What should you configure?

Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012. Server1 has the Remote
Desktop Session Host role service installed. The computer account of Server1 resides in an
organizational unit (OU) named OU1.
You create and link a Group Policy object (GPO) named GPO1 to OU1. GPO1 is configured
as shown in the exhibit. (Click the Exhibit button.)

You need to prevent GPO1 from applying to your user account when you log on to Server1.
GPO1 must apply to every other user who logs on to Server1.
What should you configure?

Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012. Server1 has the Remote
Desktop Session Host role service installed. The computer account of Server1 resides in an
organizational unit (OU) named OU1.
You create and link a Group Policy object (GPO) named GPO1 to OU1. GPO1 is configured
as shown in the exhibit. (Click the Exhibit button.)

You need to prevent GPO1 from applying to your user account when you log on to Server1.
GPO1 must apply to every other user who logs on to Server1.
What should you configure?

A.
Item-level targeting

B.
Security Filtering

C.
Block Inheritance

D.
WMI Filtering



Leave a Reply 7

Your email address will not be published. Required fields are marked *


mina

mina

I think its either A or B can’t be C

KK

KK

answer on 417 v3. show Answer B. Security Filtering

Danshi

Danshi

B security filtering.

item-level targeting only applies to Group Policy Preferences, not policies which are shown set in the graphic.

MJG

MJG

My only problem with this question is that you cannot really nail down who receives this policy.

The question asks to “prevent GPO1 from applying to your user account” BUT “must apply to every other user that logs in”

Adding users to security filtering is only there to APPLY the policy to users and groups.

By using security filtering, you will literally have to add in every single user except your own.

If your network has 500 users, you have to add 499 entries in security filtering because you want the policy to apply to everyone else except you.

Its the right answer, but requires a lot of administrative work.

asdbob

asdbob

u can go to security tab and deny the apply of gp to that user only