Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Desktop Session
Host role service installed. The computer account of Server1 resides in an organizational unit (OU)
named OU1.
You create and link a Group Policy object (GPO) named GPO1 to OU1.
You need to prevent GPO1 from applying to your user account when you log on to Server1. GPO1
must apply to every other user who logs on to Server1.
What should you configure?
A.
Security Filtering.
B.
WMI Filtering.
C.
Block Inheritance.
D.
Item-level targeting.
Explanation:
You can use item-level targeting to change the scope of individual preference items, so they apply
only to selected users or computers. Within a single Group Policy object (GPO), you can include
multiple preference items, each customized for selected users or computers and each targeted to
apply settings only to the relevant users or computers.https://technet.microsoft.com/en-us/library/cc733022.aspx
The correct answer is A: Security Filtering
D is correct because the question is “You need to prevent GPO1 from applying to your user account”. If the question was to not give you access to read the GPO “A” would be correct. So, it really is “you can read the GPO but it should not apply to your user”.
Item-level T. is correct.
Item level targeting is only used for group policy preferences, not GPO’s, so A.
Agreed with Rimmer, Correct answer is A. You can set a security filter to deny apply group policy on your username.
Answer=A
Full question: http://www.aiotestking.com/microsoft/what-should-you-configure-201/
Agree with A – Security !!
(Item level only for GPP)