Exam Prep 2 [Electronic resources] : Windows XP Professional نسخه متنی

1.

Log on to the computer as an administrator.

2.

Click Start, Run, type mmc in the Open text box, and press Enter.

3.

From the File menu, select Add\Remove snap-in.

4.

Click the Add button.

5.

Select Group Policy from the resulting dialog box and click Add.

6.

In the Select Group Policy Object Wizard, you are prompted for the location of the Group Policy. If Local Computer is not displayed in the Group Policy Object list, click the Browse button and select the This Computer option button. Click OK when finished.

7.

Click Finished and then click OK to return to the console, which is depicted in Figure 13.14.

8.

To change a policy setting, navigate the tree to the container that holds the policy. Double-click it and change the policy settings; optionally, you may need to click the Action menu or right-click the details pane to create a new policy. The remaining steps in this exercise walk you through the process of prohibiting users from enabling the Internet Connection Firewall (ICF). The firewall doesn't need to be enabled when a desktop computer sits on a private network behind a firewall, and can cause additional problems if it is enabled.

9.

Navigate the Computer Configuration node to the Administrative Templates container, then to the Network container, and finally click the Network Connections container. You see the screen shown in Figure 13.15.

10.

In the Network Connections container, you can see two policies that appear to be identical, and both of which seem to apply to the task at hand. However, when you click on them you should note that the description of the policy states that one requires Windows 2000 and the other requires Windows XP. Group policies include the policy settings applicable to both Windows 2000 and Windows XP computers, although for the Local Computer you should use only those applicable to Windows XP.

11.

Double-click the Prohibit Use of Internet Connection Firewall on Your DNS Domain Networkthe one that is applicable to Windows XP. The dialog box shown in Figure 13.16 opens.

12.

Click Enabled, and then click OK.

How can you help a local user gain access to a website that requires a .NET Passport?

When you want to configure auditing on a printer, can you audit the access that users have on its documents only?

Why would you grant a user the Take Ownership right to a folder and its contents, but no other rights?

When a laptop computer is a member of a domain, and a person logs on to the computer with a local user account, will the computer process group policies that are connected to the cached credentials of that person's domain account?

You have configured a user named Larson as a member of three groupsBacon, Eggs, and Sausage. You have granted the Bacon group advanced rights for the Traverse Folder\Execute File and List Folder\Read Data rights, plus the Create Files\Write Data rights to the C:\BRUNCH folder, and granted the Eggs group the Full Control rights to the C:\BRUNCH folder, and for the Sausage group you have applied the Deny right for the Delete, Create Files\Write Data and Take Ownership rights to the C:\BRUNCH folder. If Larson wants to move the C:\BRUNCH\OJ.txt file to F:\BREAKFAST, will he be able to? Hint: Diagram the folder structure to help determine the answer.

You are a desktop administrator for the Cor2 Corporation, which has an Active Directory forest consisting of a single domain. All computers are installed with Windows XP Professional and configured as domain member computers. Your company has discovered that a user named Joe had logged on to a kiosk in the lobby, after which Joe's account was disabled; however, Joe's account was still able to access corporate records from that computer. Management has demanded that this should never happen again on any computer in the network. What can you do that will satisfy management's new security policy?

You are the desktop administrator for the Cor2 Corporation network. The Sales department uses laptop computers and often shares files with clients from their laptops when on the road. You want to make certain that the Sales members are able to configure shared files and folders. Which of the following groups are granted this right automatically? (Select all that apply)

You are the network administrator for Babble On, a cellular telephone manufacturer. A member of the marketing department, Kelly, uses a laptop computer that has been configured with a local user account. Over the past two months, Kelly has intermittently had trouble logging on to the network. Each time you have discovered that the Windows Firewall for the LAN connection for the computer has been enabled. How do you prevent this from continuing to happen?

You are a help desk administrator for Help Desks, Inc., and you manage multiple Active Directory networks for different companies. A network technician named Ellen calls up and tells you she is a new member of the G Company technicians, which has a policy that requires that only users who are authenticated by a domain controller can log on to their computers or unlock the computer's screensaver. Ellen has a laptop computer that is currently disconnected from the G Company network, and she claims that she can unlock the screensaver's password dialog on the laptop using her domain user account. Ellen wants to know how to configure the laptops on the network so that they will conform to corporate policy. What can she do?

You are the enterprise administrator for Babble On, a cellular telephone company. You have several telecommuters who connect to the network from portable laptop computers through dialup connections to remote access servers. All users are required to log on to the domain when they dial in. Laura is a telecommuter whose local user account is a member of the local Power User's group. Laura's main job function is to test cellular telephone accessories that connect to Windows XP computers. You have recently made changes to the GPO attached to the domain and you have removed all configuration from Local Group policies to better manage policies from a central location. You have also configured local user accounts to be members of the Local Administrators group. Laura calls to complain that she is no longer allowed to install equipment on her local computer. Laura has attempted to install the equipment as a local administrator of the computer. What do you need to do?

You are a new user at G company and you have a Windows XP Professional laptop computer. You have been given a laptop computer that was used by Patrick, who trains you on his last day and now has left the company. The network administrator tells you that she has disabled Patrick's user account on your computer and that company policy is to rename the Administrator account so that only administrators can use the account to log on. You have been told that you will be required to perform the same functions that Patrick performed. During the second week of work, you attempt to back up the files on your hard drive to a removable media device. The Windows Backup program gives you an Access Denied error. What do you need to do?

You and Sam are network administrators for NVestRs, a financial investment firm. Sam is executing a project to deploy an application that encompasses multiple locations. All network administrators are members of the domain Administrators group. Sam brings a small print device that is always attached to his laptop computer, and he shares the printer on the network. The laptop computer is a member of the domain, and includes a local group named NetAdmins. You want to make certain that only the members of the NetAdmins group are able to print to the print device or manage the printed documents. What should you do? (Choose two.)

You have recently performed an upgrade on a computer in your network. The old operating system is Windows 98SE. Your boss has asked you to enable him to see which users attempt to access files on the local hard disk of the computer, and which applications users are launching when they log on locally to the computer so that he can determine the security vulnerabilities of the upgrade prior to deploying any further computers. Which of the following do you perform? (Choose all that apply.)

You are the remote access administrator for your company. You have telecommuters who access the network in three contiguous shifts of eight hours per day. Each computer used by the telecommuter group has a folder named Tele at the root of the hard drive. All telecommuters use local users and groups only. You have the following objectives:

1. You want to enable the telecommuters' computers to keep each user's information separate from the others.

2. You want to configure local accounts for each telecommuter.

3. You want to make certain that each user can read files in a folder called C:\TELE.

4. You want to be able to copy a file into the TELE folder whenever you have notices to send to telecommuters.

Which of the following do you perform? (Choose all that apply.)

You are the network administrator for ChicChicks, a poultry farm organization. Because the group consists of multiple participants, your network includes workstations that run Windows NT 4.0, Windows 2000 Professional, and Windows XP Professional. The ChicChicks company has hired a public relations firm and they have installed their own computers and hooked them up to your network, which consists of a single Active Directory domain. Sandra, a PR rep, calls you to report that she is not able to log on remotely to a Windows XP computer that shares folders and printers on the network, and she receives consistent Access Denied errors. No other users report this problem. Sandra tells you that when she installed her Windows XP computer, she selected all the default permissions. What do you need to do to correct the error? (Choose two.)