You need to generate the security report

###BeginCaseStudy###

Case Study 1 – Proseware, Inc.
Overview
General Overview
Proseware, Inc. is an international manufacturing company that has 3,000 employees.
The company has a sales department a marketing department, a research department and a
human resources department.
Physical Locations
Proseware has two main offices and five branch offices. The main offices are located in New York
City and London. The branch offices are located in Singapore, Sydney, Auckland, Montreal, and
Tokyo.
Users from each department are located in each office.
All of the offices connect to each other by using a WAN link. Each office also has a direct connection
to the Internet.
Existing Environment
Active Directory
The network contains one Active Directory forest named proseware.com. The forest contains a
single domain. All servers in the domain run Windows Server 2012 R2.
Each office contains a single domain controller. Each domain controller is configured as a DHCP
server and a DNS server. Each office is configured as an Active Directory site. There is an
organizational unit (OU) for each department.
All client computers are configured to use the DNS server in their respective office only.
Network Infrastructure
The client computers in all of the offices are managed by using Microsoft System Center 2012 R2
Configuration Manager. A collection exists for each department. There is a distribution point in each
main office.
Proseware is evaluating Windows Intune for the management of personal devices. Currently,
Windows Intune is not integrated with Configuration Manager.
The New York City office has the following servers and client computers:
– Client computers that run the 64-bit version of Windows 8.1 Enterprise
and have Microsoft Office 2013 installed
– A Windows Server Update Services (WSUS) server
– Five file servers that host multiple shared folders
– Remote Desktop Services (RDS) server farm
– Hyper-V servers
Each of the branch offices has the following servers and client computers:
– Client computers that run the 64-bit version of Windows 8.1 Enterprise
and have Office 2013 installed
– A Windows Server Update Services (WSUS) server configured as a replica
server

– A file server that hosts multiple shared folders
The users in the sales department use laptops. Often, the sales department users are away from
the office for more than a month at a time, during which they have no connection to the company
network.
A corporate security policy for the company-owned client computers states that the Remote
Desktop feature must be disabled and if a computer is idle for 15 minutes, a password-protected
screen saver must be activated.
Recently, WSUS was integrated with Configuration Manager and several updates were approved
and deployed by using Configuration Manager.
Application Infrastructure
A third-party desktop application named App1 is used by the users in the sales department and the
marketing department. The application vendor publishes weekly updates for App1 to a public FTP
site. The updates are packaged as MSP files.
A line-of-business Windows Store app named App2 is used by all users.
A third-party desktop application named App3 is used by the users in the research department.
The first update for App3 was released by the application vendor as a Windows Installer (MSI)
package. The update was not deployed yet.
App1, App2, and App3 are used only on company-owned computers.
Problem Statements
Proseware identifies the following issues on the network:
– When an update to App1 is available, the sales department users report
that they do not receive the update until they return to the office.
– Network monitoring reveals that some of the client computers download
updates from WSUS servers directly, while some computers download the
updates from a Configuration Manager distribution point.
– Some users attempt to update App3 manually by downloading the update
directly from the vendor’s website. Several of these users report that
they fail to install the update due to a lack of disk space.
Requirements
Business Goals
Proseware identifies the following business goals:
– Minimize the costs associated with purchasing hardware and software,
– Reduce licensing costs by identifying and uninstalling unused
applications.
Planned Changes
Proseware plans to implement a new Bring Your Own Device (BYOD) policy. The policy will allow
users to access corporate data and applications from their personal device. The devices must run
one of the following approved operating systems:
– Windows RT 8.1
– Windows 8.1
– Android 4.0
– iOS7.0
Proseware plans to implement the following applications:
– Redeploy App3 to include the update.
– Deploy a new application named App4, a 32-bit desktop application that
will be used by the marketing department users on their personal device.
– Deploy a new application named App5, a 64-bit desktop application that
will be used by all users. App5 uses a third-party installer, requires
several pre-requisite software packages, and installs several kernel mode
device drivers. App5 will be used only on company-owned computers.
– Deploy a new application named App6, a desktop application that will be
used by the sales department users. App6 is incompatible with Appl. App6
will be used only on company-owned computers.
Technical Requirements
Proseware identifies the following technical requirements:

– Enforce a corporate security policy for personal devices, which states
that all devices that have access to corporate data must have a security
PIN and must lock automatically after five minutes of inactivity.
– Generate a security report that lists all of the desktop computers that
do not meet the corporate security policy.
– Ensure that the marketing department users can use their applications
from their personal device.
– Ensure that personal devices have restricted access to domain resources.

###EndCaseStudy###

You need to generate the security report.
What should you do first?

