大家来看一道关于软件限制策略的题
You are the administrator of an Active Directory domain named testking.com. Allservers run Windows Server 2003. All client computers run Windows XP Professional.
An unauthorized file sharing application named Fileshare.exe is being used on your
network. The default installation directory for Fileshare.exe is C:\Program Files\FileShare\.
You need to prevent all users from using the unauthorized file sharing application,
even if they rename the application.
You create a new software restriction policy in the Default Domain Policy Group
Policy object (GPO). You now need to configure the software restriction policy.
What should you do?
A. Create a new path rule for Fileshare.exe. Set the security level to Disallowed for the
new rule.
B. Create a new hash rule for Fileshare.exe. Set the security level to Disallowed for the
new rule.
C. Create a new path rule for C:\Program Files\File Share\. Set the security level to
Disallowed for the new rule.
D. Set the default security level to Disallowed for the software restriction policy.
正确答案是B,我想问下为什么不能用路径规则呢,请大家帮忙解释解释,谢谢! 如果软件安装到别的路径呢?
这个题目实际上很直白,MS的题目都要看“甜点”的,你看这句话“You need to prevent all users from using the unauthorized file sharing application, [b][color=red]even if[/color][/b] they [color=red][b]rename[/b][/color] the application”,对于一个文件来说,哪怕改了名字,但是它的Hash是不变的。因此……
回答问题的关键不是什么是对的,而是什么是最佳的,什么是MS想考你的。 谢谢楼上的解答!
页:
[1]