You are a security administrator for certifyme.com. The network consists of a single
Active Directory domain named certifyme.com. The network contains Windows XP
Professional client computers and Windows Server 2003 computers.
The domain contains three domain controllers. All domain controllers are in the
Domain Controllers OU. A new password policy is defined in a security template
named certifyme.inf. 350-001
You need to implement the new password policy for domain accounts.
What should you do?
A. Import the certifyme.inf security template into the Default Domain Policy GPO.
B. Import the certifyme.inf security template into the Default Domain Controllers Policy
GPO.
C. On each domain controller, import the certifyme.inf security template into the local
computer policy. 640-802
D. On each domain controller, import the certifyme.inf security template into Security
Configuration and Analysis, and then use the Configure Computer Now command.
E. On each domain controller, run the secedit /import certifyme.inf command and then
runt secedit /configure command.
Answer: B
Why import on the "Default Domain Policy's"? The question states that the new
password policy has to be implemented for "domain accounts"!
The Domain accounts are all managed on the three domain controllers. So we need to
import the inf-template only into the "Default Domain Controller Policy"!
Leading the way in IT testing and certification tools, www.certifyme.com
- 103 - VCP-310
When we would import the inf-template, with the password policy, into the "Default
Domain Policy" also Client Computers would be affected and also local
Computer-Accounts would get this new password policy, what's not stating in the
question, only domain accounts.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment