单选题You are designing for implementing Group Policy objects (GPOs) to meet the business and technical requirement.  What should you do? ()A Create one new GPO to enforce software restriction policies. Link this GPO to the domain.B Create one new GPO to enforce software restriction policies. Link this GPO to the appropriate organizational unit (OU).C Create one new GPO to enforce software restriction policies. Link this GPO to all organizational units (OUs).D Create new GPOs to match the number of organizational units (OUs).configure these GPOs to enforce software restriction policies. Link this GPO to its respective OU.

单选题
You are designing for implementing Group Policy objects (GPOs) to meet the business and technical requirement.  What should you do? ()
A

 Create one new GPO to enforce software restriction policies. Link this GPO to the domain.

B

 Create one new GPO to enforce software restriction policies. Link this GPO to the appropriate organizational unit (OU).

C

 Create one new GPO to enforce software restriction policies. Link this GPO to all organizational units (OUs).

D

 Create new GPOs to match the number of organizational units (OUs).configure these GPOs to enforce software restriction policies. Link this GPO to its respective OU.


参考解析

解析: 暂无解析

相关考题:

Your company has deployed Network Access Protection (NAP) enforcement for VPNs.You need to ensure that the health of all clients can be monitored and reported. What should you do?() A. Create a Group Policy object (GPO) that enables Security Center and link the policy to the domain.B. Create a Group Policy object (GPO) that enables Security Center and link the policy to the Domain Controllers organizational unit (OU).C. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the domain.D. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the Domain Controllers organizational unit (OU).

You configure a Group Policy Object for the Marketing organizational unit (OU) to prevent users from accessing My Network Places and from running System in Control Panel. You want the Managers domain local group to be able to access My Network Places, but you still want to prevent them from running System in Control Panel.What should you do?A.Add the managers group to the access control list of the GPO. Disable the permission of the managers group to read and apply the group policy.B.Add the managers group to the access control list of the GPO. Deny the permission of the managers group to read and apply the group policy.C.Create a second GPO in the OU. Add the managers group to the access control list. Allow the managers group to apply the group policy. Deny the authenticated users group permission to read and apply group policy. Configure the new GPO to deny the ability to run System in Control Panel. Give the original GPO a higher priority than the new GPO.D.Create a second GPO in the OU. Add the managers group to the access control list. Allow the managers group to read and apply the group policy. Disable the permission of the authenticated user group to read and apply the group policy. Configure the new GPO to allow access to My Network Places. Give the new GPO a higher priority than the original GPO.

You are the network administrator for your company. Your network consists of a single Active   Directory domain. Three security groups named Accountants, Processors, and Management are located in an organizational unit (OU) named Accounting. All of the user accounts that belong to these three  groups are also in the Accounting OU. You create a Group Policy object (GPO) and link it to the  Accounting OU. You configure the GPO to disable the display options under the User Configuration  section of the GPO. You need to achieve the following goals: You need to ensure that the GPO applies to  all user accounts that are members of the Processors group. You need to prevent the GPO fromapplying  to any user account that is a member of the Accountants group. You need to prevent the GPO from  applying to any user account that is a member of the Management group, unless the user account is also  a member of the Processors group. What should you do?()A、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL of the GPO to assign the users who are in both the Accountants and Management security groups the Allow - Read and the Allow - Apply Group Policy permissions.B、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants and Management security groups the Deny - Read and the Deny - Apply Group Policy permissions. Create a new security group named Mixed that contains all the user accounts from the Processors group and the specific user accounts from the Management group to which you want the GPO to apply. Modify the DACL of the GPO to assign the Mixed security group the Allow - Read and the Allow - Apply Group Policy permissions.C、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants security group the Deny - Read and the Deny - Apply Group Policy permissions. Modify the DACL settings of the GPO to remove the Authenticated Users special group. Modify the DACL settings of the GPO to add the Processors group and assign the Allow - Read and the Allow - Apply Group Policy permissions.D、 Modify the discretionary access control list (DACL) settings of the GPO to assign the Accountants security group the Deny - Read and the Allow - Apply Group Policy permissions. Modify the DACL settings of the GPO to assign the Management security group the Deny - Read and the Deny - Apply Group Policy permissions.

Your company has an Active Directory domain that has an organizational unit named Sales. The   Sales organizational unit contains two global security groups named sales managers and sales  executives.    You need to apply desktop restrictions to the sales executives group. You must not apply these desktop  restrictions to the sales managers group. You create a GPO named DesktopLockdown and link it to the  Sales organizational unit.   What should you do next()A、Configure the Deny Apply Group Policy permission for the sales managers on the DesktopLockdown  GPO.B、Configure the Deny Apply Group Policy permission for the sales executives on the DesktopLockdown  GPO.C、Configure the Deny Apply Group Policy permission for Authenticated Users on the DesktopLockdown  GPO.D、Configure the Allow Apply Group Policy permission for Authenticated Users on the DesktopLockdown  GPO.

Your network consists of a single Active Directory domain. All domain controllers run Windows  Server 2008 R2.     Auditing is configured to log changes made to the Managed By attribute on group objects in an  organizational unit named OU1.   You need to log changes made to the Description attribute on all group objects in OU1 only.     What should you do()A、Run auditpol.exe.B、Modify the auditing entry for OU1.C、Modify the auditing entry for the domain.D、Create a new Group Policy object (GPO). Enable the Audit account management policy setting link the GPO to OU1.

