You are an administrator at ABC.com.
The company has a network of5 member serversacting as file servers.
It has an Active Directory domain.
You have installed a software application on the servers.
As soon as the application is installed, one of the member servers shuts down.
To trace and rectify the problem, you create a Group Policy Object(GPO).
You need to change the domain security settings to trace the shutdowns and identify the cause of it.
What should you do to perform this task?
A.
Link the GPO to the domain and enable System Events option
B.
Link the GPO to the domain and enable Audit Object Access option
C.
Link the GPO to the Domain Controllers and enableAudit Object Access option
D.
Link the GPO to the Domain Controllers and enableAudit Process tracking option
E.
Perform all of the above actions
Explanation:
http://msdn.microsoft.com/en-us/library/ms813610.aspx
Audit system events
Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy
Description
Determines whether to audit when a user restarts orshuts down the computer; or an event has occurred that
affects either the system security or the security log.
By default, this value is set to No auditingin the Default Domain Controller Group Policy object (GPO) and in
the local policies of workstations and servers.
If you define this policy setting, you can specify whether to audit successes, audit failures, or not to audit the
event type at all. Successaudits generate an audit entry when a system eventis successfully executed.
Failureaudits generate an audit entry when a system eventis unsuccessfully attempted. You can selectNo
auditingby defining the policy setting and unchecking Successand Failure.