Your network consists of one Active Directory domain. All domain controllers run either Windows Server 2008 R2 or Windows Server 2003 SP2. A custom application stores passwords in Active Directory. You plan to deploy read-only domain controllers (RODCs) on the network.
You need to prevent custom application passwords from being replicated to the ROOCs.
What should you do?
A.
Upgrade the schema master to Windows Server 2008 R2. Configure a fine-gained password policy.
B.
Upgrade the infrastructure master to Windows Server 2008 R2. Mark the custom application password attribute as confidential.
C.
Upgrade all domain controllers to Windows Server 2008 R2. Add the custom application password attribute to the RODC filtered attribute set and mark the attribute as confidential.
D.
Upgrade all domain controllers to Windows Server 2008 R2. Set the functional level of the forest and the domain to Windows Server 2008 R2. Configure a fine-grained password policy
Woah this blog is magnificent i love studying your articles. Keep up the good paintings! You realize, a lot of individuals are searching round for this information, you could help them greatly.
I am sure there are certain utilities that mostly effectively attempt to unhash passwords but they actually require verified access to the DC.
https://technet.microsoft.com/en-us/library/cc753459(v=ws.10).aspx