Youaretheseniorsystemsengineerforyourcompany.ThenetworkconsistsofasingleActiveDirectorydomain.
AllserversrunWindowsServer2003.ClientcomputersinthesalesdepartmentrunWindowsNTWorkstation4.0withtheActiveDirectoryClientExtensionssoftwareinstalled.AllotherclientcomputersrunWindowsXPProfessional.Allserversarelocatedinanorganizationalunit(OU)namedServers.AllclientcomputersarelocatedinanOUnamedDesktops.
Fourserverscontainconfidentialcompanyinformationthatisusedbyusersineitherthefinancedepartmentortheresearchdepartment.Usersinthesalesdepartmentalsostorefilesandapplicationsontheseservers.Thecompany’swrittensecuritypolicystatesthatforauditingpurposes,allnetworkconnectionstotheseresourcesmustrequireauthenticationattheprotocollevel.Thewrittensecuritypolicyalsostatesthatallnetworkconnectionstotheseresourcesmustbeencrypted.Thecompanybudgetdoesnotallowforthepurchaseofanynewhardwareorsoftware.Theapplicationsanddatalocatedontheseserversmaynotbemovedtoanyotherserverinthenetwork.
Youdefineandassigntheappropriatepermissionstoensurethatonlyauthorizeduserscanaccesstheresourcesontheservers.
Younowneedtoensurethatallconnectionsmadetotheseserversbytheusersinthefinancedepartmentandintheresearchdepartmentmeetthesecurityguidelinesstatedbythewrittensecuritypolicy.Youalsoneedtoensurethatallusersinthesalesdepartmentcancontinuetoaccesstheirresources.
Whichtwoactionsshouldyoutake?()
参考答案:BC
