Your network contains an Active Directory domain named litwareinc.com. The domain contains two sites
named Sitel and Site2. Site2 contains a read-only domain controller (RODC).
You need to identify which user accounts attempted to authenticate to the RODC.
Which tool should you use?

A.
Active Directory Users and Computers

B.
Ntdsutil

C.
Get-ADAccountResultantPasswordReplicationPolicy

D.
Adtest

Explanation:
Ntdsutilcannot be used for this.
http://technet.microsoft.com/en-us/library/cc753343.aspx
Get-ADAccountResultantPasswordReplicationPolicyis used to get the members of the allowed list or
denied list of a read-only domain controller’s password replication policy. Get-ADDomainControllerPasswordReplicationPolicyUsagecould be used, but is not listed.
http://technet.microsoft.com/en-us/library/ee617207.aspx
Adtestis used for perfomance testing.
Reference 1:
http://technet.microsoft.com/en-us/library/cc755310.aspx
Review whose accounts have been authenticated to anRODC
Periodically, you should review whose accounts havebeen authenticated to an RODC. (…)
You can use Active Directory Users and Computers orrepadmin /prp to review whose accounts have been
authenticated to an RODC.
Reference 2:
http://technet.microsoft.com/en-us/library/83a6daba-cdde-4606-97a3-6ebb9d7fa6bf(v=ws.10)#BKMK_Auth2
[Gives a step by step explanation on using Active Directory Users and Computers for this.]