Your network consists of a single Active Directory domain.
The functional level of the domain is Windows Server 2008 R2. All domain controllers run Windows Server
2008 R2.
A corporate policy requires that the users from theresearch department have higher levels of account and
password security than other users in the domain.
You need to recommend a solution that meets the requirements of the corporate policy. Your solution must
minimize hardware and software costs.
What should you recommend?
A.
Create a new Active Directory site. Deploy a Group Policy object (GPO) to the site.
B.
Create a new Password Settings Object (PSO) for the research department’s users.
C.
Create a new organizational unit (OU) named Research in the existing domain. Deploy a Group Policy
object (GPO) to the Research OU.
D.
Create a new domain in the forest. Add the research department’s user accounts to the new domain.
Configure a new security policy in the new domain.
Explanation:
AD DS FINE-GRAINED PASSWORD POLICY
You can use fine-grained password policies to specify multiple password policies within a single domain. You
can use fine-grained password policies to apply different restrictions for password and account lockout policies
to different GROUPS/USERS (instead of organizational unit) in a domain.
http://technet.microsoft.com/en-us/library/cc754461.aspx