多选题All consultants belong to a global group named TempWorkers.   You place three file servers in a new organizational unit named SecureServers. The three file servers  contain confidential data located in shared folders.   You need to record any failed at

第1题：

You are a network administrator for TestKing. The network consists of a single Active Directory domain named testking.com. A user named Mrs. King works in the information technology (IT) security department. Mrs. King is a member of the ITSecurity global group. Mrs. King reports that no one in the ITSecurity global group can access the security log from the console of a computer named Testking1. You need to grant the ITSecurity global group the minimum rights necessary to view the security log on Testking1. How should you modify the local security policy?（）

• A、Assign the Generate security audits user right to the ITSecurity global group.
• B、Assign the Manage auditing and security logs user right to the ITSecurity global group.
• C、Assign the Allow logon through Terminal Services user right to the ITSecurity global group.
• D、Assign the Act as part of the operating system user right to the ITSecurity global group.

第2题：

You are the network administrator for The network consists of a single Active Directory domain named All servers run Windows Server 2003. All TestKing data is stored in shared folders on network file servers. The data for each department is stored in a departmental shared folder. Users in each department are members of the departmental global group. Each departmental global group is assigned the Allow - Full Control permission for the corresponding departmental shared folder. TestKing requirements state that all access to shared folders must be configured by using global groups. A user named Dr King works in the sales department. Dr King needs to be able to modify files in the Marketing shared folder. You need to ensure that Dr King has the minimum permissions for the Marketing shared folder that he needs to do his job. You need to achieve this goal while meeting TestKing requirements and without granting unnecessary permissions. What should you do?（）

• A、Add Dr King's user account to the Marketing global group.
• B、Assign the Sales global group the Allow - Change permission for the Marketing shared folder.
• C、Create a new global group. Add Dr King' user account to the group.Assign the new global group the Allow - Change permission for the Marketing shared folder.
• D、Assign Dr King's user account the Allow - Change permission for the Marketing shared folder.

第3题：

第4题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All users in the publishing department are members of a global group named Publishing. Interns in the publishing department are also members of a global group named PublishingInterns. A network file server contains a shared folder named PubsSalesData. Interns must not be able to view or modify any files in the PubsSalesData folder. All other employees in the publishing department must be able to view and modify the files in the PubsSalesData folder. The NTFS permissions for all folders are configured to assign the Allow - Full Control permission to members of the Domain Users global group. You need to configure the share permissions for the PubsSalesData folder. Which two actions should you perform? （）(Each correct answer presents part of the solution. Choose two.)

• A、Assign the Allow - Read permission to the Publishing global group.
• B、Assign the Allow - Change permission to the Publishing global group.
• C、Assign the Deny - Change permission to the PublishingInterns global group.
• D、Assign the Allow - Read permission to the PublishingInterns global group.

第5题：

All consultants belong to a global group named TempWorkers.     You place three file servers in a new organizational unit named SecureServers. The three file  servers contain confidential data located in shared folders.     You need to record any failed attempts made by the consultants to access the confidential data.     Which two actions should you perform（）

• A、Create and link a new GPO to the SecureServers organizational unit. Configure the Audit privilege use Failure audi
• B、Create and link a new GPO to the SecureServers organizational unit. Configure the Audit object access Failure aud
• C、Create and link a new GPO to the SecureServers organizational unit. Configure the Deny access to this computer f
• D、On each shared folder on the three file servers， add the three servers to the Auditing tab.  Configure the Failed Full control setting in the Auditing Entry dialog box.
• E、On each shared folder on the three file servers， add the TempWorkers global group to the Auditing tab. Configure th

第6题：

Your company has an Active Directory domain. All consultants belong to a global group named   TempWorkers. The TempWorkers group is not nested in any other groups.   You move the computer objects of three file servers to a new organizational unit named SecureServers.   These file servers contain only confidential data in shared folders.   You need to prevent members of the TempWorkers group from accessing the confidential data on the file  servers. You must achieve this goal without affecting access to other domain resources.   What should you do（）

• A、Create a new GPO and link it to the SecureServers organizational unit. Assign the Deny access to this  computer from the network user right to the TempWorkers global group.
• B、Create a new GPO and link it to the domain. Assign the Deny access to this computer from the network  user right to the TempWorkers global group.
• C、Create a new GPO and link it to the domain. Assign the Deny log on locally user right to the  TempWorkers global group.
• D、Create a new GPO and link it to the SecureServers organizational unit. Assign the Deny log on locallyuser right to the TempWorkers global group.

第7题：

You have an Exchange Server 2010 organization.  You have a global security group named Legal that contains all the members of your companys legaldepartment.  The companys security policy states that the Legal group must be able to search all mailboxes for e-mailmessages that contain specific keywords.  You need to recommend a solution for the organization that complies with the security policy.  What should you include in the solution？（）

• A、a Discovery Management role group
• B、a legal hold
• C、administrator audit logging
• D、Mailbox journaling

第8题：

You are the network administrator for TestKing. The network consists of a single Active Directory domain named testking.com. All domain controllers run Windows Server 2003. The sales department recently hired 10 new employees. User accounts for these employees were created in Active Directory. The manager of the sales department sent you a list of a new users and asked you to add the user accounts to an existing global group named SalesDept. You need to add the users to the SalesDept global group. What are two possible ways to achieve this goal? Each correct answer presents a complete solution. Choose two.（）

• A、Use the dsadd user command to add the user accounts to the SalesDept global group.
• B、Use the dsadd group command to add the user accounts to the SalesDept global group.
• C、In Active Directory Users and Computers, select all 10 user accounts. Right-click the selected users, and then select the Properties menu command.
• D、In Active Directory Users and Computers, select all 10 user accounts. Right-click the selected users, and then select the Add to a Group menu command.

第9题：

You work as an administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com.All servers in the ABC.com domain， including domain controllers， have Windows Server 2012 R2 installed.You have created and linked a new Group Policy object （GPO） to an organizational unit （OU）， named ABCServ， which host the computer accounts for servers in the ABC.com domain.You have been tasked with adding a group to a local group on all servers in the ABC.com domain.This group should not， however， be removed from the local group.  Which of the following actions should you take？（）

• A、You should consider adding a restricted group.
• B、You should consider adding a global group.
• C、You should consider adding a user group.
• D、You should consider adding a server group.

第10题：

You are the network administrator for Testking.com. The network consists of a single Active Directory domain testking.com. The functional level of the domain is Windows 2000 native. Some network servers run Windows 2000 Server, and others run Windows Server 20003. All users in your accounting department are members of an existing global distribution group named Global-1. You create a new network share for the accounting users. You need to enable the members of Global-1 to access the file share. What should you do?（）

• A、Raise the functional level of the domain to Windows Server 2003.
• B、Change the group type of Global-1 to security.
• C、Change the group scope of Global-1 to universal.
• D、Raise the functional level of the forest to Windows Server 2003.