READ Free Dumps For Microsoft- 70-410
| Question ID 9719 | HOTSPOT
Your network contains an Active Directory domain named adatum.com. All domain controllers run Windows Server 2012 R2.All client computers run Windows 7.
The computer accounts for all of the client computers are located in an organizational unit (OU) named OU1.
An administrator links a Group Policy object (GPO) to OU1. The GPO contains several application control policies.
You discover that the application control policies are not enforced on the client computers.
You need to modify the GPO to ensure that the application control policies are enforced on the client computers.
What should you configure in the GPO?
To answer, select the appropriate service in the answer area.
Hot Area:
|
| Option A | Correct Answer:
|
| Correct Answer | A |
Explanation Explanation/Reference: Explanation: Does AppLocker use any services for its rule enforcement? Yes, AppLocker uses the Application Identity service (AppIDSvc) for rule enforcement. For AppLocker rules to be enforced, this service must be set to start automatically in the GPO. Before you can enforce AppLocker policies, you must start the Application Identity service by using the Services snap-in console. Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure. To start the Application Identity service 1. Click Start, click Administrative Tools, and then click Services. 2. In the Services snap-in console, double-click Application Identity. 3. In the Application Identity Properties dialog box, click Automatic in the Startup type list, click Start, and then click OK. Reference: http://technet.microsoft.com/en-us/library/dd759130.aspx
| Question ID 9720 | Your network contains an Active Directory domain named contoso.com. You have a Group Policy object (GPO) named GP1 that is linked to the domain. GP1
contains a software restriction policy that blocks an application named App1.
You have a workgroup computer named Computer1 that runs Windows 8. A local Group Policy on Computer1 contains an application control policy that allows
App1. You join Computer1 to the domain.
You need to prevent App1 from running on Computer1.
What should you do?
|
| Option A | From Computer1, run gpupdate/force.
|
| Option B | From Group Policy Management, add an application control policy to GP1.
|
| Option C | From Group Policy Management, enable the Enforced option on GP1.
|
| Option D | In the local Group Policy of Computer1, configure a software restriction policy.
|
| Correct Answer | B |
Explanation Explanation/Reference: Explanation: AppLocker policies take precedence over policies generated by SRP on computers that are running an operating system that supports AppLocker. AppLocker policies in the GPO are applied, and they supersede the policies generated by SRP in the GPO and local AppLocker policies or policies generated by SRP.