You have a single Active Directory directory service domain. You back up your domain controllers on a nightly basis. You perform Group Policy backups on a nightly basis. A Group Policy object (GPO) is accidentally deleted. You need to restore the GPO.  What should you do?()A、 Perform a nonauthoritative restore of the Active Directory database.B、 Perform an authoritative restore of the Active Directory database.C、 Select the Import Policy option in the Group Policy Object Editor.D、 Restore the GPO by using the Group Policy Management Console.

You have a single Active Directory directory service domain. You create organizational units (OUs)  named Corporate and Support. You move the corporate user and computer accounts into the Corporate  OU. You move the accounts of computers in the support department into the Support OU. You need to ensure that users have one screensaver while using computers that are in the Corporate OU, and aseparate screensaver while using computers that are in the Support OU.  What should you do?()A、 Create a new parent OU for the Corporate and Support OUs and name the parent OU Users. Move all user objects to the Users OU, and then create and link a Group Policy object (GPO) with the screensaver setting to the Users OU.B、 Create and link a Group Policy object (GPO) with the screensaver setting to the Support OU and select the Block Inheritance option.C、 Create and link a Group Policy object (GPO) with the screensaver setting to the Corporate OU, create and link a GPO with the screensaver setting to the Support OU, and then enable loopback processing in Replace mode on the Support OUs GPO.D、 Create and link a Group Policy object (GPO) with the screensaver setting to the Support OU and select the Enforced option.

Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. You provide access to some applications through a virtual desktop infrastructure (VDI) environment. All Remote Desktop Session Host (RD Session Host) server objects are located in an organizational unit (OU) named RDServers. All virtual desktop computers are located in an organizational unit (OU) named VirtualDesktops. All other client computer objects are located in an OU named Desktops. The drive holding the user profile cache on each RD Session Host server is running out of free diskspace. You need to restrict the amount of disk space used by the roaming user profile cache. What should you do?()A、Create a Group Policy object (GPO) that enables folder redirection for all users. Link the GPO to the RDServers OU.B、Create a Group Policy object (GPO) that enables folder redirection for all users. Link the GPO to the VirtualDesktops OU.C、Create a Group Policy object (GPO) that configures the Limit the size of the entire roaming user profile cache setting. Link the GPO to the RDServers OU.D、Create a Group Policy object (GPO) that configures the Limit the size of the entire roaming user profile cache setting. Link the GPO to the VirtualDesktops OU.

You are designing for implementing Group Policy objects (GPOs) to meet the business and technical requirement. What should you do?()A、Create one new GPO to enforce software restriction policies. Link this GPO to the domain.B、Create one new GPO to enforce software restriction policies. Link this GPO to the appropriate  organizational unit (OU).C、Create one new GPO to enforce software restriction policies. Link this GPO to all organizational units (OUs).D、Create new GPOs to match the number of organizational units (OUs).configure these GPOs to enforce software restriction policies. Link this GPO to its respective OU.

You need to configure the security settings for the new app servers. Which two actions should you perform?()A、Create a Group policy object (GPO) for the web servers.B、Create a Group policy object (GPO) for the database servers.C、Modify the Default Domain Policy.D、Modify the Default Domain Controllers Policy.

Your company has deployed network access protection (NAP) enforcement for VPNs. You need to ensure that the health of all clients can be monitored and reported. What should you do?()A、Create a group policy object (GPO) that enabled security center and link the policy to the domain.B、Create a group policy object (GPO) that enabled security center and link the policy to the domain controllers organizational unit (OU).C、Create a group policy object (GPO) and set the require trusted path for credential entry option to enabled. Link the policy to the domain.D、Create a group policy object (GPO) and set the require trusted path for credential entry option to Enabled. Link the policy to the domain controllers organizational unit (OU).

You need to recommend a strategy for managing Windows Firewall that meets the companys technical requirements. What should you include in the recommendation?()A、domain-based Group Policy objects (GPOs)B、local Group Policy objects (GPOs)C、Starter Group Policy objects (GPOs)D、System Starter Group Policy objects (GPOs)

单选题Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008. Auditing is configured to log changes made to the Managed By attribute on group objects in an organizational unit named OUI. You need to log changes made to the Description attribute on all group objects in OUI only. What should you do()ARun auditpol.exe.BModify the auditing entry for OUI.CModify the auditing entry for the domain.DCreate a new Group PolicyObject (GPO). Enable Audit account management policy setting. Link the GPO to OUI.

单选题Your network consists of a single Active Directory domain. All domain controllers run Windows Server  2008 R2. Auditing is configured to log changes made to the Managed By attribute on group objects in an  organizational unit named OU1.    You need to log changes made to the Description attribute on all group objects in OU1 only.  What should you do()ARun auditpol.exe.BModify the auditing entry for OU1.CModify the auditing entry for the domain.DCreate a new Group Policy object (GPO). Enable the Audit account management policy setting. Link  the GPO to OU1.

单选题Your company has an Active Directory forest that contains eight linked Group Policy Objects (GPOs). One of these GPOs publishes applications to user objects. A user reports that the application is not available for installation. You need to identify whether the GPO has been applied What should you do()ARun the Group Policy Results utility for the user.BRun the Group Policy Results utility for the computer.CRun the GPRESULT /SCOPE COMPUTER command at the command prompt.DRun the GPRESULT /S  /Z command at the command prompt.