PrepAway - Latest Free Exam Questions & Answers

What are two possible ways to achieve this goal?

You are the desktop administrator for your company. The company’s network contains 500 Windows XP Professional computers. The information security department releases a new security template named NewSec.inf. You import NewSec.inf into a security database named NewSec.sdb. You analyze the result, and you review the
changes that the template makes. You examine the security policies that are defined in NewSec.inf. You discover that the settings in NewSec.inf have not been implemented on your computer. You need to ensure that the settings in NewSec.inf overwrite the settings in your computer’s local security policy.What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

PrepAway - Latest Free Exam Questions & Answers

A.
Run the Secedit /configure /db C:NewSec.sdb command.

B.
Run the Secedit /refreshpolicy machine_policy command.

C.
Copy NewSec.inf to the C:WindowsInf folder.

D.
Copy NewSec.sdb to the C:WindowsSystem32MicrosoftProtect folder.

E.
Use the Security Configuration and Analysis console to open NewSec.sdb and then to perform a Configure operation.

F.
Use the Security Configuration and Analysis console to export NewSec.sdb to the Defltwk.inf security template.

Explanation:
We have only analyzed the new security template. Now we must apply it. We can either use the Secedit utility or the Security Configuration and Analysis console to apply the security template.
A: The secedit /configure command configures system security by applying a stored template. The /DB filename parameter provides the path to a database that contains the security template that should be applied.
E: We use the Configure Now option in the Security Configuration and Analysis utility to apply the new template.
Incorrect Answers:
B: Refreshing the machine policy would not help since we have not applied the template yet. We have only analyzed it.
C, D: The template cannot be applied by copying a file. We must either use the Secedit command line utility or the Security Configuration and Analysis console.
Windows 2000 Advanced Server Documentation, Configure system security
Windows 2000 Server documentation, Configure system security
Microsoft Knowledge Base Article (Q216735): Methods Used to Apply Security Settings Throughout an Enterprise


Leave a Reply