单项选择题
You are the network administrator for your company. The network consists of a single IP subnet. All servers run Windows Server 2003. All client computers run Windows XP Professional.You need to install Windows Server Update Services (WSUS) on a computer named Server1. Server1 has limited hard disk space. Server1 stores a minimal amount of information locally. Client computers must install Microsoft critical updates.You need to ensure that client computers download updates directly from Microsoft Update. Only approved updates should be downloaded.
What should you do?()
A.Open the WSUS console. Specify the Update Source as Synchronize from Microsoft Update.
B.Open the WSUS console. Modify the synchronization option to not store updates locally.
C.Modify the default home page for all client computers to https: //windowsupdate.microsoft.com.
D.Configure the client Group Policy object (GPO) to use Microsoft Update as its update source.
相关考题
-
单项选择题
You are the network administrator for your company. All client computers run Windows XP Professional. All servers run Windows Server 2003.The company has offices in Los Angeles, San Francisco, and Seattle. Each office is configured as a separate IP subnet. DNS is the only method of name resolution used on the network.You need to implement a software update infrastructure on the network. You install Windows Server Update Services (WSUS) on a computer named Server1 in the Los Angeles office. You install WSUS on Server1 with all default settings. You create a Group Policy object (GPO) named WSUS. You have no plans to install additional WSUS servers.You need to ensure that client computers can successfully connect to the WSUS server. What should you do?()
A.Configure the Internet browser home page on all client computers to point to http: //windowsupdate.microsoft.com.
B.In the WSUS GPO, specify the Server Name property to be the server’s fully qualified domain name (FQDN).
C.On the WSUS server, configure the IIS Manager to require HTTP over SSL.
D.Enable communication over port 443 between all client computers and the WSUS server. -
单项选择题
You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains 35 Windows Server 2003 computers; 3,000 Windows XP Professional computers; and 2,000 Windows 2000 Professional computers. Windows Server Update Services (WSUS) is installed on a server named Server1. The necessary Group Policy object (GPO) is configured.You need to confirm whether all computers in the domain have received all approved updates from Server1. What should you do on Server1?()
A.Install and configure Urlscan.exe.
B.At the command prompt, type gpresult /scope COMPUTER.
C.Open the WSUS console. Run the Status of Computers report.
D.Open the WSUS console. Run the Synchronization Results report. -
单项选择题
You are the network administrator for your company. The network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. All client computers in the domain run Windows XP Professional. An application named Inventory.exe is installed on all computers in the domain to remotely gather software inventory information. The application runs as a service in the security context of the Local System. The startup type of the service is set to Automatic.In the Default Domain Policy Group Policy object (GPO), the security administrator has configured a software restriction policy that is applied to all computers in the domain. The policy contains a hash rule for the Inventory.exe application, and the hash rule is configured with a security level of Unrestricted. The client computers on the network are attacked by a worm that is distributed by e-mail messages received over the Internet. The worm detects the presence of Inventory.exe on a computer, then starts a new instance of the application in the security context of the logged-on user. The worm exploits a bug in the application to cause the computer to fail.You need to ensure that Inventory.exe cannot be started by the worm, while still allowing the application to run as a service. What should you do?()
A.In the computer settings section of the Default Domain Policy GPO, configure a software restriction policy that contains a zone rule for the Internet zone. Configure the zone rule with a security level of Disallowed.
B.In the user settings section of the Default Domain Policy GPO, configure a software restriction policy that contains a zone rule for the Internet zone. Configure the zone rule with a security level of Disallowed.
C.In the user settings section of the Default Domain Policy GPO, configure a software restriction policy that contains a hash rule for the Inventory.exe application. Configure the hash rule with a security level of Disallowed.
D.In the computer settings section of the Default Domain Policy GPO, modify the existing software restriction policy hash rule for the Inventory.exe application so that the hash rule has a security level of Disallowed.
