Which of the following actions should you take?

You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named
Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server
2012 installed.
You have been instructed to modify the name of the local Administrator account on all Contoso.com
workstations. You want to achieve this using as little administrative effort as possible.
Which of the following actions should you take?

You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named
Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server
2012 installed.
You have been instructed to modify the name of the local Administrator account on all Contoso.com
workstations. You want to achieve this using as little administrative effort as possible.
Which of the following actions should you take?

A.
You should consider configuring the Security Options settings via the Group Policy Management Console(GPMC).

B.
You should consider navigating to Local Users and Groups via Computer

C.
You should consider configuring the replication settings.

D.
You should consider navigating to Local Users and Groups via Computer Management on each
workstation.

Explanation:
Rename administrator account policy setting determines whether a different account name is associated with
the security identifier (SID) for the Administrator account.
Because the Administrator account exists on all Windows server versions, renaming the account makes it
slightly more difficult for attackers to guess this user name and password combination. By default, the built-in
Administrator account cannot be locked out no matter how many times a malicious user might use a bad
password. This makes the Administrator account a popular target for brute-force password-guessing attacks.
The value of this countermeasure is lessened because this account has a well-known SID and there are nonMicrosoft tools that allow you to initiate a brute-force attack over the network by specifying the SID rather than
the account name. This means that even if you have renamed the Administrator account, a malicious user
could start a brute-force attack by using the SID.
Rename the Administrator account by specifying a value for the Accounts: Rename administrator account
policy setting.
Location: GPO_name\\Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security
Options



Leave a Reply 0

Your email address will not be published. Required fields are marked *