You are the security administrator for your company. The network consists of two segments named Segment A and Segment B. The client computers on the network run Windows XP Professional. The servers run Windows Server 2003.
Segment A contains a single server named Server1. Segment B contains all other computers, including a server named Server2. The company’s written security policy states that Segment B must not be connected to the lnternet. Segment A is allowed to connect to the lnternet. There is no network connection between Segment A and Segment B. You can copy files from Segment A to Segment B only by using a CD-ROM to transport the files between the two segments. The network topology is displayed in the exhibit. (Click the Exhibit button.)
You are planning a patch management infrastructure. On Segment B, you install Software Update Services (SUS) on Server2. You configure Automatic Updates on all computers in Segment B to use http://Server2 and to install security patches.
You need to ensure that all computers in Segment B automatically install security patches. What should you do?
A.
Install SUS on Server1.
Periodically copy the files in the Content folder and in the SUS root folder from Server1 to Server2.
B.
Install SUS on Server1.
Periodically copy the files in the Content folder from Server1 to Server2.
Copy the Approveditems.txt file from Server1 to the Windows folder on Server2.
C.
On Server1, periodically connect to the Microsoft Windows Update Catalog Web site and download new security patches.
Copy the files to the Content folder on Server2.
D.
On Server1, configure Automatic Updates to use the URL of the Microsoft Windows Update Web site.
Periodically copy the downloaded files and the Mssecure.xml file to the Content folder on Server2.
That addresses seevarl of my concerns actually.