What should you do?

Your company has two Active Directory forests as shown in the following table:

Forest name
Forest functional level
Domain(s)
contoso.com
Windows Server 2008
contoso.com
fabrikam.com
Windows Server 2008
fabrikam.com eng.fabrikam.com

The forests are connected by using a two-way forest trust. Each trust direction is configured with forest-wide authentication. The new security policy of the company prohibits users from the eng.fabrikam.com domain to access resources in the contoso.com domain.

You need to configure the forest trust to meet the new security policy requirement.

What should you do?

Your company has two Active Directory forests as shown in the following table:

Forest name
Forest functional level
Domain(s)
contoso.com
Windows Server 2008
contoso.com
fabrikam.com
Windows Server 2008
fabrikam.com eng.fabrikam.com

The forests are connected by using a two-way forest trust. Each trust direction is configured with forest-wide authentication. The new security policy of the company prohibits users from the eng.fabrikam.com domain to access resources in the contoso.com domain.

You need to configure the forest trust to meet the new security policy requirement.

What should you do?

A.
Delete the outgoing forest trust in the contoso.com domain.

B.
Delete the incoming forest trust in the contoso.com domain.

C.
Change the properties of the existing incoming forest trust in the contoso.com domain from Forest-wide authentication to Selective authentication.

D.
Change the properties of the existing outgoing forest trust in the contoso.com domain to exclude *.eng.fabrikam.com from the Name Suffix Routing trust properties.



Leave a Reply 0

Your email address will not be published. Required fields are marked *