network monitoring, you notice that the confidential files that are stored on TestKing1 are being transmitted over the network without encryption.
You must ensure that encryption is always used when the confidential files on TestKing1 are stored and transmitted over the network.
What are two possible ways to accomplish this goal? ()(Each correct answer presents a complete solution. Choose two)
A. Enable offline files for the confidential files that are stored on TestKing1, and select the Encrypt offline files to secure data check box on the client computers of the users who need to access the files.
B. Use IPSec encryption between TestKing1 and the client computers of the users who need to access the confidential files.
C. Use Server Message Block (SMB) signing between TestKing1 and the client computers of the users who need to access the confidential files.
D. Disable all LM and NTLM authentication methods on TestKing1.
E. Use IIS to publish the confidential files. Enable SSL on the IIS server. Open the files as a Web folder.
相关考题
-
单项选择题
You are the network administrator for The network consists of a single Active Directory domain named The intranet Web site is hosted on a Windows Server 2003 computer named TestKing4, which is a member of a workgroup. All client computers are members of the domain and are enabled for IPSec. The network security administrator creates a new security policy for TestKing4. The policy states that only HTTP traffic is permitted, that HTTP traffic must be encrypted, and that all computers must be authenticated. The new security policy is implemented. Domain users report that they are not able to connect to TestKing4. You load the IP Security Monitor snap-in, and you view the details shown in the following window. You need to ensure that all domain users can securely connect to TestKing4. What should you do?()
A. Install a digital certificate on TestKing4.
B. Make TestKing4 a member of the domain.
C. Change the source and destination ports for outbound traffic.
D. Change the source and destination ports for inbound traffic. -
单项选择题
You are the network administrator for The network consists of a single Active Directory domain named All network servers run Windows Server 2003. A member server named TK1 runs IIS. You install a Web-enabled application on TK1. The application includes a security feature that detects unauthorized attemptsto access the server. Whenever an authorized attempt is detected, the application automatically modifies the IIS configuration file to restrict the unauthorized users access. To test the security feature, you try to gain unauthorized access to TK1. Twenty seconds after your first attempt, you try again. However, TK1 does not restrict your access on the second attempt. You wait five minutes, and then you examine the IIS configuration file. You verify that it was correctly modified by the application to restrict your access. You need to configure IIS to ensure that changes in the IIS configuration file will result in immediate changes in the behaviour of IIS. What should you do?()
A. Select the Enable Direct Metabase Edit option.
B. Specify the service account for the Application Pool as the IIS service account.
C. Select the Enable Rapid-Fail protection option.
D. Specify the status of the Internet Data Connector Web service extension as Allow. -
单项选择题
You are the network administrator for The network consists of a single Active Directory domain named testking.com. All domain controllers run Windows Server 2003. A member server named TestKing3 has IIS installed. TestKing3 hosts all content for company web sites. The server is backed up on magnetic tape once each month. To replace the web functionality of TestKing3, the company acquires a new computer. You configure the computer as a member server named TestKing4 and install IIS. You transfer all content from TestKing3 to TestKing4 and start the IIS service on TestKing4. You discover that TestKing4 is not configured with the IIS settings that were defined on TestKing3. You need to ensure that TestKing4 has the same IIS settings that were defined on TestKing3. What should you do?()
A. Use the most recent backup tape of TestKing3 to restore the System State data on TestKing4.
B. Use the most recent backup tape of TestKing3 to restore C:\windows\system32\inetsrv\History on TestKing4.
C. Use IIS manager on TestKing3 to select the Save Configuration to Disk option. Edit the files to replace system-specific information. Use the edited files to restore the IIS metabase on TestKing4.
D. Use IIS manager on TestKing3 to select the Backup/Restore Configuration option. Edit the files to replace system-specific information. Use the edited files to restore the IIS metabase on TestKing4.
