How can you ensure that the services that are not required are forever disabled on the Web servers without affecting the other servers on the network?
How can you ensure that the dial-up connection is initiated only from the partner company and that access is restricted to just ABC-SR01?
How would you apply the security templates so that the settings will be periodically enforced whilst ensuring that the solution reduces the impact on the resource servers?
What should you do to automate the process of collecting information on existing vulnerabilities for each computer, on a nightly basis?