You need to ensure that users of the computer can install applications only from sites that are not in the Restricted Sites zone

A company has an Active Directory Domain Services (AD DS) domain. All client computers
run Windows 8 and are members of the domain. Client computers maintain a list of sites in
the Internet Explorer Restricted Sites security zone.
Users of one client computer are able to download and install an application from a site
within the Restricted Sites zone.
You need to ensure that users of the computer can install applications only from sites that
are not in the Restricted Sites zone.
What should you do?

A company has an Active Directory Domain Services (AD DS) domain. All client computers
run Windows 8 and are members of the domain. Client computers maintain a list of sites in
the Internet Explorer Restricted Sites security zone.
Users of one client computer are able to download and install an application from a site
within the Restricted Sites zone.
You need to ensure that users of the computer can install applications only from sites that
are not in the Restricted Sites zone.
What should you do?

A.
Run the Set-ExecutionPolicy Windows PowerShell cmdlet.

B.
Configure the Software Restriction Policy settings in the local Group Policy of the
computer.

C.
Add the blocked application as a software restriction policy to the GPO that configures
AppLocker.

D.
Run the Cet-AppLockerPolicy Windows PowerShell cmdlet.

E.
Add the blocked application as an additional AppLocker rule to the GPO that configures
AppLocker.

Explanation:
Only Software Restriction policy allows for the control of applications from a network zone;
AppLocker does not.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


timduncan

timduncan

Enterprise environment uses applocker setting from GPO…answer W