NTC 324 Week 5 Best Answer 100% Correct

NTC 324 Chapter 16
Best Answer
Choose the letter that corresponds to the best answer. More than one answer choice may achieve the
goal. Select the BEST answer.

1.	What are the different types of Group Policy objects (GPOs)?

a. Computer, user, and organizational unit
b. Local, domain, and starter
c. Local, domain, and universal
d. Site, domain, and organizational unit



2. Installing Windows Server 2012 Active Directory Domain Services (AD DS) installs
two default policies: Default Domain Policy and Default Domain Controller Policy. As
an administrator, you need different policy settings than the default. What is the best
approach to make those changes?

a. Add new settings in the default policies as needed.
b. Create new GPOs to augment or override the existing default settings.
c. Change existing ones in the default policies as needed.
d. Link a new GPO using the AD DS role.



3. If creating a local GPO, then a secondary GPO, then a tertiary GPO, what policy
settings are included in each GPO?

a. The first GPO contains both Computer Configuration and User Configuration
settings, whereas the secondary and tertiary GPOs contain only Computer
Configuration settings.
b. Each GPO contains both Computer Configuration and User Configuration settings.
c. All GPOs contain User Configuration settings.
d. The first GPO contains both Computer Configuration and User Configuration
settings, whereas the secondary and tertiary GPOs contain only User Configuration
settings.


4. Group Policies applied to parent containers are inherited by all child containers and
objects. What are the ways you can alter inheritance?

a. Using the Enforce, Block Policy Inheritance, or Loopback settings.
b. Using Active Directory Administrative Center (ADAC) to block inheritance.
c. Inheritance can be altered by making the applicable registry settings.
d. Using the Enforce or Block Policy Inheritance settings.


5. You are an administrator in a mixed environment of Windows Server 2012, Server 2008
R2 and desktops running Vista. You need different settings for users, based on their
identities. Can you achieve this through multiple local GPOs?

a. All these operating systems support for multiple local GPOs. However, some servers
are standalone (non-AD DS) systems.
b. Yes, this is achievable through support by all OSs, regardless of whether standalone or
whether members of an AD DS domain.
c. No, this is not achievable given the current environment.
d. No, this is not achievable until software is added.

Chapter 17
Best Answer
Choose the letter that corresponds to the best answer. More than one answer choice may achieve the
goal. Select the BEST answer.

1.	When would you need to create a user account through the Control Panel?

a. You can create users through the Control Panel or with the Local Users and Groups
snap-in.
b. You can create users through the Control Panel when the Windows Server 2012
computer is part of a workgroup.
c. When you join a computer to an Active Directory Domain Services (AD DS)
domain, you can create only new local user accounts with the Local Users and
Groups snap-in. Control Panel is while the computer is not a member of an AD
DS domain.
d. Creating users through the Control Panel is not possible.


2.	What is the best approach for planning a security template strategy?

a. Plan according to the needs of individual computers, not users.
b. Plan according to the needs of computer roles, and also company locations.
c. Plan according to the needs of computer roles, but not individual computers.
d. Plan according to the needs of users.


3.	What are the key benefits of security templates?

a. Apply consistent, scalable, and reproducible security settings throughout an
enterprise.
b. Deploy alongside with group policies.
c. Although a text editor is possible, Windows Server 2012 enables the use of a graphical
interface.
d. Simple deployment as configuration files are text (.inf extension) and uses a graphical
and unified interface.



4.	How are most Group Policy settings applied or reapplied?

a. Every time a computer starts up
b. At the refresh interval
c. Whenever a user logs on
d. Whenever the domain controller is restarted



5. What are the two interfaces available for creating and managing user accounts in
Windows Server 2012?

a. Control Panel and the MMC snap-in
b. Server Manager and Control Panel
c. Control Panel and Active Directory Users and Computers
d. User Accounts control panel and the Local Users and Groups snap-in for MMC

Chapter 18
Best Answer
Choose the letter that corresponds to the best answer. More than one answer choice may achieve the
goal. Select the BEST answer.

1.	When installing software using Group Policy, what file or files does an administrator use?

a. Windows Installer package files, or .msi files. Modifications to the package files are
transform files, or .mst files. Further, patch files are designated as .msp files.
b. Any approved software from Microsoft, including the Certified for Windows Server
2012 logo on the packaging.
c. Windows Installer package files, or .mst files. Modifications to the package files are
instruction files, or .msi files.
d. Windows Installer packages that contain all the information about the software.



2. You want to deploy software using Group Policy. What is necessary before deciding to
Assign the software to your user accounts?

a. You must create a Group Policy object (GPO) or modify an existing GPO. As part of
configuring the GPO, you decide whether to Assign or Publish the application.
b. You create the GPO. Whether to Assign or Publish is decided elsewhere.
c. You must create a distribution share, also called a software distribution point. Then
create the GPO, specifying how to deploy the application.
d. You decide whether to Assign or Publish the application. If using .zap files, you
might need user intervention.


3. If a software package is set as Assigned, the option to Install This Application At Logon
is available. This option enables the application to be installed immediately, rather than
advertised on the Start menu. However, when should you avoid this method?

a. If users have slow links between their workstations and the software distribution
point
b. If computers are already under a very strict security policy and computer configuration
c. If users often take their computer home
d. If computers require administrative logon for each new package


5.	What does file-activated installation mean, and where is it utilized?

a. When a user opens a file associated with an application that does not currently exist
on the user- workstation, the application is installed. It is used for both Publishing
and Assigning an application to a user.
b. When a user logs on and the local computer has a file associated with an application
that does not exist, the application is installed. It is used when Assigning an application
to a user.
c. When a user opens a file associated with an application that does not currently exist
on the user- workstation, the application is installed. It is used when Assigning an
application to a user.
d. When a user logs on and the local computer has a file associated with an application
that does not exist, the application is installed. It is used when Publishing an
application to a user.



6.	What is the most common way to implement software restriction policies?

a. By configuring software restriction policies on individual computers by using Local
Security Policy
b. Through Active Directory Users and Computers
c. Through GPOs linked to Active Directory Domain Services (AD DS) containers, so
that you can apply their policy settings to several computers simultaneously
d. By using AppLocker, provided you apply to a computer running Windows 7 and
Windows Server 2008 R2 or later