You configure a Group Policy Object for the Marketing organizational unit (OU) to prevent users from accessing My Network Places and from running System in Control Panel. You want the Managers domain local group to be able to access My Network Places, but you still want to prevent them from running System in Control Panel.
What should you do?
A.Add the managers group to the access control list of the GPO. Disable the permission of the managers group to read and apply the group policy.
B.Add the managers group to the access control list of the GPO. Deny the permission of the managers group to read and apply the group policy.
C.Create a second GPO in the OU. Add the managers group to the access control list. Allow the managers group to apply the group policy. Deny the authenticated users group permission to read and apply group policy. Configure the new GPO to deny the ability to run System in Control Panel. Give the original GPO a higher priority than the new GPO.
D.Create a second GPO in the OU. Add the managers group to the access control list. Allow the managers group to read and apply the group policy. Disable the permission of the authenticated user group to read and apply the group policy. Configure the new GPO to allow access to My Network Places. Give the new GPO a higher priority than the original GPO.
第1题:
Your network consists of numerous domains within a LAN, plus one remote location that is configured as another domain within the tree. Each domain contains several organizational units. The remote domain is connected to the main office network by using 56-Kbps connection, as shown in the Exhibit.
The remote location is running a previous service pack for Windows 2000, and the LAN is running the most recent service pack.
You want to configure a group policy for the remote location so that users can repair a problem with a service pack system file. You also want to reduce the traffic on the LAN and ease administration of the group policies. You want to retain the domain administrator's access to the group policy configuration.
What should you do?
A.Configure a group policy for each OU in the west.litware.com domain. Configure a service pack software package for each group policy.
B.Configure a group policy for each OU in the litware.com domain. Configure a service pack software package for each group policy.
C.Configure a group policy for west.litware.com domain. Configure a service pack software package for the group policy.
D.Configure a group policy for the litware.com domain. Configure a service pack software package for the group policy.
第2题:
You are the network administrator for The network consists of a single Active Directory domain named The domain contains Windows Server 2003 computers and Windows XP Professional computers. The domain contains a group named SalesAdmin. Members of the SalesAdmin group need the permission to add Group Policy links and create Group Policy objects (GPOs) for only the Sales organizational unit (OU). You need to configure the domain to provide the SalesAdmin group with the minimum permissions necessary to meet these requirements. What should you do?()
第3题:
The network consists of a single domain named Ezonexam.com that includes 20 Windows NT workstation 4.0 client computers. All other client computers are Windows 2000 Professional computers. You install Terminal Services on one of the Windows Server computers and Terminal Services Client on the 20 Windows NT Workstation 4.0 client computers. You create a system policy on the server that is configured as the terminal server. This system policy denies access to Network Neighborhood. You find that the users of the terminal server can still browse the network when they open My Network Places from Windows 2000 Professional computer or when they open Network Neighborhood from Windows NT Workstation 4.0 computers.
You want to prevent all users from browsing the network.
What should you do? (Each correct answer presents a complete solution. Choose two.)
A.Create a Windows Group Policy that denies user access to My Network Places.
B.Copy the Windows NT policy file to the 20 Windows NT Workstation 4.0 computers.
C.Create a Windows NT 4.0 default user policy on the Windows 2000 Server computer that is configured as the PDC emulator.
D.Modify the Windows NT policy template file so that you can restrict access to both My Network Places and Network Neighborhood. Save the policy file on the terminal server.
E.Configure the terminal server to use Application server mode. Select the Permissions compatible with Terminal Server 4.0 Users option.
第4题:
Your network consists of Windows XP computers. All computers are joined to a single Active Directory directory service domain and located in a single Active Directory site. You create a new Group Policy object (GPO) and link it to the site. The policy configures default screensaver settings. User accounts of users in the research department are located in an organizational unit (OU) named Research. You need to allow users in the research department to configure a different screensaver setting on their computers. What should you do?()
第5题:
You are the network administrator for your company. Your network consists of a single Active Directory domain. Three security groups named Accountants, Processors, and Management are located in an organizational unit (OU) named Accounting. All of the user accounts that belong to these three groups are also in the Accounting OU. You create a Group Policy object (GPO) and link it to the Accounting OU. You configure the GPO to disable the display options under the User Configuration section of the GPO. You need to achieve the following goals: You need to ensure that the GPO applies to all user accounts that are members of the Processors group. You need to prevent the GPO fromapplying to any user account that is a member of the Accountants group. You need to prevent the GPO from applying to any user account that is a member of the Management group, unless the user account is also a member of the Processors group. What should you do?()
第6题:
You are the administrator of a Windows 2000 Active Directory network. The network consists of a single domain. The domain includes 20 Windows NT Workstation 4.0 client computers. All other client computers are Windows 2000 Professional computers.
You create a Windows NT 4.0 default user policy on the Windows 2000 Server computer that is configured as the PDC emulator. This default user policy denies access to Network Neighborhood. You then install Terminal Services on one of the servers and Terminal Services Client on the 20 Windows NT Workstation client computers.
You find that the users of the Terminal Server can still browse the network when they open My Network Places. You want to prevent all users from browsing the network.
What should you do?
A.Modify the Windows NT policy template file so that you can restrict access to both My Network Places and Network Neighborhood. Save the policy file on the Terminal Server.
B.Copy the Windows NT policy file to the 20 Windows NT Workstation computers.
C.Create a Windows 2000 Group Policy that denies user access to My Network Places.
D.Edit the local registry on the Windows NT Workstation computers to deny access to Entire Network in Network Neighborhood.
第7题:
Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering. You need to create a password policy for the engineering department that is different from your domain password policy. What should you do()
第8题:
A. Create a Group Policy object (GPO) that enables Security Center and link the policy to the domain.
B. Create a Group Policy object (GPO) that enables Security Center and link the policy to the Domain Controllers organizational unit (OU).
C. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the domain.
D. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the Domain Controllers organizational unit (OU).
第9题:
Your company has an Active Directory domain that has an organizational unit named Sales. The Sales organizational unit contains two global security groups named sales managers and sales executives. You need to apply desktop restrictions to the sales executives group. You must not apply these desktop restrictions to the sales managers group. You create a GPO named DesktopLockdown and link it to the Sales organizational unit. What should you do next()
第10题:
Your network consists of a single Active Directory domain. The domain contains 13 member servers. The member servers run Windows Server 2003 Service Pack 2 (SP2). The computer accounts for all member servers are located in an organizational unit (OU) named Servers. You need to prevent remote desktop connections to the member servers. What should you do? ()