What should you include in your design?

Your network consists of one Active Directory domain that contains domain controllers that run
Windows Server 2008. The intranet site contains confidential documents. You need to design an
identity and access management policy for the documents to meet the following requirements:
Record each time a document is accessed.
Protect confidential documents on the intranet site.
Place a time limit on access to documents, including documents sent outside the organization.
What should you include in your design?

Your network consists of one Active Directory domain that contains domain controllers that run
Windows Server 2008. The intranet site contains confidential documents. You need to design an
identity and access management policy for the documents to meet the following requirements:
Record each time a document is accessed.
Protect confidential documents on the intranet site.
Place a time limit on access to documents, including documents sent outside the organization.
What should you include in your design?

A.
On a domain controller, install and configure Active Directory Federation Services (AD FS).

B.
On a domain controller, install and configure Active Directory Rights Management Services (AD
RMS).

C.
On all servers in the domain, ensure that the data volumes are configured to use NTFS file system
and Encrypting File System (EFS).

D.
On all servers in the domain, ensure that the data volumes are configured to use NTFS file system
and Windows BitLocker Drive Encryption (BitLocker).

Explanation:
To place a time limit on access to documents and the documents that are sent outside the
organization and record each time a document is accessed, you need to use Active Directory Rights
Management Services (AD RMS). AD RMS helps you to prevent sensitive information—such as
financial reports, product specifications, customer data, and confidential e-mail messages—from
intentionally or accidentally getting into the wrong hands. You can use AD RMS on applications
running on Windows or other operating systems to help safeguard sensitive information. Rightsprotected documents of any kind can be set up for time-restricted access—and after that author-

defined period of time has elapsed, the files can no longer be opened as the “use license” will have
expired.
Active Directory Rights Management Services Overview
http://technet2.microsoft.com/windowsserver2008/en/library/74272acc-0f2d-4dc2-876f-
15b156a0b4e01033.mspx?mfr=true
Windows Rights Management Services:
Protecting Electronic Content in Legal Organizations/ Flexible Information Protection
http://209.85.175.104/search?q=cache:FqGkJVes_lIJ:download.microsoft.com/download/1/4/2/142
42f31-08ee-41a3-9057-HYPERLINK
“http://209.85.175.104/search?q=cache:FqGkJVes_lIJ:download.microsoft.com/download/1/4/2/14
242f31-08ee-41a3-9057-db054263512f/RM” \l
“_blank”db054263512f/RMS_LegalOrgs.doc+AD+RMS+place+a+time+limit+on+access+to+document
s&hl=en&ct=clnk&cd=2&gl=in



Leave a Reply 0

Your email address will not be published. Required fields are marked *