Your network contains an Active Directory forest named litwareinc.com.
The forest has a single domain.
The forest contains a System Center 2012 Configuration Manager environment.
The environment contains a single primary site.
You create a group named InstallTechs.
You need to ensure that the members of InstallTechs can deploy Applications to desktop computers
by using Configuration Manager.
The solution must minimize the number of permissions assigned to InstallTechs.
What should you do?
A.
Assign the Application Administrator security role to InstallTechs. Create a new collection that
contains all of the desktop computers. Scope InstallTechs to the new collection.
B.
Assign the Application Deployment Manager security role to InstallTechs. Create a new collection
that contains all of the desktop computers. Scope InstallTechs to the new collection.
C.
Add the Application Deployment Manager security role to InstallTechs. Create a new collection
that contains computers. Add InstallTechs to the local Administrators group on each desktop
computer.
D.
Assign the Application Administrator security role to InstallTechs. Create a new collection that
contains all of the desktop computers. Add InstallTechs to the local Administrators group on each
desktop computer.
Explanation:
http://technet.microsoft.com/en-us/library/hh524341.aspx
Glossary for Microsoft System Center 2012 Configuration Manager
Application Administrator
A security role that grants permissions to administrative users so that they can perform both the
Application Deployment Manager role and the Application Author role.
Application Deployment Manager
A security role that grants permissions to administrative users so that they can deploy and monitor
applications.
http://blogs.technet.com/b/hhoy/archive/2012/03/07/role-based-administration-in-system-center-
2012-configuration-manager.aspx
Role-Based Administration in System Center 2012 Configuration Manager
In Configuration Manager 2012, Security Roles are used to collectively group objects and
permissions (operations) for assignment to an Administrator. Instead of an individual permission set
on a single instance of object, the Security Role provides a single Role assignment to an
administrator; reducing the overall complexity with permission management. An “object” in the
Security Role is something that you want to manage access to and “permission” is the operational
functions, such as Read, Modify and Delete.