You are a help desk technician for your company. Your company�s network includes an Active Directory domain and Windows XP Professional computers that are configured as members of the domain. Company policy prohibits users from accessing their computers unless they are authenticated by a domain controller. However, users report that they can log on to their computers, even though a network administrator has told them that a domain controller is not available.As a test, you log off of your computer and disconnect it from the network. You discover that you can log on by using your domain user account. You need to ensure that users cannot access their computers unless they are authenticated by a domain controller. How should you configure the local computer policy on these computers?
A.
Enable the Require domain controller to unlock policy.
B.
Set the Number of previous logons to cache policy to 0.
C.
Remove all user and group accounts from the Log on locally user right.
D.
Remove all user and group accounts from the Access this computer from the network user right.
Explanation:
If we log on to a computer and we are authenticated by a Domain Controller, our logon is cached. If we try to log on again, but no Domain Controller is available, Windows will look for a cached logon. If one exists, we will be permitted
to log on. To disable this ability, we should configure Windows not to cache logons.
Incorrect Answers:
A: This setting does not exist.
C: This will disable all logons even if a DC is available for authentication.
D: This will not affect the user’s ability to log on locally.