?
Solved

Server policy

Posted on 2011-02-22
4
Medium Priority
?
264 Views
Last Modified: 2012-05-11
The human resources department has servers that contain confidential
information stored in files. The client computers in the human resources
department access the confidential information over the LAN. The network design
requires that any access to the human resources department servers must be
encrypted to protect the confidentiality of the data transmissions.
You need to automatically enforce the network design requirement at regular
intervals. What should you do?
A. Assign the Secure Server (Require Security) IPSec policy to the human resources
department servers by using Group Policy
B. Assign the Secure Server (Require Security) IPSec policy to the human resources
department servers by using local policy
C. Apply the Hisecws.inf security template to the human resources department
servers by using Group Policy
D. Apply the Hisecws.inf security template to the human resources department
servers by using the secedit command
/////////////////////////////////////////////

I go for b since the server is on LAN
0
Comment
Question by:kunalclk
  • 2
4 Comments
 
LVL 7

Accepted Solution

by:
relliott66 earned 1000 total points
ID: 34957262
'A' is what I would select.  Why mess with local policy when you can set it in AD at Group Policy level and have it applied to all systems?  This will also take care of making sure the policy is applied to any systems brought into the network later on.
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 1000 total points
ID: 34958484
That's right A is correct answer. By default GPOs are reapplied after 90 minutes. So, even if someone makes any changes after 90 minutes it will be reverted by GPO which was linked to the OU with that/those server(s)

Regards,
Krzysztof
0
 
LVL 2

Author Closing Comment

by:kunalclk
ID: 34963668
tnx
0
 
LVL 7

Expert Comment

by:relliott66
ID: 34964421
no prob.  Feel free to continue posting the ones you are curious about on the tests, even with no or low points for assistance.  It's a good refresher for some of us :)
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question