###BeginCaseStudy###
Case Study: 1
Contoso Ltd
Overview
Contoso, Ltd., is a healthcare company in Europe that has 2,000 users. The company is
migrating to Windows Server 2012.
The company has two main offices and two branch offices. The main offices are located in
Paris and Amsterdam. One of the branch offices is a sales office located in Berlin. The other
branch office is a research office located in Brussels.
The offices connect to each other by using a WAN link.
Current Environment
Active Directory
The network contains an Active Directory forest named contoso.com. An Active Directory
site exists for each office.
The forest contains a child domain named research.contoso.com.
The functional level of both the domains is Windows Server 2008.
In each site, there are two domain controllers for the contoso.com domain and two domain
controllers for the research.contoso.com domain. The domain controllers run Windows
Server 2008 R2.
All of the domain controllers are global catalog servers.
The FSMO roles were not moved since the domains were deployed.
Network Infrastructure
All servers run Windows Server 2008 R2.
Each user has a laptop computer that runs Windows 7.
The company has 10 print servers. Each print server contains several shared printers.
The company has 10 file servers that have the following disk configurations:
• A simple volume named C that is the System and Boot volume and is formatted
NTFS
• A mounted virtual hard disk (VHD) named DATA that is formatted NTFS
• A simple volume named D that is formatted FAT32
• A simple volume named E that is formatted NTFS
• A Clustered Shared Volume (CSV)
The Paris office contains a server named PA1. The Amsterdam office contains a server
named AM1. Both servers have the following server roles installed:
• DNS Server
• DHCP Server
• Remote Access
The DNS servers are configured to use the DNS servers of the company’s Internet Service
Provider (ISP) as forwarders.
Users often work remotely. The users access the internal network by using an SSTP-based
VPN connection.
Requirements
Planned Changes
The company plans to implement the following changes:
• Create a child domain named sales.contoso.com. Only the domain controllers in
sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers
in sales.contoso.com will run Windows Server 2012. The client computers in
sales.contoso.com will use the sales.contoso.com domain controllers as their DNS servers.
• Implement two servers in the Amsterdam office and two servers in the Paris office to
replace PA1 and AMI. These new servers will run Windows Server 2012 and will not have
shared storage.
• Decommission the research.contoso.com domain. All of the users and the Group
Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
• Migrate the existing print queues to virtualized instances of Windows Server 2012.
• Migrate the file servers to new servers that run Windows Server 2012.
• Implement RADIUS authentication for VPN connections.
• Deploy Windows Server 2012 to all new servers.
Technical Requirements
The company identifies following technical requirements:
• All changes to Group Policies must be logged.
• Network Access Protection (NAP) policies must be managed centrally.
• Core networking services in each office must be redundant if a server fails.
• The possibility of IP address conflicts during the DHCP migration must be
minimized.
• A central log of the IP address leases and the users associated to those leases must be
created.
• All of the client computers must be able to resolve internal names and internet names.
• Administrators in the Paris office need to deploy a series of desktop restrictions to the
entire company by using Group Policy.
• The new sales.contoso.com domain will contain a web application that will access
data from a Microsoft SQL Server located in the contoso.com domain. The web application
must use integrated Windows authentication. Users’ credentials must be passed from the web
applications to the SQL Server.
###EndCaseStudy###
You need to recommend a management solution for the GPOs. The solution must meet the
technical requirements. What should you include in the recommendation?
A.
Microsoft Baseline Security Analyzer (MBSA)
B.
Microsoft Desktop Optimization Pack (MDOP)
C.
Microsoft System Center 2012 Operations Manager
D.
Microsoft System Center 2012 Data Protection Manager (DPM)
Microsoft Desktop Optimization Pack
Windows Vista Enterprise helps global organizations and enterprises with complex IT
infrastructures lower IT costs, reduce risk, and stay connected. The Microsoft Desktop
Optimization Pack for Software Assurance further extends this value by reducing application
deployment costs, enabling delivery of applications as services, and allowing for bettermanagement and control of enterprise desktop environments. Together these technologies
deliver a highly cost-effective and flexible Windows desktop management solution.
What is the Microsoft Desktop Optimization Pack?
The Microsoft Desktop Optimization Pack (MDOP) for Software Assurance is an add-on
subscription license available to Software Assurance customers. It uses innovative
technologies to help reduce the total cost of ownership (TCO) of the Windows desktop by
accelerating operating system and application management and enhancing IT
responsiveness and end-user uptime. It will enable you to better control the desktop,
accelerate and simplify desktop deployments and management, and create a dynamic
infrastructure by turning software into centrally managed services.
MDOP facilitates accelerated deployment and manageability of Windows through these
innovative technologies— available only to Windows Software Assurance customers.
http://technet.microsoft.com/en-us/library/cc507880.aspx
Given answer is correct:
http://blogs.msdn.com/b/canberrapfe/archive/2012/05/02/auditing-group-policy-changes.aspx
The information and facts talked about inside the article are a few of the most effective available.