Testlet: Trey Research
You need to identify each help desk user who bypasses the new corporate security policy.
What should you do?\r\n
COMPANY OVERVIEW
Trey Research is a pharmaceutical company that has a main office and two branch offices.
The main office is located in Denver. The branch offices are located in New York and Seattle. The main
office has 10,000 users. Each branch office has approximately 200 users.
PLANNED CHANGES
You plan to deploy a new application named App1. App1 is developed in-house. The binary executables
and support files for App1 contain sensitive intellectual property.
Users must access App1 through document invocation.The users must be prevented from directly copying
or accessing the App1 program files.
EXISTING ENVIRONMENT
The network contains a single Active Directory domain named treyresearch.com.
All servers run Windows Server 2008 R2. All client computers run Windows 7 Enterprise.
The network contains a Web server named Web1 that hosts an intranet site. All users use Web1.
Users report that access to the content on Web1 is slow. You discover that the CPU utilization of Web1is
approximately 90 percent during peak hours.
Microsoft System Center Configuration Manager is used to deploy updates to all of the client computers.
Existing Network Infrastructure
Each office has several file servers. The file servers have a limited amount of storage space. Users access
the data on all of the file servers.
Each branch office has a WAN link to the main office. Users in the branch office frequently access thefile
server in the main office.
Current Administration Model
All servers are currently administered remotely by using Remote Desktop. Help desk users perform the
following administrative tasks in the domain:
Manage printers.
Create shared folders.
Manage Active Directory users.
Modify file permissions and share permissions.
All of the help desk users are members of a global group named HelpDesk.
Business Goals
Trey Research has the following business goals:
Minimize the cost of making changes to the environment.
Minimize the cost of managing the network infrastructure and the servers.
REQUIREMENTS
Technical Requirements
Trey Research plans to virtualize all of the servers during the next three years.
Trey Research must meet the following technical requirements for virtualization:
Simplify the management of all hardware.
Allocate CPU resources between virtual machines (VMs).
Ensure that the VMs can connect to multiple virtuallocal area networks (VLANs).
Minimize the amount of administrative effort required to convert physical servers to VMs.
Trey Research must ensure that users can access content in the shared folders if a single server fails. The
solution must also reduce the amount of bandwidth used to access the shared folders from the branch
offices.
Trey Research must meet the following technical requirements for the intranet site:
Improve response time for users.
Provide redundancy if a single server fails.
Security Requirements
A new corporate security policy states that only Enterprise Administrators are allowed to interactively log on
to servers.
User Requirements
Users report that it is difficult to locate files in the shared folders across the network. The users want a
single point of access for all of the shared folders in the company.
A.
Configure Audit Special Logon and define Special Groups.
B.
Configure Audit Other Privilege Use Events and define Special Groups.
C.
Configure Audit Sensitive Privilege Use and configure auditing for the HelpDesk group.
D.
Configure Audit Object Access and modify the auditing settings for the HelpDesk group.
It made sense as i looked at rechnet, cause i never heard about Special Logon.
correct, solution to grant more rights.
http://technet.microsoft.com/en-us/library/dd772635(v=ws.10).aspx
🙂
Mathias