You are an Enterprise administrator for contoso.com. The corporate network of the company consists of a single Active Directory domain. All the domain controllers on the network either run Windows Server 2008 and all client computers run Windows Vista.
The company plan to collaborate on a project with an external partner company called TechKing.com. The TechKing.com domain also consists of an Active Directory domain that runs Windows Server 2008 domain controllers.
You have been assigned the task to design a collaboration solution that allows the users of both the companies to prevent sensitive documents from being forwarded to untrusted recipients or from being printed.
Besides, the users of TechKing.com should be allowed to access the protected content in contoso.com to which they have been granted rights. You need to ensure that all inter-organizational traffic is sent over port 443.
Which of the following options would you choose to accomplish the desired goal in a minimum amount of the administrative effort? (Select two. Each selected option will present a part of the answer.)
A.
Establish a federated trust between your company and the external partner.
B.
Establish an external forest trust between your company and the external partner.
C.
Deploy a Windows Server 2008 server that runs Microsoft Office SharePoint Server 2007 and that has the Active Directory Rights Management Services (AD RMS) role installed.
D.
Deploy a Windows Server 2008 server that has the Active Directory Rights Management Service (AD RMS) role installed and the Windows SharePoint Services role installed.
E.
Deploy a Windows Server 2008 server that has the Active Directory Certificate Services role installed. Implement Encrypting File System (EFS).
F.
Deploy a Windows Server 2008 server that has the Windows SharePoint Services role installed.
Explanation:
To design a collaboration solution that allows the users of both the companies to prevent sensitive documents from being forwarded to untrusted recipients or from being printed, you need to establish a federated trust between your company and the external partner. Deploy a Windows Server 2008 server that runs Microsoft Office SharePoint Server 2007 and that has the Active Directory Rights Management Services (AD RMS) role installed
With a federation trust, you can extend Active Directory to allow for the sharing of resources securely in a B2B environment. Once the federation trust is established, authentication requests that are made to the Intranet server in the resource domain can flow through the federation trust from users who are located in the domain where the accounts are located without issue.
Active Directory Rights Management Services (AD RMS) is an information protection technology that works with AD RMS-enabled applications to help safeguard digital information from unauthorized use. Content owners can define who can open, modify, print, forward, or take other actions with the information.
Office SharePoint Server 2007 provides an easy way to collaborate on documents by posting them to an Office SharePoint Server 2007 site so that they can be accessed over the corporate network. The goal of integrating an Office SharePoint Server 2007 deployment with an ADRMS infrastructure is to be able to protect documents that are downloaded from the Office SharePoint Server 2007 server by users of any given organization.
http://www.windowsnetworking.com/articles_tutorials/Window-Server-2003-R2-New-Active-Directory.html