?
Solved

Server policy

Posted on 2011-02-22
4
Medium Priority
?
259 Views
Last Modified: 2012-05-11
The human resources department has servers that contain confidential
information stored in files. The client computers in the human resources
department access the confidential information over the LAN. The network design
requires that any access to the human resources department servers must be
encrypted to protect the confidentiality of the data transmissions.
You need to automatically enforce the network design requirement at regular
intervals. What should you do?
A. Assign the Secure Server (Require Security) IPSec policy to the human resources
department servers by using Group Policy
B. Assign the Secure Server (Require Security) IPSec policy to the human resources
department servers by using local policy
C. Apply the Hisecws.inf security template to the human resources department
servers by using Group Policy
D. Apply the Hisecws.inf security template to the human resources department
servers by using the secedit command
/////////////////////////////////////////////

I go for b since the server is on LAN
0
Comment
Question by:kunalclk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 7

Accepted Solution

by:
relliott66 earned 1000 total points
ID: 34957262
'A' is what I would select.  Why mess with local policy when you can set it in AD at Group Policy level and have it applied to all systems?  This will also take care of making sure the policy is applied to any systems brought into the network later on.
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 1000 total points
ID: 34958484
That's right A is correct answer. By default GPOs are reapplied after 90 minutes. So, even if someone makes any changes after 90 minutes it will be reverted by GPO which was linked to the OU with that/those server(s)

Regards,
Krzysztof
0
 
LVL 2

Author Closing Comment

by:kunalclk
ID: 34963668
tnx
0
 
LVL 7

Expert Comment

by:relliott66
ID: 34964421
no prob.  Feel free to continue posting the ones you are curious about on the tests, even with no or low points for assistance.  It's a good refresher for some of us :)
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question