You work as the network administrator at Domain.com. The Domain.com network consists of a single Active Directory domain named Domain.com. Domain.com has its headquarters located in London and branch office located in Paris. All servers on the Domain.com network run Windows Server 2008 and all client computers run Windows Vista.
During the course of the day you receive instruction from Domain.com to create an organizational unit named Products hosting two global groups named KingSales and KingSecurity. Domain.com has recently additionally asked you to apply desktop restrictions to the KingSecurity group whilst ensuring that the KingSales group does not have the desktop restrictions applied. You started by creating a GPO named KingLockdown and linked it to the Products OU.
What should you do?
A.
You should consider having the Allow Apply Group Policy permission set for the Local domain users on KingLockdown GPO.
B.
You should consider having the Allow Apply Group Policy permission set for the Authenticated Users on KingLockdown GPO.
C.
You should consider having the Deny Apply Group Policy permission set for the KingSales on the KingLockdown GPO.
D.
You should consider having the Deny Apply Group Policy permission set for the KingSecurity Executives on the KingLockdown GPO.
I have the same idea. C