Testlet: Graphic Design Institute, Case B
You need to apply a critical security update to allcomputers on the New Haven campus while ensuring that
New Haven computers continue to receive scheduled updates from BODATA03. You must not apply the
security update to any other computers.
What should you recommend?\r\n
General Background
You are the systems administrator for the Graphic Design Institute (GDI). GDI is a private liberal arts and
technical college with campuses in multiple cities.
Technical Background
The campus locations, users, client computers, and servers are described in the following table.

The campuses are connected by a fully meshed WAN.
The corporate network includes Active Directory Domain Services (AD DS). Domain controllers are located
on each campus.
GDI uses Microsoft Windows Deployment Server (WDS) to distribute images by using Preboot Execution
Environment (PXE). GDI builds images by using the Windows Automated Installation Kit (WAIK).
GDI uses Microsoft Windows Server Update Services (WSUS) to distribute and manage Windows security
updates and software updates.
All private client computers and portable computersused by faculty and staff are members of the WSUS
computer group named Staff. All shared client computers are members of the WSUS computer group
named LabComputers. All faculty and staff users aremembers of the global security group named
GDI_Staff. All students are members of the global security group named GDI_Students.
Specific servers are configured as shown in the following table.

The main data center is located on the Boston campus. ADMX and ADML files are centrally stored on
BODC01.
All Charlotte servers reside in the CH_Servers organizational unit (OU). CHDATA01, CHDATA02,
CHDATA03, and CHDATA04 reside in the CH_FileServersOU. CH_FileServers is a child OU of
CH_Servers.
A Group Policy object (GPO) named ServerSettings applies Windows Internet Explorer settings to all
servers.
Business Requirements
After successful migrations to Windows Server 2008 R2 in Boston, New Haven, and Tacoma, GDI plans to
migrate its other campuses to Windows Server 2008 R2 in advance of a full Windows 7 client computer
deployment.
Server deployment on the Austin campus must be performed on weekends by using scheduled
deployments.
The post-migration environment must meet the following business requirements:
Maximize security.
Maximize data protection.
Maximize existing resources.
Minimize downtime.
Technical Requirements
The post-migration environment must meet the following security requirements:
All updates must be distributed by using WSUS.
All critical updates must be installed as soon as possible.
All drives on the Minneapolis campus servers must have Windows BitLocker Drive Encryption enabled.
The post-migration environment must meet the following data protection requirements:
All servers must have automated backup routines.
All backups must be replicated to the Boston data center at the end of each business week.
The post-migration environment must meet the following resource requirements:
Installations and recovery must be performed remotely.
All department volumes on file servers must have NTFS quotas.
Minimize download time for users who open MicrosoftOffice documents over the WAN.
Ensure that users’ files are always opened from theclosest file server when available.
Users’ files must be accessible by the same path from all campuses.

A.
Configure the New Haven campus client computers to synchronize hourly from Microsoft Update.

B.
Change NEDATA01 to Autonomous mode, and deploy the security update from NEDATA01.

C.
Change NEDATA01 to Autonomous mode, and deploy the security update from BODATA03.

D.
Configure only NEDATA01 as an upstream server, and deploy the security update from NEDATA01.