Your network contains an Active Directory forest named contoso.com.
You need to identify whether a fine-grained password policy is applied to a specific group.
Which tool should you use?

A.
Credential Manager

B.
Group Policy Management Editor

C.
Active Directory Users and Computers

D.
Active Directory Sites and Services

Explanation:
Practically the same question as K/Q7, different set of answers.
Use Active Directory Users and Computersto determine the value of the msDS-PSOAppliedattribute of the
specific group:
1. Open the Properties windows for the group in Active Directory Users and Computers
2. Click the Attribute Editor tab, and then click Filter
3. Ensure that the Show attributes/Optional check box is selected.
4. Ensure that the Show read-only attributes/Backlinks check box is selected.
5. Locate the value of msDS-PSOAppliedin the Attributes list.
Reference:
http://technet.microsoft.com/en-us/library/cc754544.aspx
Defining the scope of fine-grained password policies
A PSO can be linked to a user (or inetOrgPerson) ora group object that is in the same domain as the PSO:
(…)
A new attribute named msDS-PSOAppliedhas been added to the user and group objects in Windows
Server 2008. The msDS-PSOApplied attribute containsa back-link to the PSO. Because the msDS-PSOApplied attribute has a back-link, a user or group can have multiple PSOs applied to it.
As stated previously, in Windows Server 2008, a user or group can have multiple PSOs applied to it since the
msDS-PSOApplied attribute of the user and group objects has a back-link to the PSO.