You are the desktop administrator for your company. The company’s network consists of a single Microsoft Windows NT domain. The network contains 2,000 Windows XP Professional computers. The information security department releases a new security template named NewSecurity.inf. You are instructed to apply the new template to all 2,000 Windows XP Professional computers. You use the Security Configuration and Analysis console to import NewSecurity.inf into a security database named NewSec.sdb. You copy NewSec.sdb to a folder named Sec on a server named Server1. You need to apply NewSecurity.inf to the Windows XP Professional computers. What should you do?
A.
Use the Security Configuration and Analysis console to export a template named NewSec.inf from NewSec.sdb. Copy NewSec.inf to each client computer.
B.
Write a logon script that copies NewSec.sdb to the %systemroot%System32 folder on each client computer.
C.
Copy NewSec.sdb to the Netlogon shared folder on each domain controller.
D.
Write a logon script that runs the Secedit /configure /db Server1SecNewSec.sdb command. Apply the logon script to all domain user accounts.
Explanation:
The Secedit utility is a command line version of the Security Configuration and Analysis utility. If we were using the Security Configuration and Analysis utility, we would open the database and select "Configure" to configure the computer with the settings specified in the database. The command Secedit /configure /db Server1SecNewSec.sdb does the same thing from the command line. Server1SecNewSec.sdb is the path to the saved database.
Incorrect Answers:
A: To configure a computer, the .inf template file needs to be imported into a database. This has already been done by the IS department. There is no need to re-export the .inf template from the database.
B: Copying the database file to %systemroot%System32 folder on each client computer will not configure the computers with the settings specified in the database. To configure the computers, we need to use either the Security Configuration and Analysis utility or its command line version Secedit.
C: Copying the database file to the Netlogon shared folder on each domain controller will not configure the computers with the settings specified in the database. To configure the computers, we need to use either the Security Configuration and Analysis utility or its command line version Secedit.
The time to study or stop by the subject material or sites we have linked to beneath.