Which three GPOs should you identify in sequence?

DRAG DROP
Your network contains an Active Directory domain named contoso.com. All domain controllers run
Windows Server 2012 R2.
The domain contains an organizational unit (OU) named OU1. OU1 contains an OU named OU2. OU2
contains a user named user1.
User1 is the member of a group named Group1. Group1 is in the Users container.
You create five Group Policy objects (GPO). The GPOs are configured as shown in the following table.

The Authenticated Users group is assigned the default permissions to all of the GPOs.
There are no site-level GPOs.
You need to identify which three GPOs will be applied to User1 and in which order the GPOs will be
applied to User1.
Which three GPOs should you identify in sequence? To answer, move the appropriate three GPOs
from the list of GPOs to the answer area and arrange them in the correct order.

DRAG DROP
Your network contains an Active Directory domain named contoso.com. All domain controllers run
Windows Server 2012 R2.
The domain contains an organizational unit (OU) named OU1. OU1 contains an OU named OU2. OU2
contains a user named user1.
User1 is the member of a group named Group1. Group1 is in the Users container.
You create five Group Policy objects (GPO). The GPOs are configured as shown in the following table.

The Authenticated Users group is assigned the default permissions to all of the GPOs.
There are no site-level GPOs.
You need to identify which three GPOs will be applied to User1 and in which order the GPOs will be
applied to User1.
Which three GPOs should you identify in sequence? To answer, move the appropriate three GPOs
from the list of GPOs to the answer area and arrange them in the correct order.

Answer: See the explanation

Explanation:
Box 1: GPO2
Box 2: GPO4
Box 3: GPO5
Note:
* First at the domain level (GPO2), then at the highest OU level GPO4, and finally at the OU level
containing user1 GPO5.
Incorrect:
* Read and Apply group policy are both needed in order for the user or computer to receive and
process the policy
Not GPO1: Group1 has Deny Apply Group Policy permissions on GPO1.
Not GPO3: Group1 has Deny Read permissions on GPO3.
GPO2 and GPO4 are disabled.
* When a Group Policy Object (GPO) is enforced it means the settings in the Group Policy Object on
an Organization Unit (which is shown as a folder within the Active Directory Users and Computers
MMC) cannot be overruled by a Group Policy Object (GPO) which is link enabled on an
Organizational Unit below the Organizational Unit with the enforced Group Policy Object (GPO).
* Group Policy settings are processed in the following order:
1 Local Group Policy object
2 Site.
3 Domain

4 Organizational units
GPOs that are linked to the organizational unit that is highest in the Active Directory hierarchy are
processed first, then GPOs that are linked to its child organizational unit, and so on. Finally, the GPOs
that are linked to the organizational unit that contains the user or computer are processed.

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

TaSpanja

TaSpanja

Agreed answer is correct because the question was in which order they will be applied not in priority order.

Reply

Fontanetti

Fontanetti

TaSpanja, what do you mean as order applied and priority order?

Reply