You work as the network administrator at certifyme.com. The certifyme.com
network consists of a single Active Directory domain named certifyme.com. All
servers on the certifyme.com network run Windows Server 2003 and all client
computers run Windows XP Professional.
Leading the way in IT testing and certification tools, www.certifyme.com
- 34 -
All file servers on the network store confidential information and all file servers
have auditing configured. All file servers are stored in an organizational unit (OU)
named FileServers. As the senior network administrator you are responsible for
ensuring that the log size and retention settings for the event logs of all file servers
remain as is. No administrators are allowed to make changes to any of these settings
locally, on any file servers.
While verifying the configuration for generating event logs on a file server named
certifyme-SR11, you notice that the log size and retention settings have changed.
You also discover that two other file servers have had these settings changed as well.
This is undesirable and you thus received instruction to address the issue. 350-001
There are thus a few tasks at hand:
1. Applying the same log size and retention settings for event logs for all
certifyme.com file servers.
2. Performing the configuration which will ensure that no administrators can
change an event log's log size and retention settings at some future date.
What should you do?
A. Log on to your client computer using your Enterprise Admins group membership.
Connect to each file server and configure the proper log size and retention settings in
Event Viewer.
B. Configure a new Group Policy object (GPO) with the proper log size and retention
settings.
Link the GPO to the FileServers OU.
C. Establish a Remote Desktop connection to connect to each file server.
Connect to each file server and configure the proper log size and retention settings in
Event Viewer.
D. Configure a new security template that contains the proper log size and retention
settings using the Security Configuration and Analysis tool on a file server. 640-802
Import the new security template to the local security policy of all other file servers.
Answer: B
Explanation:
Leading the way in IT testing and certification tools, www.certifyme.com
- 35 -
Group Policy is an Active Directory feature that provides the means for you to
efficiently manage large numbers of computers. You can manage user and
computer configuration settings centrally through applying Group Policy settings to
the appropriate Active Directory container. Group Policy settings are stored in a
Group Policy Object (GPO).You can define and link GPOs to a specific OU in
Active Directory. The GPOs are then applied to all Active Directory objects stored
within the specific OU. Group Policy application starts at the top of the domain tree,
and then moves down to the OU containing the user object or computer object. OU
GPOs have the highest precedence. In your case, to prevent other administrators
from logging on to a file server locally and changing the log size and retention
settings, you have to configure a new Group Policy object (GPO) with the proper log
size and retention settings. You have to then link the GPO to the FileServers OU,
which is the OU containing all file servers. This will also update all file servers to
have the same log size and retention settings. VCP-310
Incorrect Answers:
A, C: You have to use Group Policy settings to ensure that the log size and retention
settings are not overridden by any administrators logging on to file servers and updating
the Properties sheet of the event log. A GPO will override all locally configured settings
on the file servers.
D: This option will not work because a security template is not used to define the log size
and retention settings of an event log.
Reference:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment