Testlet: Fabrikam Inc
You need to protect the confidential data files on File2 against unauthorized offline access.
What should you use?\r\n
COMPANY OVERVIEW
Fabrikam Inc. is a manufacturing company that has amain office and a branch office.
PLANNED CHANGES
You plan to deploy a failover cluster named Cluster1 in the branch office. Cluster1 will be configuredto meet
the following requirements:
The cluster will host eight virtual machines (VMs).
The cluster will consist of two nodes named Node1 and Node2.
The quorum mode for the cluster will be set to Nodeand Disk Majority.
A user named Admin1 will configure the virtual switch configuration of the VMs.
The cluster nodes will use shared storage on an iSCSI Storage Area Network (SAN).
You plan to configure a VM named File2 as a file server. Users will store confidential files on File2.
You plan to deploy a Microsoft Forefront Threat Management Gateway (TMG) server in each site. The
Forefront TMG server will be configured as a Web proxy.
EXISTING ENVIRONMENT
The research department is located in the branch office. Research users frequently travel to the main office.
Existing Active Directory/Directory Services
The network contains a single-domain Active Directory forest named fabrikam.com. The functional level of
the forest is Windows Server 2008.
The relevant organizational units (OUs) for the domain are configured as shown in the following table.
The relevant sites for the network are configured shown in the following table.
The relevant group policy objects (GPOs) are configured as shown in the following table.
Existing Network Infrastructure
All users run windows server 2008 R2. The relevant servers are configured as shown in following table.
WSUS2 is configured as a downstream replica server.
File1 contains a share named Templates. Users access the Templates share by using the path \\fabrikam.
com\dfs\templates.
File1 has the Distributed File System (DFS) Replication role service and the DFS Namespaces role service
installed.
TECHNICAL REQUIREMENTS
Fabrikam must meet the following requirements:
Minimize the cost of IT purchases.
Minimize the potential attack surface on the servers.
Minimize the number of rights assigned to administrators.
Minimize the number of updates that must be installed on the servers.
Ensure that Internet Explorer uses the local ForeFront TMG server to connect to the Internet.
Ensure that all client computers continue to receive updates from WSUS if a WSUS server fails.
Prevent unauthorized users from accessing the data stored on the VMs by making offline copies of the
VM files.
Fabrikam must meet the following requirements for the Templates share:
Ensure that users access the files in the Templatesshare from a server in their local site.
Ensure that users always use the same UNC path to access the Templates share, regardless of the site
in which the users are located.
A.
Encrypting File System (EFS) on File2
B.
File screens on Node1 and Node2
C.
NTFS permissions on File2
D.
Windows BitLocker Drive Encryption (BitLocker) on Node1 and Node2