Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012. The
domain contains two domain controllers. The domain controllers are configured as shown in the following table.
You discover that a support technician accidentally removed 100 users from an Active Directory group named Group1 an hour ago. You need to restore the
membership of Group1. What should you do?
A.
Apply a virtual machine snapshot to VM1.
B.
Perform an authoritative restore.
C.
Perform a non-authoritative restore.
D.
Perform tombstone reanimation.
Correct answer is
B. Perform an authoritative restore.
https://technet.microsoft.com/en-us/library/cc816878.aspx
An authoritative restore process returns a designated, deleted Active Directory object or container of objects to its predeletion state at the time when it was backed up
Non Authoritative Restore: This method reinstates the Active Directory data to the state before the backup, and then updates the data through the normal replication process. Perform a normal restore for a single domain controller to a previously known good state.
You want to target specific members, not the whole AD. Authoritatie Restore.
Answer is B.
After looking at several test review sites, this one is my favorite because of the User Comments capability.
A couple other sites I was looking at incorrectly identify tombstone re-animation as the correct answer, when in fact authoritative restore is the correct answer.
The following technet article points out that tombstones will not include group memberships: https://technet.microsoft.com/en-us/library/2007.09.tombstones.aspx
authoritative restore will update existing DCs with the restored data.
Non-authoritative restore will replicate the existing data from another DC.