You are the desktop administrator for one of your company’s branch offices. The network in your branch office contains 100 Windows XP Professional computers. The computers are configured with the Compatws.inf security template. One of the network administrators in the company’s main office creates a new security template named CompanySec.inf. The new template is designed to be applied to each of the company’s Windows XP Professional computers. The users in your branch office have different security requirements from the users in the main office. You need to find out whether the new security template will violate the security requirements of the users in the branch office. What should you do?
A.
Run the Secedit.exe command in validation mode and specify the new security template.
B.
Run the Secedit.exe command in configuration mode and specify the new security template.
C.
Use the Security Configuration and Analysis console to import both templates into a security database, and then perform an Analyze operation.
D.
Use the Security Configuration and Analysis console to import both templates into a security database, and then perform a Configure operation.
Explanation:
We must use both templates and analyze them, either with Secedit or with the Security Configuration and Analysis console.
Incorrect Answers
A: Secedit /analyze runs secedit in analyze (validation) mode. However, we should specify both the current and the new security template.
B: We should analyze, not apply, the new security template.
D: We do not want to apply the new security template before it is analyzed.