You manage a network that includes computers that run Windows 8 Enterprise. All of the
computers on the network are members of an Active Directory domain.
The company recently proposed a new security policy that prevents users from
synchronizing applications settings, browsing history, favorites, and passwords from the
computers with their Microsoft accounts.
You need to enforce these security policy requirements on the computers.
What should you do?
A.
From each computer, navigate to Change Sync Settings and set the Sync Your Settings
options for Apps, Browser, and Passwords to Off.
B.
On the Group Policy Object, configure the Accounts: Block Microsoft accounts Group
Policy setting to Users can’t add or log on with Microsoft accounts.
C.
On the Group Policy Object, configure the Accounts: Block Microsoft accounts Group
Policy setting to Users can’t add Microsoft accounts.
D.
From each computer, navigate to Change Sync Settings and set the Sync Your Settings
option to Off.
According to Trancender it’s C. So which one is it?
I believe correct answer is B, cant add or log
actually C might be the answer according to this link:
https://technet.microsoft.com/en-us/library/jj966262(v=ws.10).aspx
If you need to limit the use of Microsoft accounts in your organization, click the Users can’t add Microsoft accounts setting option so that users will not be able to create new Microsoft accounts on a computer, switch a local account to a Microsoft account, or connect a domain account to a Microsoft account.
This answer letter B …
The answer appears to be B.
From technet:
If you click the Users can’t add Microsoft accounts setting option, users will not be able to create new Microsoft accounts on a computer, switch a local account to a Microsoft account, or connect a domain account to a Microsoft account. This is the preferred option if you need to limit the use of Microsoft accounts in your enterprise.
If you click the Users can’t add or log on with Microsoft accounts setting option, existing Microsoft account users will not be able to log on to Windows. Selecting this option might make it impossible for an existing administrator to log on to a computer and manage the system.
Scratch that, meant to say C.
The option which only specifies “add microsoft accounts” is correct.
“you need to limit the use of Microsoft accounts in your enterprise” not completely block the use of MS account to log in…I’d say answer B, before enabling this policy, just create new domain account for each users and force to create new password when users log in.
THE ANSWER IS B. By going with C, users can still log on with their MS accounts and sync existing accounts. Also, the question says ” from the
computers with *their* Microsoft accounts). By going B, you block existing and future accounts.
Shawna correct