问题:
You are the systems engineer for your company. The company has a main office in Los Angeles and two branch offices, one in Chicago and one in New York. The offices are connected to one another by dedicated T1 lines. Each office has its own local IT department and administrative staff.
The company network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. All servers support firmware-based console redirection by means of the serial port. The server hardware does not support any other method of console redirection and cannot be upgraded to do so. The company is currently being reorganized. The IT departments from each branch office are being relocated to a new central data center in the Los Angeles office. Several servers from each branch office are also being relocated to the Los Angeles data center. Each branch office will retain 10 servers.
A new written security policy includes the following requirements:
• All servers must be remotely administered for all administrative tasks.
• All servers must be administered from the Los Angeles office.
• All remote administration connections must be authenticated and encrypted.
Your current network configuration already adheres to the new written security policy for day-to-day server administration tasks performed on the servers. You need to plan a configuration for out-of-band management tasks for each office that meets the new security requirements.
Which three actions should you take?()
A . Connect each server’s serial port to a terminal concentrator. Connect the terminal concentrator to the network.
B . Connect a second network adapter to each server. Connect the second network adapter in each server to a separate network switch. Connect the management port on the switch to a WAN port on the office router. Enable IPSec on the router.
C . Enable Routing and Remote Access on a server in each branch office, and configure it as an L2TP/IPSec VPN server. Configure a remote access policy to allow only authorized administrative staff to make a VPN connection.
D . On each server, enable the Telnet service with a startup parameter of Automatic. Configure Telnet on each server to use only NTLM authentication. Apply the Server (Request Security) IPSec policy to all servers.
E . On each server, enable Emergency Management Services console redirection and the Emergency Management Services Special Administration Console (SAC).
You are the systems engineer for your company. The company has a main office in Los Angeles and two branch offices, one in Chicago and one in New York. The offices are connected to one another by dedicated T1 lines. Each office has its own local IT department and administrative staff.
The company network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. All servers support firmware-based console redirection by means of the serial port. The server hardware does not support any other method of console redirection and cannot be upgraded to do so. The company is currently being reorganized. The IT departments from each branch office are being relocated to a new central data center in the Los Angeles office. Several servers from each branch office are also being relocated to the Los Angeles data center. Each branch office will retain 10 servers.
A new written security policy includes the following requirements:
• All servers must be remotely administered for all administrative tasks.
• All servers must be administered from the Los Angeles office.
• All remote administration connections must be authenticated and encrypted.
Your current network configuration already adheres to the new written security policy for day-to-day server administration tasks performed on the servers. You need to plan a configuration for out-of-band management tasks for each office that meets the new security requirements.
Which three actions should you take?()
● 参考解析
本题暂无解析
