You support computers that run windows 8 Enterprise. AppLocker policies are deployed.
Company policy states that AppLocker must be disabled.
You need to disable AppLocker.
Which three actions should you perform in sequence?
(To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.)
Answer:
Explanation:
Note:
* Before you can enforce AppLocker policies, you must start the Application Identity service by using the
Services snap-in console.
* The Application Identity service determines and verifies the identity of an application. Stopping this service will
prevent AppLocker policies from being enforced.
Shouldn’t we first run gpupdate to be sure applocker policies were deleted then disable the service?
I agree with Fernandez
Backup the Group Policy Object (GPO) that contains the currently applied AppLocker rules.
Delete all the AppLocker rules on that GPO. For steps how to do this, see the topics in AppLocker Policy Procedures.
Push out the GPO that now contains the empty AppLocker policy to the affected client computers. For steps how to do this, see Refresh an AppLocker Policy.
Disable the AppLocker service (appidsvc) on all the affected client computers. Optionally, you can restart the service. For steps how to do this, see Configure the Application Identity Service. Alternatively, you can disable the AppLocker service using Group Policy instead of locally.
http://technet.microsoft.com/en-us/library/hh310286(v=ws.10).aspx
It sure seems to be
1. Delete all rules
2. Run gpupdate /force
3. Disable appidsvc
Delete the rules
Dissable the service
Run GPUDATE/FORCE-The intention for running gpupdate is to ensure that the modified policy is applied to the computer. It needs to be the last in this case.
https://technet.microsoft.com/en-us/library/hh310286(v=WS.10).aspx – you should disable the service only after the GPO is pushed to the PC
Backup the Group Policy Object (GPO) that contains the currently applied AppLocker rules.
Delete all the AppLocker rules on that GPO. For steps how to do this, see the topics in AppLocker Policy Procedures.
Push out the GPO that now contains the empty AppLocker policy to the affected client computers. For steps how to do this, see Refresh an AppLocker Policy.
Disable the AppLocker service (appidsvc) on all the affected client computers. Optionally, you can restart the service. For steps how to do this, see Configure the Application Identity Service. Alternatively, you can disable the AppLocker service using Group Policy instead of locally.
Optionally, if you want to update the computers with another set of AppLocker rules (and the service has been enabled), you force a Group Policy update for the revised AppLocker policy. For steps how to do this, see Refresh an AppLocker Policy.