ANALYZING A COMPUTER IN THIS PROCEDURE, YOU USE THE SECURITY CONFIGURA...

Question

3.  When you use the Security Configuration And Analysis snap-in to export a tem­plate, where do the settings in the new template come from? a.  From the computer’s current security settings b.  From the snap-in’s currently loaded database c.  From the security template you imported into the database d.  From a Group Policy Object you specify Lesson Summary ■ You can use group policies to deploy security templates on multiple computers, but you must be aware that the GPO applies the template settings to all the com­puters in the container to which the GPO is linked. ■ You should not use group policies to deploy large security templates, because of the burden they create on the network and on the domain controllers. ■ You can use the Security Configuration And Analysis snap-in to deploy security templates on the local computer. ■ The Security Configuration And Analysis snap-in can also analyze the computer’s security configuration by comparing its current security settings to those of a secu­rity template and flagging the discrepancies. ■ Secedit.exe is a command line tool that performs the same functions as the Secu­rity Configuration And Analysis snap-in, and can also apply specific parts of tem­plates to the computer. You can use Secedit.exe in scripts and batch files to automate security template deployments. Case Scenario ExerciseYou are the network infrastructure design specialist for Litware Inc., a manufacturer of specialized scientific software products, and you have already created a basic network design for their new office building, as described in the Case Scenario Exercise in Chapter 1. You are currently in the process of designing a security infrastructure for the company’s computers that run Windows Server 2003. Unbeknownst to you, the IT directory at the home office has engaged a consulting firm to create a security configuration for all the company’s Windows Server 2003 networks. Based on the requirements supplied by the home office, the consultants have supplied you with a series of security templates to implement their configurations for the various server roles. Based on this information, answer the following questions.

ANALYZING A COMPUTER IN THIS PROCEDURE, YOU USE THE SECURITY CONFIGURA...

3. When you use the Security Configuration And Analysis snap-in to export a tem­

plate, where do the settings in the new template come from?

a. From the computer’s current security settings

b. From the snap-in’s currently loaded database

c. From the security template you imported into the database

d. From a Group Policy Object you specify

Lesson Summary

You can use group policies to deploy security templates on multiple computers,

but you must be aware that the GPO applies the template settings to all the com­

puters in the container to which the GPO is linked.

You should not use group policies to deploy large security templates, because of

the burden they create on the network and on the domain controllers.

You can use the Security Configuration And Analysis snap-in to deploy security

templates on the local computer.

The Security Configuration And Analysis snap-in can also analyze the computer’s

security configuration by comparing its current security settings to those of a secu­

rity template and flagging the discrepancies.

Secedit.exe is a command line tool that performs the same functions as the Secu­

rity Configuration And Analysis snap-in, and can also apply specific parts of tem­

plates to the computer. You can use Secedit.exe in scripts and batch files to

automate security template deployments.

Case Scenario Exercise

You are the network infrastructure design specialist for Litware Inc., a manufacturer of

specialized scientific software products, and you have already created a basic network

design for their new office building, as described in the Case Scenario Exercise in

Chapter 1. You are currently in the process of designing a security infrastructure for the

company’s computers that run Windows Server 2003.

Unbeknownst to you, the IT directory at the home office has engaged a consulting firm

to create a security configuration for all the company’s Windows Server 2003 networks.

Based on the requirements supplied by the home office, the consultants have supplied

you with a series of security templates to implement their configurations for the various

server roles. Based on this information, answer the following questions.

Bạn đang xem 3. - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 293 PHẦN 6 PPTX

3. When you use the Security Configuration And Analysis snap-in to export a tem

but you must be aware that the GPO applies the template settings to all the com

security configuration by comparing its current security settings to those of a secu

Secedit.exe is a command line tool that performs the same functions as the Secu

rity Configuration And Analysis snap-in, and can also apply specific parts of tem