Your network contains an Active Directory forest.
The forest contains a System Center 2012 Configuration Manager environment.
The environment contains one primary site.
You need to ensure that the members of a group named Group1 are allowed to deploy applications
to desktop computers.
The solution must minimize the number of permissions assigned to Group1.
What should you do?
A.
Assign the Application Administrator security role to Group1. Create a new collection that
contains all of the desktop computers. Add Group1 to the local Administrators group on each
desktop computer.
B.
Add the Applicaton Deployment Manager security role to Group1. Create a new collection that
contains all of the desktop computers. Add Group1 to the local Administrators group on each
desktop computer.
C.
Assign the Application Deployment Manager security role to Group1. Create a new collection that
contains all of the desktop computers. Scope Group1 to the new collection.
D.
Assign the Application Administrator security role to Group1. Create a new collection that
contains all of the desktop computers. Scope Group1 to the new collection.
Explanation:
http://technet.microsoft.com/en-us/library/hh524341.aspx
Glossary for Microsoft System Center 2012 Configuration Manager
Application Administrator
A security role that grants permissions to administrative users so that they can perform both the
Application Deployment Manager role and the Application Author role.
Application Deployment Manager
A security role that grants permissions to administrative users so that they can deploy and monitor
applications.
http://blogs.technet.com/b/hhoy/archive/2012/03/07/role-based-administration-in-system-center-
2012-configuration-manager.aspx
Role-Based Administration in System Center 2012 Configuration Manager
In Configuration Manager 2012, Security Roles are used to collectively group objects and
permissions (operations) for assignment to an Administrator. Instead of an individual permission set
on a single instance of object, the Security Role provides a single Role assignment to an
administrator; reducing the overall complexity with permission management. An “object” in the
Security Role is something that you want to manage access to and “permission” is the operational
functions, such as Read, Modify and Delete.
Application Deployment Manager
Grants permissions to deploy applications. Administrative users who are associated with this role can view a list of applications, and they can manage deployments for applications, alerts, templates and packages, and programs. Administrative users who are associated with this role can also view collections and their members, status messages, queries, conditional delivery rules, and App-V virtual environments.