多选题You are configuring an LDAP authentication server, and you want to configure role-mapping rules based on group membership. When you attempt to search for groups in the server catalog, no groups appear.Assuming the LDAP server is reachable and functioni

第1题：

You work as a network administrator at， You have been asked to configure 802.1x port-based authentication. You notice that the client workstation is not compatible with 802.1x port-based authentication.  What supported authentication server should be chosen？（）

• A、TACACS with LEAP extensions
• B、RADIUS with EAP extensions
• C、TACACS+
• D、LDAP

第2题：

You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All client computers run Windows XP Professional. You install Software Update Services (SUS) on a network server named Testking1. When you attempt to synchronize Testking1 with the Windows Update servers, you receive an error message. You suspect that your proxy server requires authentication. You open Internet Explorer and verify that you can communicate with an external Web site by using the proxy server. You need to ensure that Testking1 can communicate with the Windows Update servers. What should you do on Testking1?（）

• A、Restart the IIS administration tool.
• B、Configure the Internet Explorer settings to bypass the proxy server.
• C、In the SUS options, configure authentication to the proxy server.
• D、Install the Microsoft Firewall Client.

第3题：

第4题：

You work as the IT professional in an international company which is named Wiikigo. You are experiencedin implementing and administering a network operating system. You are specialized in deploying servers，configuring Windows Server 2008 Terminal services and network application services， and configuring aweb services infrastructure. You are in charge of a server that runs Windows Server 2008. The server hasthe Web Server （IIS） server role installed. The server contains a Web site that is configured to use onlyWindows Authentication. You have a security group named Group1 that contains several user accounts.Now you receive an order from the company management. According to the company requirement， youhave to prevent the members of Group1 from accessing a Web site. But you are not allowed prevent otherusers from accessing the Web site. Which Web site feature should you configure？（）

• A、You should configure SSL Settings
• B、You should configure Authentication
• C、You should configure Authorization Rules
• D、You should configure IIS Manager Permissions

第5题：

You are the network administrator for your company. Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. You add eight servers for a new application. You create an organizational unit （OU） named Application to hold the servers and other resources for the application. Users and groups in the domain will need varied permissions on the application servers. The members of a global group named Server Access Team need to be able to grant access to the servers. The Server Access Team group does not need to be able to perform any other tasks on the servers. You need to allow the Server Access Team group to grant permissions for the application servers without granting the Server Access Team group unnecessary permissions.  What should you do？（）

• A、 Create a Group Policy object （GPO） for restricted groups. Configure the GPO to make the Server Access Team group a member of the Power Users group on each application server. Link the GPO to the Application OU.
• B、 Grant the Server Access Team group permissions to modify computer objects in the Application OU.
• C、 Move the Server Access Team group object into the Application OU.
• D、 Create domain local groups that grant access to the application servers. Grant the Server Access Team group permissions to modify the membership of the domain local groups.

第6题：

You are configuring an LDAP authentication server, and you want to configure role-mapping rules based on group membership. When you attempt to search for groups in the server catalog, no groups appear.Assuming the LDAP server is reachable and functioning properly, in the admin GUI. Which two parts of the configuration should you verify are correct?（）

• A、Finding user entries
• B、Authentication required
• C、LDAP Server Type
• D、Determining group membership

第7题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.You install Windows Server Update Services （WSUS） on a network server named Server1. When you attempt to synchronize Server1 with the Windows Update servers， you receive an error message. You open Internet Explorer and verify that you can communicate with an external Web site by using the proxy server. You need to ensure that Server1 can communicate with the Windows Update servers.  What should you do on Server1？（）

• A、Restart the IIS administration tool.
• B、Configure the Internet Explorer settings to bypass the proxy server.
• C、In the WSUS options， configure authentication to the proxy server.
• D、Install the ISA Firewall Client.

第8题：

Using an LDAP authentication server, what do you configure to validate certificate attributes?（）

• A、Use the "is exactly" or "contains" operators.
• B、Create a user filter matching the dn of the certificate.
• C、Verify that the certificate is issued by a publicly trusted cs.
• D、Match the certificate type and value with an attribute from the ldap server.

第9题：

You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains Windows Server 2003 file servers. The network also contains a Windows Server 2003 computer named Server1 that runs Routing and Remote Access and Internet Authentication Service （IAS）. Server1 provides VPN access to the network for users’ home computers.   You suspect that an external unauthorized user is attempting to access the network through Server1. You want to log the details of access attempts by VPN users when they attempt to access the network. You want to compare the IP addresses of users’ home computers with the IP addresses used in the access attempts to verify that the users are authorized.  You need to configure Server1 to log the details of access attempts by VPN users.   What should you do？  （）

• A、 Configure the system event log to Do not overwrite.
• B、 In IAS， in Remote Access Logging， enable the Authentication requests setting.
• C、 Configure the Remote Access server to Log all events.
• D、 Create a custom remote access policy and configure it for Authentication-Type.

第10题：

You manage a server named Server2 that runs Windows Server 2008. You install and test the Terminal Services role on Server2. You publish an application by using Terminal Services. All users must connect to the Terminal Services application by using the Remote Desktop Protocol.  You install and configure the Terminal Services Gateway （TS Gateway） role service on Server2. You configure a default domain policy to enable the Enable Connection through TS Gateway setting. Users report that they cannot connect to the Terminal Services application.  You need to ensure that users can access the Terminal Services application on the intranet and from the Internet.  What should you do？（）

• A、Configure the Enable Connection through TS Gateway Group Policy setting to Disabled.
• B、Configure the Set TS Gateway server address Group Policy and configure the IP address of the TSGateway server. Link the GPO to the domain.
• C、Configure Server Authentication on the Remote Desktop Connection client to Always connect， even if server authentication fails for all users.
• D、Enable the Set TS Gateway server authentication method Group Policy to the Ask for credential， use NTLM protocol setting. Link the GPO to the domain.