Your network contains an Active Directory domain named contoso.com.
An organizational unit (OU) named OU1 contains the computer accounts for laptops and desktop computers.
A Group Policy object (GPO) named GP1 is linked to OU1.
You need to ensure that the configuration settings in GP1 are applied only to a user named User1.
What should you do?
A.
Modify the security settings of OU1.
B.
Modify the GPO Status of GP1.
C.
Modify the security settings of GP1.
D.
Configure the WMI Filter of GP1.
Explanation:
WMI filtering
Windows Management Instrumentation (WMI) filters allow you to dynamically determine the scope of GroupPolicy objects (GPOs) based on attributes of the target computer. When a GPO that is linked to a WMI filter is
applied on the target computer, the filter is evaluated on the target computer. If the WMI filter evaluates to false,
the GPO is not applied (except if the client computer is running Windows Server, in which case the filter is
ignored and the GPO is always applied). If the WMI filter evaluates to true, the GPO is applied.Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 10: Implementing Group Policy,
p. 470, 482
http://technet.microsoft.com/en-us/library/jj134176
WMI filtering using GPMC
The answer is D (Configure the WMI Filter of GP1).
C modify security settings of GP1. WMI filtering is to filter depending on attributes of the computers so it wouldn’t be able to filter by User 1. Security filtering is for Users and Groups.
B.
Modify the GPO Status of GP1.
C.
Modify the security settings of GP1.
I dont know why?