You are the network administrator for your company. Your network consists of a single Active Directory domain. Three security groups named Accountants, Processors, and Management are located in an organizational unit (OU) named Accounting. All of the user accounts that belong to these three groups are also in the Accounting OU. You create a Group Policy object (GPO) and link it to the Accounting OU. You configure the GPO to disable the display options under the User Configuration section of the GPO. You need to achieve the following goals: You need to ensure that the GPO applies to all user accounts that are members of the Processors group. You need to prevent the GPO from applying to any user account that is a member of the Accountants group. You need to prevent the GPO from applying to any user account that is a member of the Management group, unless the user account is also a member of the Processors group.What should you do?

Your network consists of Windows XP computers in a single Active Directory directory service domain. All computers are located in a single Active Directory site. You need to design and deploy a new Group Policy object (GPO) that automatically installs a custom application on computers. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

Your company plans to distribute an application to all of its client computers by using Group Policy. You save a file named setup.msi to a local folder on the domain controller. You assign the Authenticated Users group the Read and Read & Execute permissions for the folder. You create a new Group Policy object (GPO) and a new Computer Configuration software installation package, and you point the package to the setup.msi file in the local folder. You link the GPO to an organizational unit (OU) that contains a computer object for a test client computer. When you log on to the test client computer, you notice that the application is not installed. You need to ensure that the application is installed on the test computer. What should you do?

Your network consists of Windows XP computers. All computers are joined to a single Active Directory directory service domain and located in a single Active Directory site. You create a new Group Policy object (GPO) and link it to the site. The policy configures default screensaver settings. User accounts of users in the research department are located in an organizational unit (OU) named Research. You need to allow users in the research department to configure a different screensaver setting on their computers. What should you do?

You have a single Active Directory directory service domain. User accounts are in an organizational unit (OU) named Employees. A Group Policy object (GPO) named Secure Employees is linked to the Employees OU. Member servers are in an OU named Servers. A GPO named Secure Member Servers is linked to the Servers OU. You need to ensure that when users attempt to log on to member servers with their Active Directory credentials, and the users incorrectly enter their password three times, the users are automatically locked out. What should you do?

Your company has a single Active Directory directory service forest with seven domains. Company policy states that users must log on using their user principal names (UPNs). User logon names follow the firstname.lastname naming convention. You are preparing to allow users in a domain named NE.sales.contoso.com to log on using firstname.lastname@nesales. You need to ensure that all users in the NE.sales.contoso.com domain have the ability to log on using firstname.lastname@nesales, while
maintaining existing network access. What should you do?

You have a Windows Server 2003 Active Directory directory service forest with two domains named contoso.com and corp.contoso.com, and two sites named Site1 and Site2. Site1 has two domain controllers for the contoso.com domain. Site2 has two domain controllers for the corp.contoso.com domain. Replication traffic is creating network congestion. Your environment contains a large number of universal security groups. You examine the universal groups and find that they contain global security groups and individual user accounts from both domains. The universal group memberships change frequently. You need to reduce the Active Directory replication traffic. You must maintain the ability to assign groups from one domain access to resources in the other domain. What should you do?

Your network consists of Windows XP and Windows Vista computers joined to an Active Directory directory service domain. All users and computers are located in a single organizational unit (OU). You create a new Group Policy object (GPO) and link it to the OU. The new GPO settings are not being applied to the Windows Vista computers. You need to identify which policy settings are in effect on all computers. What are two possible tools that you can use to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. You deploy an application by using a Group Policy object (GPO) that publishes an .msi file. Users report some instabilities in the application that cause data loss. The software vendor releases a patch that fixes the problem. The patch is released as an .msp file. You need to ensure that users do not lose data when running the application. Which two actions should you take? (Each correct answer presents part of the solution. Choose two.)

You have a single Active Directory directory service domain. All client computers run Windows XP. You configure security settings for the client computers in a new Group Policy object (GPO), and you link the GPO to the domain. The security settings are not being applied to one of the client computers. You need to find out why the security settings are not being applied to the client computer. On the client computer, what should you do?