你可能感興趣的試題

You are a security administrator for your company. The network consists of a single Active 
Directory domain. All servers run Windows Server 2003. All client computers run Windows 2000 Professional.  
You manage a Windows Server 2003 computer named Server1 that is a domain member server. You use IIS on Server1 to host an Internet Web site. Approximately 4，000 employees of your company connect over the lnternet to access company confidential data on Server1. You control access to data on Server1 by using NTFS file permissions assigned to groups. Different groups are assigned access to different files. Employees must have access only to files that they are assigned access to based on their membership in a group. You enable SSL on Server1 to protect confidential data while it is in transit. You issue each employee an Authenticated Session certificate and store a copy of that certificate with their user account in the Active Directory domain.   
You need to ensure that Server1 authenticates users based on possession of their certificate. 
What should you do？（）

You are a security administrator for your company. The network consists of two Active Directory forests.   
The first forest is named tailspintoys.com and contains domain controllers that run either 
Windows Server 2003 or Windows 2000 Server. The second forest is named wingtiptoys.com and contains domain controllers that run Windows Server 2003. No trust relationships areestablished.   
A certification authority （CA） running Windows Server 2003 Certificate Services is deployed and all computers are issued a Computer certificate. A Windows Server 2003 computer named 
Server1 is a member of the wingtiptoys.com Active Directory domain. Server1 provides users in both domains access to a payroll application. You decide to implement IPSec to encrypt the 
payroll application data during transmission. You configure a custom IPSec policy named Payroll App on Server1 using the rules shown in the exhibit. （Click the Exhibit button.）   
You configure an IPSec default Client policy on the client computers in both Active Directory domains. During testing， you notice that client computers in the wingtiptoys.com Active Directory domain use IPSec when communicating with Server1. However， client computers in the tailspintoys.com Active Directory domain cannot communicate with Server1.   
You need to enable all client computers to use IPSec when communicating with Server1. 
What should you do？（）