Your network contains an Active Directory forest.
The forest contains a System Center 2012 Configuration Manager environment.
The environment contains one primary site.
You need to unsure that the members of a group named Group1 are allowed to deploy
applications to desktop computers. The solution must minimize the number of permissions
assigned to Group1.
What should you do?
A.
Assign the Application Administrator security role to Group1. Create a new collection that
contains all of the desktop computers. Add Group1 to the local Administrators group on each
desktop computer.
B.
Add the Application Deployment Manager security role to Group1. Create a new collection
that contains all of the desktop computers. Add Group1 to the local Administrators group on
each desktop computer.
C.
Assign the Application Deployment Manager security role to Group1.Create a new
collection that contains all of the desktop computers. Scope Group1 to the new collection.
D.
Assign the Application Administrator security role to Group1. Create a new collection that
contains all of the desktop computers. Scope Group1 to the new collection.
Explanation:
Answer> Assign the Application Deployment Manager security role to Group1.
Create a new collection that contains all of the desktop computers.
Scope Group1 to the new collection.
http://technet.microsoft.com/en-us/library/hh524341.aspx
Glossary for Microsoft System Center 2012 Configuration Manager
Application Administrator
A security role that grants permissions to administrative users so that they can perform both
the
Application Deployment Manager role and the Application Author role.
Application Deployment Manager
A security role that grants permissions to administrative users so that they can deploy and
monitor applications.
http://blogs.technet.com/b/hhoy/archive/2012/03/07/role-based-administration-insystemcenter-2012-configuration-manager.aspx
Role-Based
Administration in System Center 2012 Configuration Manager
In
Configuration Manager 2012, Security Roles are used to collectively group objects and
permissions (operations) for assignment to an Administrator. Instead of an individual
permission set on a single instance of object, the Security Role provides a single Role
assignment to an administrator; reducing the overall complexity with permission
management.
An “object” in the Security Role is something that you want to manage access to and
“permission” is the operational functions, such as Read, Modify and Delete.