READ Free Dumps For Microsoft- 70-410
| Question ID 10239 | You have a server named Server1 that runs Windows Server 2012 R2. Server1 is a member of a workgroup.
You need to ensure that only members of the Administrators group and members of a group named Group1 can log on locally to Server1.Which settings should you modify from the Local Security Policy? To answer, select the appropriate settings in the answer area.
Hot Area:
|
| Option A | Correct Answer:
|
| Correct Answer | A |
Explanation
| Question ID 10240 | Your network contains two Active Directory forests named contoso.com and adatum.com. All servers run Windows Server 2012 R2.
A one-way external trust exists between contoso.com and adatum.com.
Adatum.com contains a universal group named Group1. You need to prevent Group1 from being used to provide access to the resources in contoso.com.
What should you do?
|
| Option A | Modify the Managed By settings of Group1.
|
| Option B | Modify the Allowed to Authenticate permissions in adatum.com.
|
| Option C | Change the type of Group1 to distribution.
|
| Option D | Modify the name of Group1.
|
| Correct Answer | B |
Explanation Explanation/Reference: Explanation: * Accounts that require access to the customer Active Directory will be granted a special right called Allowed to Authenticate. This right is then applied to computer objects (Active Directory domain controllers and AD RMS servers) within the customer Active Directory to which the account needs access. * For users in a trusted Windows Server 2008 or Windows Server 2003 domain or forest to be able to access resources in a trusting Windows Server 2008 or Windows Server 2003 domain or forest where the trust authentication setting has been set to selective authentication, each user must be explicitly granted the Allowed to Authenticate permission on the security descriptor of the computer objects (resource computers) that reside in the trusting domain or forest.