Does this meet the goal?

Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2016.
You need to prevent NTLM authentication on Server1.
Solution: From Windows PowerShell, you run the Disable-WindowsOptionalFeature cmdlet.
Does this meet the goal?

Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2016.
You need to prevent NTLM authentication on Server1.
Solution: From Windows PowerShell, you run the Disable-WindowsOptionalFeature cmdlet.
Does this meet the goal?

A.
Yes

B.
No

Explanation:
https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/
On Client, the PowerShell approach (Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol)
Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol

However, the question asks about Server!
On Server, the PowerShell approach (Remove-WindowsFeature FS-SMB1):
Remove-WindowsFeature FS-SMB1

Even if SMB1 is removed, SMB2 and SMB3 could still run NTLM authentication! Therefore, answer is a
“NO”.

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *