EXERCISE 12.01.E XERCISE 12.03R EQUESTING A C ERTIFICATE FROM A W EB S...

3. A portion of your company’s organizational structure is shown in Figure 1.14.Third-leveldepartment managers report to the second-level department managers directly above themin the organizational chart. Second-level managers report to their corresponding vicepresidents, who then report to the company CEO.Your company CEO would like a con-sistent security policy to be implemented across the entire network, but each subdepart-ment has specific desktop and application installation settings that you would like to beable to control and deploy centrally.What is the most efficient AD structure to design forthis company?Figure 1.14Organizational StructureJon SmithCEOAccountingJane DoeMgr.PayrollAccounts PayableCollectionsMary NoxonA.J. TierneyPeter WhiteA. Configure a single domain for the organization, and configure a series of nested OUsfor each second-level and third-level department. Configure the domain with a singlesecurity policy, and link a GPO to each OU to enable each specific department’sdesired settings.B. Configure a parent domain for each second-level department, and configure a childdomain for each third-level department. Create and link a separate GPO to eachdomain to control security and application settings.C. Configure a single domain for the organization, and configure a global security groupfor each department. Configure the domain with a single security policy, and link aGPO to each global group to enable each specific department’s desired settings.D. Create a separate forest for each second-level department, and create a child domainfor each third-level department. Configure a security policy for each forest, and con-figure a domain GPO for each third-level department.A. A hierarchical organizational structure such as the one described in this questionlends itself to a domain structure with nested OUs. Using OUs will also allow you toapply departmental settings centrally through GPOs.B,C,D. Answer B is incorrect because a single domain is more efficient if a networkenvironment has unified security requirements. Answer C is incorrect because GPOscannot be linked to group objects; they can be linked to only sites, domains and OUs.Answer D is incorrect because it creates more administrative overhead than is necessaryfor the environment described in the question.