What should you recommend?

Your company has two divisions named Division1 and Division2.
The network contains an Active Directory domain named contoso.com. The domain contains two child domains
named divisionl.contoso.com and division2.contoso.com.
The company sells Division1 to another company.
You need to prevent administrators in contoso.com and division2.contoso.com from gaining administrative
access to the resources in divisionl.contoso.com.
What should you recommend?

Your company has two divisions named Division1 and Division2.
The network contains an Active Directory domain named contoso.com. The domain contains two child domains
named divisionl.contoso.com and division2.contoso.com.
The company sells Division1 to another company.
You need to prevent administrators in contoso.com and division2.contoso.com from gaining administrative
access to the resources in divisionl.contoso.com.
What should you recommend?

A.
Create a new tree in the forest named contoso.secure. Migrate the resources and the accounts in
divisionl.contoso.com to contoso.secure.

B.
On the domain controller accounts in divisionl.contoso.com, deny the Enterprise Admins group the Allowed
to Authenticate permission.

C.
Create a new forest and migrate the resources andthe accounts in divisionl.contoso.com to the new forest.

D.
In divisionl.contoso.com, remove the Enterprise Admins group from the Domain Admins group and remove
the Enterprise Admins group from the access controllist (ACL) on the divisionl.contoso.com domain object.



Leave a Reply 0

Your email address will not be published. Required fields are marked *