单选题Your company has an internal Web application that uses a self-signed SSL certificate.  The company has an internal certification authority （CA） with autoenrollment.When users attempt to start the Web application， Internet Explorer displays an error mes

第1题：

Your company runs Windows Server 2008. The company network is configured as an Active Directory domain named contoso.com. The network has a Web server named WEB1. The domain users access WEB1 by using http：//web1.  You generate a self-signed certificate for WEB1 and configure WEB1 to use SSL.  Users report that they get a warning message when they connect to WEB1 by using https：//web1.You need to ensure that users can connect to WEB1 without receiving a warning message. What should you do？（）

• A、Add the https： //web1 name to the list of Trusted Sites zone on all the computers in the domain.
• B、Open the Certificates console on WEB1. Export the self-signed certificate to a web1.cer file. Install the web1.cer file on all the computers in the domain.
• C、Join WEB1 to the contoso.com domain. Reissue the self-signed certificate. Request all the users to use https： //web1.contoso.com to connect to WEB1.
• D、Create a DNS Host （A） Record for WEB1 in the contoso.com zone. Reissue the self-signed certificate. Request all the users to use https： //web1.contoso.com to connect to WEB1.

第2题：

You deploy Windows 7 to the computers that are used by your company’s Web developers.  All Web developer user accounts are in a single organizational unit （OU）.   Internet Explorer is blocking pop-up windows for multiple internal Web applications that are hosted on different servers.   You need to use Group Policy to ensure that Internet Explorer does not block pop-up windows for internal Web applications.   What should you do？（）

• A、Add each server to the Intranet zone.
• B、Add each server to the Trusted Sites zone.
• C、Enable Compatibility View in Internet Explorer.
• D、Set the default security setting in Internet Explorer to Medium.

第3题：

Your company has an Active Directory domain. All computers are members of the domain. Your networkcontains an internal Web site that uses Integrated Windows Authentication. From a computer that runs Windows 7, you attempt to connect to the Web site and are prompted for authentication. You verify that youruser account has permission to access the Web site. You need to ensure that you are automaticallyauthenticated when you connect to the Web site.  What should you do?（）

• A、Create a complex password for your user account.
• B、Open Credential Manager and modify your credentials.
• C、Add the URL of the Web site to the Trusted sites zone.
• D、Add the URL of the Web site to the Local intranet zone.

第4题：

Your company has an internal Web site that requires HTTPS. The Web site s certificate is self-signed. Youhave a computer that runs Windows 7 and Windows Internet Explorer 8. You use HTTPS to browse to theWeb site and receive the following warning message: There is a problem with this website s security certificate. You need to prevent the warning message from appearing when you access the Web site.  What should you do?（）

• A、From Internet Explorer， enable InPrivate Browsing.
• B、From Internet Explorer， add the Web site to the Trusted sites zone.
• C、From Certificate Manager， import the Web site s certificate into your Personal store.
• D、From Certificate Manager， import the Web site s certificate into your Trusted Root CertificationAuthorities store.

第5题：

You are the desktop administrator for your company. Your company’s software developers use Windows XP Professional and IIS on their client computers to develop Web-based applications. All client computers use Microsoft Internet Explorer 6. 0 or later as their Web browser. One of the developers reports that he can no longer access the Web-based application on his desktop by using his Web browser. When you attempt to access the application by using your Web browser, you receive the following error message: “Cannot find server or DNS Error.” You verify that the World Wide Web Publishing Service is started on the developer’s computer. You also verify that you are using the correct URL to access the developer’s computer by using your Web browser. You need to ensure that the developer can access the Web application by using his Web browser. How should you configure the developer’s computer?（） 

• A、Start the default Web site.
• B、Start the IIS Admin Service.
• C、Run the IPconfig /registerdns command.
• D、In the default Web site properties，disable the host header setting.

第6题：

Your company has an internal Web application that uses a self-signed SSL certificate.  The company has an internal certification authority （CA） with autoenrollment.When users attempt to start the Web application， Internet Explorer displays an error message that recommends closing the Web page rather than continuing to the application.    You need to ensure that Internet Explorer does not display the error message.   What should you do？（）

• A、Issue a certificate from the internal CA and install it on the application server
• B、Install the Web application’s certificate into the computer store on each client computer
• C、Install the Web application’s certificate into the personal store on each client computer. Add the application’s URL to the Trusted Sites zone in Internet Explorer
• D、Purchase a commercial certificate and install it on the internal CA

第7题：

Your company named Contoso， Ltd. has a Web server named WEB1.   The Web server runs Windows Server 2008. The fully qualified domain name of WEB1 is web1.contoso.com. The public DNS server has an alias record named owa.contoso.com that maps to web1.contoso.com. Users access WEB1 from the Internet by using http：//owa.contoso.com.  The new company security policy states that the owa.contoso.com site must be available for Internet users only through secure HTTP （HTTPS） protocol. The security policy also states that users must not get security warnings when they connect to the site.  You need to request a certificate from a public certification authority （CA）. Which Common Name should you use？（）

• A、Contoso， Ltd.
• B、owa.contoso.com
• C、WEB1
• D、web1.contoso.com

第8题：

An enterprise has an internal web application that needs stickiness managed by a Cluster. Allemployees access the application through a proxy. What is the correct sticky load balancing policy? （）

• A、urlhash
• B、url persistency
• C、cookie persistency
• D、default persistency

第9题：

Your network contains an Active Directory domain named contoso.com. The domain contains a   server named Server1. The Active Directory Federation Services （AD FS） role is installed on Server1. Contoso.com is defined as an account store.   A partner company has a Web-based application that uses AD FS authentication. The partner company  plans to provide users from contoso.com access to the Web application.   You need to configure AD FS on contoso.com to allow contoso.com users to be authenticated by the   partner company.   What should you create on Server1（）

• A、a new application
• B、a resource partner
• C、an account partner
• D、an organization claim

第10题：

You work as the IT professional in an international company which is named Wiikigo. You are experiencedin implementing and administering a network operating system. You are specialized in deploying servers，configuring Windows Server 2008 Terminal services and network application services， and configuring aweb services infrastructure. You are in charge of a member server that runs Windows Server 2008. Themember server has the Web Server （IIS） server role installed. The server hosts a Web site that is onlyaccessible to the executives of your company. According to the requirement of the company policy， theexecutives must use user certificates to access the confidential Web content. You have to make sure thatthe executives can only access the secure Web site by using their installed certificates. What action shouldyou perform to make sure of this？（）

• A、A Certificate Trust list should be configured to include the executives certification authority （CA）certificate.
• B、The SSL settings should be configured to Require 128-bit SSL on the confidential Web site.
• C、The Client Certificates settings should be configured to Accept on the SSL settings for the confidentialWeb site.
• D、The Client Certificates settings should be configured to Require on the SSL settings for the confidentialWeb site.