单选题You need to improve the company’s security patch management process. Your solution must meet existing business requirements and it cannot increase the number of employees or unnecessarily increase ongoing administrative effort. What should you do？（）A P

第1题：

You need to recommend a document management solution that supports the company's planned changes.   What should you include in the recommendation？（）

• A、Active Directory Rights Management Services（AD RMS）and File Server Resource Manager （FSRM）
• B、Active Directory Rights Management Services（AD RMS）and Microsoft SharePoint Foundation 2010
• C、Authorization Manager and Microsoft SharePoint Foundation 2010
• D、File Server Resource Manager （FSRM） and Share and Storage Management

第2题：

You need to design a security patch management strategy. Your solution must meet business and security requirements， and it must accommodate the company’s resource restrictions. What should you do？（）

• A、Test and manually deploy updates
• B、Deploy a Software Update Services （SUS） server. Test all updates and then approve them. Configure all client computers to automatically obtain updates from the server
• C、Test all updates and then use a third-party utility to repackage updates in a Windows Installer file. Deploy the -.msi files by using Group Policy
• D、Configure all client computers to use Automatic Updates to obtain security updates from the Windows Update Web site. Test all updates posted to the Windows Update Web site

第3题：

You need to recommend a solution to ensure that all of the client computers that run Windows 7 meet the company’s security requirements.   What should you include in the recommendation？（）

• A、Encrypted File System （EFS）
• B、the AppLocker Group Policy settings
• C、the IPSec enforcement method
• D、Windows BitLocker Drive Encryption （BitLocker）

第4题：

You have a server that runs Windows Server 2003 Service Pack 2 (SP2).You need to compare the current security settings of the server to a security template. Which tool should you use?（）

• A、Security Templates snap-in 
• B、Group Policy Management Console 
• C、Security Configuration and Analysis snap-in 
• D、Microsoft Baseline Security Analyzer (MBSA)

第5题：

You have an Exchange Server 2010 organization that consists of 50 Exchange Server 2010 servers. Your companys security policy states that approved Exchange and Windows Server patches and securityupdates must be applied to all Exchange servers within one week of being released.  You need to recommend a patch management solution that meets the following requirements： .Allow administrators to manually approve patches and security updates .Allow only the installation of approved patches and security updates  .Minimize the administrative effort to deploy patches  .Minimize the deployment costs What should you include in the solution？（）

• A、Microsoft Update
• B、Microsoft System Center Configuration Manager
• C、Windows Server Update Services
• D、Windows Update

第6题：

You need to recommend a delegation solution for CA1 that meets the company’s security requirements.   What should you include in the recommendation？（）

• A、access-based enumeration （ABE）
• B、Active Directory delegation
• C、Authorization Manager
• D、role separation

第7题：

You have an Exchange Server 2010 organization.  Your company has a relationship with another company.  The partner company has an Exchange Server 2010 organization.  You need to recommend a security solution to meet the following requirements：  .Ensure that all e-mail delivery between your servers and the partner companys servers is encrypted .Ensure that all communication between your servers and the partner companys servers is authenticated What should you include in the solution？（）

• A、Active Directory Rights Management Services （AD RMS）
• B、Domain Security
• C、Forms-based Authentication
• D、Secure/Multipurpose Internet Mail Extensions （S/MIME）

第8题：

The company wants to evaluate making all business office users administrators on their client computers. You need to design a method to ensure that this change can be made in a manner that meets business and security requirements. What should you do？（）

• A、On all domain controllers， implement registry access auditing for all registry keys that are considered sensitive by the company’s written security policy
• B、On all client computers， implement logon auditing for all user account logons
• C、On all client computers， configure registry access auditing for all registry keys that are considered sensitive by the company’s written security policy
• D、On all domain controllers， implement logon auditing for all user account logons

第9题：

You need to ensure that all servers meet the company’s security requirements. Which tool should you use？（）

• A、Microsoft Baseline Security Analyzer （MBSA）
• B、Microsoft Security Assessment Tool （MSAT）
• C、Resultant Set of Policy （RSoP）
• D、Security Configuration Wizard （SCW）

第10题：

Your company has a single Active Directory directory service domain. Servers in your environment run Windows Server 2003. Client computers run Windows XP or Windows Vista. You plan to create an internal centrally managed security update infrastructure for client computers. You need to choose a security update management tool that supports all the client computers.  Which tool should you choose？ （）

• A、 Microsoft Assessment and Planning （MAP） Toolkit
• B、 Microsoft Baseline Security Analyzer
• C、 Microsoft System Center Operations Manager
• D、 Windows Server Update Services （WSUS）