Your role of Network Administrator at ABC.com includes the management of the Active Directory
Domain Services (AD DS) domain named ABC.com. The network includes servers that run
Windows Server 2012.
All client computers run Windows 7 or Windows 8.
A new company security policy states that files on client computers should be encrypted. To
comply with the security policy, you plan to implement Encrypting File System (EFS).
You install a server named TK-CA1. You install the Active Directory Certificate Services server
role on TK-CA1 and configure the server as an Enterprise Root Certification Authority (CA).
You configure a group policy object (GPO) that will apply to the client computers.
You need to configure the GPO to ensure that self-signed certificates for EFS are not generated
when users encrypt their files. You expand the Computer Configuration > Windows Settings >
Security Settings nodes in the GPO.
What should you configure in the GPO?
A.
You should configure policy settings under the Account Policies node in the GPO.
B.
You should configure policy settings under the File System node in the GPO.
C.
You should configure policy settings under the Public Key Policies node in the GPO.
D.
You should configure policy settings under the Application Control Policies node in the GPO.
E.
You should configure policy settings under the IP Security Policies on Active Directory node in
the GPO.