###BeginCaseStudy###
Case Study: 8
Graphic Design Institute, Case A
Scenario
COMPANY OVERVIEW
Graphic Design Institute is a training company that has a main office and 10 branch offices.
The main office is located in Bangalore.
PLANNED CHANGES
Graphic Design Institute plans to implement the following changes:
• Deploy a new two-node failover cluster that runs the Hyper-V server role on each
node.
• Ensure that intra-cluster network traffic is isolated from all other network traffic.
• Implement Network Access Protection (NAP) for all of the client computers on the
internal network and for all of the client computers that connect remotely.
EXISTING ENVIRONMENT
The relevant servers in the main office are configured as shown in the following table.
The server has the following configurations:
• NPAS1 contains a static IP address pool,
• Web1, Web2, and Web3host a copy of the corporate Web site.
• Web1, Web2, and Web3 are located in the perimeter network and belong to a
workgroup.
All client computers run Windows XP Professional, Windows Vista Enterprise, or Windows
7 Enterprise, All client computers are members of the domain.
Some users work remotely. To access the company’s internal resources, the remote users use
a VPN connection to NPAS1.
Existing Active Directors/Directory Services
The network contains a single-domain Active Directory forest named
graphicdesigninstitute.com. The Active Directory Recycle Bin is enabled.
Existing Network Infrastructure
Graphic Design Institute has an internal network and a perimeter network.
The network contains network switches and wireless access points (WAPs) from multiple
vendors. Some of the network devices are more than 10 years old and do not support portbased authentication.
TECHNICAL REQUIREMENTS
All of the accounts used for administration must be assigned the minimum amount of
permissions.
Web1, Web2, and Web3 must have the identical configurations for the corporate Web site.
The Web servers must contain a local copy of all the Web pages in the Web site. When a
Web page is modified on any of the Web servers, the modifications must be copied
automatically to all of the Web servers.
A user named Admin1 must be responsible for performing the following tasks:
• Restarting all of the Web servers.
• Backing up and restoring the files on all of the Web servers.
A user named Admin2 must be responsible for performing the following tasks:
• Backing up the Active Directory database.
• Recovering deleted objects from the Active Directory Recycle Bin.
###EndCaseStudy###
You need to ensure that Admin2 can administer Active Directory to meet the company’s technical
requirements. What should you do?
A.
Add Admin2 to the Domain Admins global group.
B.
Add Admin2 to the Backup Operators domain local group.
C.
Delegate full control ofall objects in graphicdesigninstitute.com to Admin2.
D.
Delegate full control of all objects in the Domain Controllers organizational unit (OU) to Admin2.
Explanation:
You can enable Active Directory Recycle Bin only if the forest functional level of your environment is
set to Windows Server 2008 R2. Membership in Domain Admins, or equivalent, is the minimum
required to use AD recycle bin