###BeginCaseStudy###

Case Study 1 – Proseware, Inc.
Overview
General Overview
Proseware, Inc. is an international manufacturing company that has 3,000 employees.
The company has a sales department a marketing department, a research department and a
human resources department.
Physical Locations
Proseware has two main offices and five branch offices. The main offices are located in New York
City and London. The branch offices are located in Singapore, Sydney, Auckland, Montreal, and
Tokyo.
Users from each department are located in each office.
All of the offices connect to each other by using a WAN link. Each office also has a direct connection
to the Internet.
Existing Environment
Active Directory
The network contains one Active Directory forest named proseware.com. The forest contains a
single domain. All servers in the domain run Windows Server 2012 R2.
Each office contains a single domain controller. Each domain controller is configured as a DHCP
server and a DNS server. Each office is configured as an Active Directory site. There is an
organizational unit (OU) for each department.
All client computers are configured to use the DNS server in their respective office only.
Network Infrastructure
The client computers in all of the offices are managed by using Microsoft System Center 2012 R2
Configuration Manager. A collection exists for each department. There is a distribution point in each
main office.
Proseware is evaluating Windows Intune for the management of personal devices. Currently,
Windows Intune is not integrated with Configuration Manager.
The New York City office has the following servers and client computers:
– Client computers that run the 64-bit version of Windows 8.1 Enterprise
and have Microsoft Office 2013 installed
– A Windows Server Update Services (WSUS) server
– Five file servers that host multiple shared folders
– Remote Desktop Services (RDS) server farm
– Hyper-V servers
Each of the branch offices has the following servers and client computers:
– Client computers that run the 64-bit version of Windows 8.1 Enterprise
and have Office 2013 installed
– A Windows Server Update Services (WSUS) server configured as a replica
server

– A file server that hosts multiple shared folders
The users in the sales department use laptops. Often, the sales department users are away from
the office for more than a month at a time, during which they have no connection to the company
network.
A corporate security policy for the company-owned client computers states that the Remote
Desktop feature must be disabled and if a computer is idle for 15 minutes, a password-protected
screen saver must be activated.
Recently, WSUS was integrated with Configuration Manager and several updates were approved
and deployed by using Configuration Manager.
Application Infrastructure
A third-party desktop application named App1 is used by the users in the sales department and the
marketing department. The application vendor publishes weekly updates for App1 to a public FTP
site. The updates are packaged as MSP files.
A line-of-business Windows Store app named App2 is used by all users.
A third-party desktop application named App3 is used by the users in the research department.
The first update for App3 was released by the application vendor as a Windows Installer (MSI)
package. The update was not deployed yet.
App1, App2, and App3 are used only on company-owned computers.
Problem Statements
Proseware identifies the following issues on the network:
– When an update to App1 is available, the sales department users report
that they do not receive the update until they return to the office.
– Network monitoring reveals that some of the client computers download
updates from WSUS servers directly, while some computers download the
updates from a Configuration Manager distribution point.
– Some users attempt to update App3 manually by downloading the update
directly from the vendor’s website. Several of these users report that
they fail to install the update due to a lack of disk space.
Requirements
Business Goals
Proseware identifies the following business goals:
– Minimize the costs associated with purchasing hardware and software,
– Reduce licensing costs by identifying and uninstalling unused
applications.
Planned Changes
Proseware plans to implement a new Bring Your Own Device (BYOD) policy. The policy will allow
users to access corporate data and applications from their personal device. The devices must run
one of the following approved operating systems:
– Windows RT 8.1
– Windows 8.1
– Android 4.0
– iOS7.0
Proseware plans to implement the following applications:
– Redeploy App3 to include the update.
– Deploy a new application named App4, a 32-bit desktop application that
will be used by the marketing department users on their personal device.
– Deploy a new application named App5, a 64-bit desktop application that
will be used by all users. App5 uses a third-party installer, requires
several pre-requisite software packages, and installs several kernel mode
device drivers. App5 will be used only on company-owned computers.
– Deploy a new application named App6, a desktop application that will be
used by the sales department users. App6 is incompatible with Appl. App6
will be used only on company-owned computers.
Technical Requirements
Proseware identifies the following technical requirements:

– Enforce a corporate security policy for personal devices, which states
that all devices that have access to corporate data must have a security
PIN and must lock automatically after five minutes of inactivity.
– Generate a security report that lists all of the desktop computers that
do not meet the corporate security policy.
– Ensure that the marketing department users can use their applications
from their personal device.
– Ensure that personal devices have restricted access to domain resources.

###EndCaseStudy###

You need to generate the security report.
What should you do first?

A.
From Windows Intune, configure an alert policy.

B.
From Configuration Manager, deploy a configuration baseline.

C.
From Group Policy Management, run the Group Policy Results Wizard.

D.
From Update Services, configure reporting rollup.



Leave a Reply 0

Your email address will not be published. Required fields are marked *