You need to identify potential security threats. Which of the following security breaches might occur under the current IT and security practices？（Choose all that apply）（）A、A virus that infects an IT administrator’s client computer could gain domain admin

第1题：

You are the network administrator for The network consists of a single Active Directory domain named All five domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. The domain's audit policy ensures that all account logon events are audited. A temporary employee named King uses a client computer named TestKing1. When King's temporary assignment concludes, his employment is terminated. Now you need to learn the times and dates when King logged on to the domain. You need to accomplish this goal by reviewing the minimum amount of information. What should you do?（）

• A、Log on to TestKing1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for King's user account.
• B、Log on to TestKing1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for the TestKing1 computer account.
• C、Use Event Viewer to view the security log on each domain controller. Use the Find option to list only the events for King's user account.
• D、Use Event Viewer to view the security log on each domain controller. Set a filter to list only the events for King's user account.
• E、Use Event Viewer to view the security log on each domain controller. Set a filter to list only the events for the TestKing1 computer account.

第2题：

You have a single Active Directory directory service domain. All client computers run either Windows Vista or Windows XP. You create and configure a Group Policy object （GPO） named Secure Client  Computer. You need to ensure that the Secure Client Computer GPO is automatically applied to current  and future Windows XP client computers.  What should you do？（）

• A、 Create a WMI filter that limits the scope of the Secure Client Computer GPO to the Windows XP operating system. Link the WMI filter to the GPO. Link the GPO to the domain.
• B、 Create a global security group that contains all of the Windows XP client computers. Edit the permissions of the Secure Client Computer GPO to allow the global security group the Read and Apply Group Policy permissions. Link the Secure Client Computer GPO to the domain.
• C、 Use the Delegation of Control Wizard at the domain level， and delegate the Generate Resultant Set of policy （Planning） right to the Windows XP client computers. Link the Secure Client Computer GPO to the domain.
• D、 Use the Delegation of Control Wizard at the domain level， and delegate the Generate Resultant Set of policy （Logging） right to the Windows XP client computers. Link the Secure Client Computer GPO to the domain.

第3题：

Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create a security update scan procedure for client computers. You need to choose a security tool that supports all the client computers.  Which tool should you choose？ （）

• A、 UrlScan Security Tool
• B、 Enterprise Scan Tool （EST）
• C、 Malicious Removal Tool （MRT）
• D、 Microsoft Baseline Security Analyzer （MBSA）

第4题：

Your company uses Windows Update to download and install security updates on client computers. When Microsoft releases a security update， you have the following requirements：   Establish which client computers require the security update.   Identify what changes will occur as a result of the security update.  Identify which applications might be affected by the security update.    You need to select the appropriate tool to detect application-compatibility issues.   What should you do？（）

• A、Use the Inventory Collector.
• B、Use the Setup Analysis Tool.
• C、Use the Update Compatibility Evaluator.
• D、Use the Windows Compatibility Evaluator.

第5题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All five domain controllers run Windows Server 2003, and all client computers run Windows XP Professional. The domain's audit policy ensures that all account logon events are audited. A temporary employee named Peter uses a client computer named Client1. When Peter's temporary assignment concludes, his employment is terminated. Now you need to learn the times and dates when Peter logged on to the domain. You need to accomplish this goal by reviewing the minimum amount of information. What should you do?（）

• A、Log on to Client1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for Peter's user account.
• B、Log on to Client1 as a local Administrator. Use Event Viewer to view the local security log. Use the Find option to list only the events for the Client1 computer account. Use Event Viewer to view the security log on each domain controller. Use the Find option to list only the events for Peter's user account. Use Event Viewer to view the security log on each domain controller.
• C、Set a filter to list only the events for Peter's user account. Use Event Viewer to view the security log on each domain controller.
• D、Set a filter to list only the events for the Client1 computer account.

第6题：

You manage a software update infrastructure by using Windows Server Update Services (WSUS) 3.0. All client computers run Windows XP Professional Service Pack 3 (SP3). The client computers receive Automatic Updates from the WSUS server, and they are configured to install Automatic Updates immediately. From the Update Services console, you approve a required security update for all client computers. You need to force a client computer to apply the required security update as soon as possible. Which tool should you use? （）

• A、Secedit
• B、Wuauclt
• C、Wsusutil
• D、Gpupdate

第7题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. You need to implement a new software update infrastructure.  You discover that security patches， critical updates， and service packs have never been installed on any client computer on the network. You install Windows Server Update Services （WSUS） on a Windows Server 2003 computer named Server5. You synchronize and approve all of the current security patches， critical updates， and service packs. You need to ensure that all client computers receive all Microsoft security patches， critical updates， and service packs.  Which two actions should you perform？（）

• A、Open the WSUS console. Select the option to automatically approve WSUS updates.
• B、Install the Automatic Updates client on all client computers.
• C、Modify the Microsoft Update settings of the Default Domain Controller organizational unit （OU） Group Policy object （GPO） to point client computers to http ：//server5.
• D、Modify the Microsoft Update settings of the Default Domain Policy Group Policy object （GPO） to point client computers to http： //server5.
• E、Open the WSUS console. Create a target group and assign all client computers to the group.

第8题：

The company wants to evaluate making all business office users administrators on their client computers. You need to design a method to ensure that this change can be made in a manner that meets business and security requirements. What should you do？（）

• A、On all domain controllers， implement registry access auditing for all registry keys that are considered sensitive by the company’s written security policy
• B、On all client computers， implement logon auditing for all user account logons
• C、On all client computers， configure registry access auditing for all registry keys that are considered sensitive by the company’s written security policy
• D、On all domain controllers， implement logon auditing for all user account logons

第9题：

You are the desktop administrator for your company. The company's network consists of a single Microsoft Windows NT domain. The network contains 2,000 Windows XP Professional computers.  The information security department releases a new security template named NewSecurity.inf. You are instructed to apply the new template to all 2,000 Windows XP Professional computers. You use the Security Configuration and Analysis console to import NewSecurity.inf into a security database named NewSec.sdb. You copy NewSec.sdb to a folder named Sec on a server named Server1. You need to apply NewSecurity.inf to the Windows XP Professional computers. What should you do?（） 

• A、Use the Security Configuration and Analysis console to export a template named NewSec.inf from NewSec.sdb. Copy NewSec.inf to each client computer. 
• B、Write a logon script that copies NewSec.sdb to the %systemroot%/System32 folder on each client computer. 
• C、Copy NewSec.sdb to the Netlogon shared folder on each domain controller. 
• D、Write a logon script that runs the Secedit /configure /db //Server1/Sec/NewSec.sdb command. Apply the logon script to all domain user accounts. 

第10题：

A user named Marie uses a Windows 2000 Professional computer named Client1 to process payroll records. Marie reports that she can no longer run her financial applications. You determine that file permissions have been applied incorrectly to her computer. You want to configure Client1 to have the same security configuration and file permission settings that were applied when the computer was installed.  What should you do?（）

• A、Grant usersFull Controlpermission to the C drive and all child folders
• B、Use the Recovery Console to restore system files
• C、Use Security Configuration and Analysis to apply the Secure security template to Client1
• D、Use Security Configuration and Analysis to apply the Default security template to Client 1