3. To deploy the security templates, you begin by creating an organizational unit
object for each server role in your Active Directory tree. Which of the following
procedures can you use to apply the security templates to the organizational units?
a. Use the Security Templates snap-in to create Group Policy Objects for each
organizational unit using the supplied templates.
b. Apply the templates to the correct organizational units using the Security Con-
figuration And Analysis snap-in.
c. Use Secedit.exe to apply the security templates to the appropriate Group Pol-
icy Objects.
d. Create a Group Policy Object for each organizational unit and apply the
appropriate template to it using the Group Policy Object Editor console.
Troubleshooting Lab
The director of IT for a growing company plans to install three new Windows Server
2003 domain controllers on the network, so she assigns each of the three new network
administrators who have recently joined the firm the task of installing one of the new
servers. She gives each of the administrators a worksheet containing the information
they need to perform the installation, including the proper domain names and IP
addresses. She also informs them that all the domain controllers on the company net-
work must use the Hisecdc.inf security template included with Windows Server 2003,
but with several key changes to certain security policies, which she supplies to them as
a printed list of policies and their new values.
The three administrators, Tom, Dick, and Harry, each go off to perform their tasks sep
arately. They proceed as follows:
■ Tom opens the Security Configuration And Analysis snap-in on his domain con-
troller, creates a new database, and imports the Hisecdc.inf security template into
it. After performing an analysis using the snap-in, Tom opens each policy on the
list of changes the director has given him and modifies it to the value on the list.
■ Dick uses the Security Templates snap-in to create a new template containing the
settings on the list of changes the director has given him. Then he creates two
Group Policy Objects, links them both to the Domain Controllers organizational
unit in Active Directory, and applies the templates to the Group Policy Objects,
Hisecdc.inf to the first one and the new template he created to the second.
■ Harry uses the Security Templates snap-in to modify the Hisecdc.inf template by
changing the policies on the list of changes to the values specified on the list.
Then he uses the Secedit.exe utility to apply the modified template to the domain
controller.
Bạn đang xem 3. - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 293 PHẦN 6 PPTX