The system administrator is tasked with changing the administrator password across all 2000 computers in the organization. Which of the following should the
system administrator implement to accomplish this task?
A.
A security group
B.
A group policy
C.
Key escrow
D.
Certificate revocation
Explanation:
Group policy is used to manage Windows systems in a Windows network domain environment by means of a Group Policy Object (GPO). GPO’s include a number
of settings related to credentials, such as password complexity requirements, password history, password length, account lockout settings.
Incorrect Answers:
A: Active Drectory security groups are used to assign permissions to shared resources. It will not assist the system administrator in changing the administrator
password across all 2000 computers in the organization.
C: Key escrow allows for copies of private keys and/or secret keys are retained securely by a centralized management system as a means of insurance or recovery
in the event of a lost or corrupted key. It will not assist the system administrator in changing the administrator password across all 2000 computers in the
organization.
D: Revoking a certificate will not assist the system administrator in changing the administrator password across all 2000 computers in the organization.Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 291, 319.
https://technet.microsoft.com/en-us/library/dn579255.aspx