You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com
domain, including domain controllers, have windows Server 2016 installed.
You have been instructed to modify the name of the local Administrator account on all Contoso.com workstations. You want to achieve this using as little
administrative effort as possible.
Which of the following actions should you take?
A.
You should consider configuring the Security Options settings via the Group Policy Management Console (GPMC).
B.
You should consider navigating to Local Users and Groups via Computer
C.
You should consider configuring the replication settings.
D.
You should consider navigating to Local Users and Groups via Computer Management on each workstation.
Explanation:
Rename administrator account policy setting determines whether a different account name is associated with the security identifier (SID) for the Administrator
account.
Because the Administrator account exists on all Windows server versions, renaming the account makes it slightly more difficult for attackers to guess this user
name and password combination. By default, the built-in Administrator account cannot be locked out no matter how many times a malicious user might use a bad
password. This makes the Administrator account a popular target for brute-force password-guessing attacks.
The value of this countermeasure is lessened because this account has a well-known SID and there are non-Microsoft tools that allow you to initiate a brute-force
attack over the network by specifying the SID rather than the account name. This means that even if you have renamed the Administrator account, a malicious user
could start a brute-force attack by using the SID.
Rename the Administrator account by specifying a value for the Accounts: Rename administrator account policy setting.
Location: GPO_name\\Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options