###BeginCaseStudy###
Case Study: 9
Litware, Inc
Scenario
COMPANY OVERVIEW
Litware, Inc. is a manufacturing company that has a main office and two branch office. The
main office is located in Montreal. The branch offices are located in Seattle and New York.
The main office has 4,000 users. The branch offices each have 500 users.
PLANNED CHANGES
Litware plans to open a new sales office. The sales office will have a direct connection to the
Internet. The sales office will have a single server. The sales office requires a connection to
the Montreal office. The connection to the Montreal office must use either TCP port 80 or
TCP port 443. The network currently contains a Fibre Channel Storage Area Network (SAN).
A new iSCSI SAN will be implemented during the next month. The current SAN and the new
SAN are from different manufacturers. Both SANs use a virtual disk service (VDS) interface.
EXISTING ENVIRONMENT
All servers run Windows Server 2008 R2. All client computers run Windows 7 Enterprise.
The main office has a single DHCP server. The IP addresses for all of the client computers
must be assigned from the DHCP server. All software is installed from a central software
distribution point in the main office. Software deployments for the branch offices frequently
fail due to bandwidth limitations.
Existing Active Directory/Directory Services
The network contains a single Active Directory domain named litwareinc.com. Each office
has two domain controllers.
Current Administration Model
Currently, all help desk users have full administrator rights to the servers. The help desk users
use Remote Desktop to log on to the servers and perform tasks such as managing Active
Directory user accounts and creating DHCP reservations.
TECHNICAL REQUIREMENTS
Windows Firewall must be managed by using the minimum amount of administrative effort.
Windows Firewall configurations must be duplicated easily between servers that have the
same server role. Litware must centralize the monitoring of critical system events. The
monitoring solution must use the existing infrastructure. Litware plans to prevent help desk
users from interactively logging on to servers. Help desk users must not have full
administrator rights to the servers.
The software deployment process must be updated to meet the following requirements:
• Application source files must be centrally managed.
• Software deployments to the offices in Seattle and New York must remain unaffected
if a WAN link fails.
The SANs must be administered by using a single tool.
###EndCaseStudy###
You need to recommend a strategy for managing Windows Firewall that meets the company’s
technical requirements. What should you include in the recommendation?
A.
domainbased Group Policy objects (GPOs)
B.
local Group Policy objects (GPOs)
C.
Starter Group Policy objects (GPOs)
D.
System Starter Group Policy objects (GPOs)
Explanation:
http ://technet.microsoft.com/en-us/library/ee461027.aspx
The Windows PowerShell command-line and scripting language can be used to automate many
Group Policy tasks, including configuring registry-based policy settings and various Group PolicyManagement Console (GPMC) tasks. To help you perform these tasks, the Group Policy module for
Windows PowerShell provides the cmdlets covered in this section.
You can use these Group Policy cmdlets to perform the following tasks for domain-based Group
Policy objects (GPOs):
Maintain GPOs: GPO creation, removal, backup, reporting, and import.
Associate GPOs with Active Directory Directory Services (AD DS) containers: Group Policy link
creation, update, and removal.
Set inheritance and permissions on AD DS organizational units (OUs) and domains.
Configure registry-based policy settings and Group Policy Preferences Registry settings.