单项选择题
You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains 25 Windows Server 2003 computers and 6,000 Windows XP Professional computers.The written company security policy states that network traffic to Web servers must be audited on a regular basis. A server named Server1 is configured as a Web server on the company’s intranet. You install Network Monitor Tools from a Windows Server 2003 product CD-ROM on Server1.You run Network Monitor on Server1 for three hours. When you stop the network capture, you see that Network Monitor captured over 40,000 frames. As you look at the captured frames, you notice that an extremely large number of TCP connection requests have all come from the 131.107.0.1 IP address.In Network Monitor, you need to view only the frames for network traffic that are captured between Server1 and the 131.107.0.1 IP address.
What should you do?()
A.Create an Address Capture filter for all network traffic between Server1 and the 131.107.0.1 IP address.
B.Create a Find Frame Expression filter for network traffic captured between Server1 and the 131.107.0.1 IP address.
C.Create an Address Display filter for all network traffic captured between Server1 and the 131.107.0.1 IP address.
D.Create a Pattern Match capture trigger for the 131.107.0.1 IP address.
相关考题
-
单项选择题
You are the network administrator for your company. A Windows Server 2003 computer named Router11 is used to connect the network to the Internet. You find out that some computers on the network are infected with a worm, which occasionally sends out traffic to various hosts on the Internet. This traffic always uses a certain source TCP port number.You need to identify which computers are infected with the worm. You need to configure a solution on Router11 that will perform the following two tasks: Detect and identify traffic that is sent by the worm. Immediately send a notification to a network administrator that the infected computer needs to be repaired. What should you do?()
A.Configure a WMI event trigger.
B.Configure a Network Monitor capture filter.
C.Configure a Network Monitor trigger.
D.Configure a System Monitor alert. -
单项选择题
You are the network administrator for Humongous Insurance. The network consists of a single Active Directory domain named humongous.com. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You configure several Group Policy objects (GPOs) to enforce the use of IPSec for certain types of communication between specified computers. A server named Server2 runs the Telnet service. A GPO is supposed to ensure that all Telnet connections to Server2 are encrypted by using IPSec. However, when you monitor network traffic, you notice that Telnet connections are not being encrypted.You need to view all of the IPSec settings that are applied to Server2 by GPOs. Which tool should you use?()
A.the IP Security Policy Management console
B.the IP Security Monitor console
C.the Resultant Set of Policy console
D.Microsoft Baseline Security Analyzer (MBSA) -
单项选择题
You are the network administrator for Fabrikam, Inc. The network consists of a single Active Directory domain named fabrikam.com. A Windows Server 2003 computer named Server1 functions as the DNS server for the domain.Wingtip Toys is a division of Fabrikam, Inc. The Wingtip Toys network consists of a single Active Directory domain named wingtiptoys.com. Server1 is a secondary zone server for wingtiptoys.com.You are monitoring notification traffic between the two domains. You need to keep a record of when the primary DNS server for wingtiptoys.com informs Server1 of available changes in the wingtiptoys.com zone. What should you do?()
A.Use the Performance console to create a log of the DNS performance counter Notification Received on Server1.
B.Enable debug logging on Server1. Configure the log to record Notification events.
C.Run the replmon command to monitor replication events on Server1.
D.Run the dcdiag command to check DNS registration on Server1.
