| < Day Day Up > |
|
1. | You are configuring a new security template for a computer running Windows Server 2003. The computer will be running IIS. The server will be accessed only by users who have specific log on names and passwords. The new security template is called IIS- SERVERS. You have configured the Audit Policy section so that the “Audit account logon events” and “Audit logon events” sections will audit success and failure. You are currently editing the Event Log settings of the template. The editing window is displayed in the figure below. You want to ensure that the log that records the user’s name and the location that they are coming from remains recorded until the relevant log is manually cleared. You also want to set the maximum log size of the relevant log to 16,385 KB. Which policies from this figure should you configure by using the security template? (Select two.)
|
|
2. | You have created a domain local security group named IISADMINS in the single domain that is used at your organization. This group will be assigned special permissions and rights on your organization’s Web servers. You want to limit the membership of that group to four users: Orin, Oksana, Kasia, and Shan. The computers running Windows Server 2003 that host the organization’s Web Servers have all been placed in an organizational unit named IISSERV. IISSERV is a child OU of the MEMBERSERV OU. There are three sites at your company: HQ, Branch One, and Branch Two. Two IIS servers are located at Branch One, three are located at HQ, and one is located at Branch Two. You have configured the restricted groups node of a security template as shown in the figure below. The IISADMINS group has been assigned permissions only on the servers that are located within the IISSERV OU. Which of the following methods represents the best way of using this security template to meet your goal of limiting the membership of the IISADMINS group to the specified users?
|
|
3. | Rooslan is the senior systems administrator at Tailspin Toys. There is a group of developers at the company who need to be given access to modify the HKEY_LOCAL_MACHINE hive on member systems running Microsoft Windows XP Professional and Windows Server 2003. These member systems are located within the EASTDEV organizational unit. All of the developers’ user accounts are also located in the EASTDEV organizational unit. Which of the following courses of action should Rooslan take to ensure that only the developers get the required access to the HKEY_LOCAL_MACHINE hive, and that they get access only to the specified computers?
|
|
4. | Rooslan works for a medium-sized enterprise that has a single Windows Server 2003 functional level domain. Rooslan has the following goals for the security configuration of a group of workstations running Windows XP Professional that belong to members of the DEVELOPERS security group. Primary Goal: That the IPSEC Services, the Error Reporting Service, the Indexing Service, and the Smart Card service can all be started, stopped, and paused by members of the DEVELOPERS security group. First Secondary Goal: That members of the DEVELOPERS group be given full control over the HKEY_LOCAL_MACHINE\HARDWARE, HKEY_LOCAL_MACHINE\SOFTWARE, and HKEY_LOCAL_MACHINE\SYSTEM hives of the registry on their workstations running Windows XP Professional. Second Secondary Goal: That the right to debug programs, adjust memory quotas for a process, and increase scheduling priority be assigned to members of the DEVELOPERS group. Which of these goals can Rooslan achieve by configuring a security template and importing it into a GPO that is applied to an organizational unit in which the workstations running Windows XP Professional belonging to members of the DEVELOPERS security group reside? (Select one.)
|
|
5. | Part of understanding the benefits of security templates is understanding what the limitations of those templates are. Which of the following policies can be configured by importing a security template? (Select all that apply.)
|
|
6. | Which tool would you use to configure policy files for clients running Windows NT Workstation 4.0 that are located in a Windows Server 2003 mixed mode domain?
|
|
Answers
1. | Correct Answers: B and E
|
2. | Correct Answers: B
|
3. | Correct Answers: C
|
4. | Correct Answers: A
|
5. | Correct Answers: A and E
|
6. | Correct Answers: A
|
| < Day Day Up > |
|