CREATING AN ORGANIZATIONAL UNIT HIERARCHY IN THIS PROCEDURE, YOU CREAT...

Question

2.  In an effort to cooperate with your company’s new emphasis on security, you have used GPOs to enable all the available audit policies on the computers that are running Windows Server 2003. A few days after making these changes, you unlock the data center to find that your domain controller has shut down during the night. Which of the following modifications might prevent this from happen­ing again? (Choose all correct answers.) a.  Revoke the Administrators group’s Debug Programs user right. b.  Increase the default value specified in the Maximum Security Log Size policy. c.  Disable the Shutdown: Allow System To Be Shut Down Without Having To Log On security option. d.  Disable the Audit: Shut Down System Immediately If Unable To Log Security Audits security option. b and d 10 Deploying Security ConfigurationsExam Objectives in this Chapter: ■ Plan a strategy to enforce system default security settings on new systems. ■ Deploy the security configuration for servers that are assigned specific roles. ■ Create custom security templates based on server roles. Why This Chapter Matters In Chapter 9, “Hardening Servers,” you learned how to configure security param­eters for a computer running the Microsoft Windows Server 2003 family using Group Policy Objects (GPOs). However, for a large network installation, the pro­cess of developing and deploying security policies consists of a good deal more than merely creating GPOs. To administer a large network, configuration tech­niques adequate to single computers or small installations are often impractical. Once you decide the security settings your network requires, you must test them carefully to determine whether they provide the security you need and to make sure that they do not interfere with your standard network operations. When you are ready to deploy your security configurations, you can use security templates to simplify the process. Lessons in this Chapter: ■ Lesson 1: Creating a Testing and Deployment Plan . . . 10-2 ■ Lesson 2: Introducing Security Templates. . . 10-10 ■ Lesson 3: Deploying Security Templates . . . 10-18 Before You Begin This chapter requires an understanding of the security parameters provided by Windows Server 2003 and the process of configuring them using Group Policy Objects. To per-form the practice exercises in this chapter, you must install and configure Windows Server 2003 on your computer using the Setup procedure in “About This Book.”

CREATING AN ORGANIZATIONAL UNIT HIERARCHY IN THIS PROCEDURE, YOU CREAT...

2. In an effort to cooperate with your company’s new emphasis on security, you

have used GPOs to enable all the available audit policies on the computers that

are running Windows Server 2003. A few days after making these changes, you

unlock the data center to find that your domain controller has shut down during

the night. Which of the following modifications might prevent this from happen­

ing again? (Choose all correct answers.)

a. Revoke the Administrators group’s Debug Programs user right.

b. Increase the default value specified in the Maximum Security Log Size policy.

c. Disable the Shutdown: Allow System To Be Shut Down Without Having To

Log On security option.

d. Disable the Audit: Shut Down System Immediately If Unable To Log Security

Audits security option.

b and d

10 Deploying Security

Configurations

Exam Objectives in this Chapter:

Plan a strategy to enforce system default security settings on new systems.

Deploy the security configuration for servers that are assigned specific roles.

Create custom security templates based on server roles.

Why This Chapter Matters

In Chapter 9, “Hardening Servers,” you learned how to configure security param­

eters for a computer running the Microsoft Windows Server 2003 family using

Group Policy Objects (GPOs). However, for a large network installation, the pro­

cess of developing and deploying security policies consists of a good deal more

than merely creating GPOs. To administer a large network, configuration tech­

niques adequate to single computers or small installations are often impractical.

Once you decide the security settings your network requires, you must test them

carefully to determine whether they provide the security you need and to make

sure that they do not interfere with your standard network operations. When you

are ready to deploy your security configurations, you can use security templates

to simplify the process.

Lessons in this Chapter:

Lesson 1: Creating a Testing and Deployment Plan . . . 10-2

Lesson 2: Introducing Security Templates. . . 10-10

Lesson 3: Deploying Security Templates . . . 10-18

Before You Begin

This chapter requires an understanding of the security parameters provided by Windows

Server 2003 and the process of configuring them using Group Policy Objects. To per-

form the practice exercises in this chapter, you must install and configure Windows

Server 2003 on your computer using the Setup procedure in “About This Book.”

Bạn đang xem 2. - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 293 PHẦN 6 PPTX

the night. Which of the following modifications might prevent this from happen

In Chapter 9, “Hardening Servers,” you learned how to configure security param

Group Policy Objects (GPOs). However, for a large network installation, the pro

than merely creating GPOs. To administer a large network, configuration tech