1. | You want to install the administrative tools on the computers of all members of the IT department, in all locations. What is the best way to accomplish this task?
|
|
2. | How would you ensure IPSec communication between the Atlanta and Chicago offices? (Choose all that apply.)
|
|
3. | Once corporate standards are applied and defined in a GPO, where should that GPO be linked?
|
|
4. | Assign the following group policies to the appropriate locations within Active Directory. |
|
Answers
1. | A. Group Policy allows you to define a GPO that contains software installation settings and to link that GPO to an OU, a site, or domain. Because you are planning on rolling out the administrative tools only to users with administrative needs, you should create a GPO that has the software installation option set for users and link it to the OU where the administrative users are located. |
2. | B, D. The communication between the two locations needs to be encrypted, but internal communication between clients and servers within the Atlanta office was not defined as needing encrypted communication. Therefore, a server acting as a VPN server would best fit the needs, and the IPSec GPO should be applied to it. |
3. | D. Corporate standards are settings that will apply to all users in the domain. When a user logs on to the domain, these settings should take effect, no matter where the user logs on. In order to accomplish this, the same settings must be in place on all domains in the forest. The GPO should be copied to all domains and linked at the root of each domain. |
4. | The Default Domain Policy will always be applied at the domain level. The Corporate Standards GPO should be linked at the domain level also so that all users are under the control of these settings. Because each of the locations will be using a standard set of applications, the User Application policy should be copied to each domain and linked to the Users OU. The Administrative Tools GPO should be linked at the Admins OU so that all of the administrative staff will have the administrative tools added to computers where they log on. The Atlanta IPSec policy should be copied to each domain and linked to the VPNServers OU in each domain. |