You work as the network administrator at Domain.com. The Domain.com network consists of a single Active Directory domain named Domain.com. Domain.com has its headquarters located in London and branch office located in Paris. All servers on the Domain.com network run Windows Server 2008 and all client computers run Windows Vista. Domain.com currently makes use of two computers named CERTKILLER-DC01 and CERTKILLER-DC02 configured as domain controllers.
During the course of the day you receive instruction from Domain.com to have the Audit account management policy and Audit directory services access settings enabled. Domain.com has additionally requested that you make sure Active Directory objects modifications are logged by ensuring that the modifications displays the new and old values of the elements.
What should you do?
A.
Your best option would be to have Audipol.exe executed.
B.
Your best option would be to have the Audit Directory services access setting as well as the directory service modifications enabled.
C.
Your best option would be to have the Audit account management policy disabled.
D.
Your best option would be to have Auditpol.exe executed.
Explanation:
Thereafter the default domain policy disabled.
Thereafter the Audit account management policy should be re-enabled.
Thereafter the security settings of the domain controllers organizational unit should be configured.
In order to make sure the changes made to active directory objects are logged and the logs show the old and new values of any attribute. Audipol.exe should be run and the security settings configured for the domain controllers Organizational Unit.
I agree with the answer. D