You are a system administrator for a department that has Windows 10 Enterprise computers in a domain
configuration.
You deploy an application to all computers in the domain.
You need to use group policy to restrict certain groups from running the application.
What should you do?
A.
Set up DirectAccess.
B.
Configure AppLocker.
C.
Disable BitLocker.
D.
Run the User State Management Tool.
Explanation:
AppLocker is a feature in Windows Server 2012, Windows Server 2008 R2, Windows 8, and Windows 7 that
advances the functionality of the Software Restriction Policies feature. AppLocker contains new capabilities and
extensions that reduce administrative overhead and help administrators control how users can access and use
files, such as executable files, scripts, Windows Installer files, and DLLs.
AppLocker rules can be applied to security groups. We can use a group policy to apply AppLocker rules to the
security groups to prevent them from running the application.
Incorrect Answers:
A: DirectAccess is a remote access solution that enables remote access to company resources. It cannot be
used to prevent members of security groups from running an application.
C: BitLocker is used to encrypt data. It cannot be used to prevent members of security groups from running an
application.
D: The User State Management Tool is used for managing user profiles. It cannot be used to prevent members
of security groups from running an application.https://technet.microsoft.com/en-us/library/ee619725(v=ws.10).aspx#BKMK_WhatRruleConditions
agree