Your network contains an Active Directory domain named contoso.com.
All of the AppLocker policy settings for the member servers are configured in a Group Policy
object (GPO) named GPO1.
A member server named Server1 runs Windows Server 2012 R2.
On Server1, you test a new set of AppLocker policy settings by using a local computer
policy.
You need to merge the local AppLocker policy settings from Server1 into the AppLocker
policy settings of GPO1.
What should you do?
A.
From Local Group Policy Editor on Server1, export an .inf file. Import the .inf file by using
Group Policy Management Editor.
B.
From Server1, run the Set-ApplockerPolicycmdlet.
C.
From Local Group Policy Editor on Server1, export an .xml file. Import the .xml file by
using Group Policy Management Editor.
D.
From Server1, run the New-ApplockerPolicycmdlet.
Explanation:
The Set-AppLockerPolicy cmdlet sets the specified Group Policy Object (GPO) to contain
the specified AppLocker policy. If no Lightweight Directory Access Protocol (LDAP) is
specified, the local GPO is the default.
When the Merge parameter is used, rules in the specified AppLocker policy will be merged
with the AppLocker rules in the target GPO specified in the LDAP path. The merging of
policies will remove rules with duplicate rule IDs, and the enforcement setting specified by
the AppLocker policy in the target GPO will be preserved. If the Merge parameter is not
specified, then the new policy will overwrite the existing policy.
References:
http://technet.microsoft.com/en-us/library/ee791816(v=ws.10).aspx
Exam Ref 70-410: Installing and configuring Windows Server 2012 R2, Chapter 10:
Implementing Group Policy, Lesson1: Planning, Implementing and managing Group Policy, p. 479
C
https://technet.microsoft.com/en-us/library/ee460965.aspx
Looks like the answer is B to me. The Set-AppLockerPolicy cmdlet has a merge parameter.
From the above link reference:
C:\PS>Get-AppLockerPolicy -Local | Set-AppLockerPolicy -LDAP “LDAP://DC13.Contoso.com/CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Contoso,DC=com” -Merge
Gets the local AppLocker policy, and then merges the policy with the existing AppLocker policy in the GPO specified in the LDAP path. See the Merge parameter description for more details on how two policies are merged.
Paul is right, Answer is ‘B’ – Set-ApplockerPolicycmdlet
https://technet.microsoft.com/en-us/library/ee791816.aspx
B is correct answer
here is link how to merge policy Manualy using XML
https://technet.microsoft.com/en-us/library/ee791754(WS.10).aspx