Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

MCSA 70-411 - Global Knowledge > Implementing a Group Policy Infrastructure > Flashcards

Implementing a Group Policy Infrastructure Flashcards

1
Q

What is the default group policy application?

A

It applies in the following order:

  1. Local Machine
  2. AD Site
  3. AD Domain
  4. OU

AKA: LSDOU - Last to apply wins

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the different was you can manipulate the application of GPOs?

A
  1. WMI Filters
  2. Security Filtering (Modify the GPO to Specify a Security Group or User)
  3. Enforce - Allows this policy to always be read last and ingnores blocks
  4. Block inheritance
  5. Modify the link order
  6. Disable the Group Policy Link
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is loopback processing?

What are the two options?

A

Essentially loopback processing changes the standard group policy processing. The user configuration settings are applied based on the computers GPO Scope during logon.

Merge or Replace

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the three states that most group policies have?

What should you watch out for?

A
  1. States
    1. Not Configured
    2. Enabled
    3. Disabled
  2. Watch out for the double negatives (I.E. Do not and disabled)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How do you delegate the permission to create GPOs?

A

Add the user to the Group Policy Creator Owners AD group

or

In the Group Policy Management Console (GPMC), add the user to the Group Policy Objects delegation tab

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do you delegate the ability to Link a GPO?

Can you narrow the delegated permissions?

A
  1. Delegate the ability to link a GPO
    • You can select the Domain
    • Select the delegation tab
    • Make sure Permission is set to Link GPOs
    • Select Add.. and select a user or group to add
  2. Yes - Just select the OU that you would like to give them the ability to link GPOs to (this includes sub OUs). If you need to modify this you will need to go into Advanced..
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How would you delegate the ability to Edit a single GPO?

A
  1. Select the GPO you would like to delegate
  2. Select the deledgation tab
  3. Add the user or group
  4. Set the permissions (Read - Able to read the policy, Edit settings - can edit the gpo but not edit the owner, Edit settings, delete, modify security - Edit all of the policy including the owner or delegation)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How would you delegate the ability to create a WMI Filter?

A

Select the WMI Filters folder

Select the delgation tab

Select the User

Set permissions (Creator Owner - only can create/edit what he owns, Full control - Unrestricted WMI access)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Duplicate

How do you delegate the ability to Perform Group Policy Modeling analysis?

Can you narrow the delegated permissions?

A
  1. Delegate the ability to Perform Group Policy Modeling analysis
    • You can select the Domain
    • Select the delegation tab
    • Make sure Permission is set to Perform Group Policy Modeling analysis
    • Select Add.. and select a user or group to add
  2. Yes - Just select the OU that you would like to give them the ability to link GPOs to (this includes sub OUs). If you need to modify this you will need to go into Advanced..
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How do you delegate the ability to Read Group Policy Results data?

Can you narrow the delegated permissions?

A
  1. Delegate the ability to Read Group Policy Results data
    • You can select the Domain
    • Select the delegation tab
    • Make sure Permission is set to Read Group Policy Results data
    • Select Add.. and select a user or group to add
  2. Yes - Just select the OU that you would like to give them the ability to link GPOs to (this includes sub OUs). If you need to modify this you will need to go into Advanced..
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do you backup a GPO?

  1. GUI
  2. PowerShell
    • Single
    • All
A
  1. GUI
    • Select the group policy in Group Policy Objects
    • Right-Click, select Backup GPO..
    • Select a Location and enter a Description
  2. PowerShell
    • Backup-GPO -Name < Name of GPO > -Path < Path to save to > -Comment < if so desired >
    • Backup-GPO -All -Path < Path to save to > -Comment < if so desired >
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the difference between Restoring a GPO and Importing a GPO?

A

Restoring:

  • Only for Original Domain
  • A GPO with the same name must exist

Importing:

  • GPO can be in a different domain or forest than the backup
  • It does not have to exist prior to the operation
  • The existing attributes of the target GPO, such as security filtering, elegation, links, and WMI filtering, are left untouched
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How do you Restore a GPO?

  1. GUI
  2. PowerShell
A

GUI:

  • In the Group Policy Managemnet Console
  • Select the Group Policy Object, Right-Click
  • Select Restore from backup..
  • Click through the wizard and select the location of backups and the GPO

PowerShell:

  • Restore-GPO -Name < Name of the GPO > -Path < Path of backups >
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do you copy a GPO (with in the same domain)?

  • GUI
  • PowerShell
A

GUI:

  • Right-Click the GPO, Select Copy
  • Right-Click where you want to past it and click paste
  • Select to use The Default Permissions For New GPOs
    or chose Preserve The Existing Permissions

PowerShell:

  • Copy-GPO -SourceName < Name of GPO > -TargetName < GPO to be created >
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do you Import a GPO?

  • GUI
  • PowerShell
A

GUI:

  • In the GPMC
  • Right-Click the GPO, select Import Settings
  • Backup the GPO if desired
  • Select the Backup location for the settings you want to import

PowerShell:

  • Import-GPO -BackupGpoName < Backup GPO Name > -TargetName < Name of GPO to import to > -Path < Backup Path > -CreateIfNeeded
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How do you copy a GPO (between two domains)?

  • GUI
  • PowerShell
A

GUI:

  • Open the GPMC and navigate to the Group Policy Objects container for the domain you want copy a GPO of.
  • Right-click the source GPO and select Copy.
  • In the target domain, right-click the Group Policy Objects container and select Paste.
  • In the Cross-Domain Copying Wizard, click Next on the Welcome page.
  • On the Specifying Permissions page, select Use The Default Permissions For New GPOs or chose Preserve The Existing Permissions.
  • Click Next. On the Scanning Original GPO page, read the Scan Results. You might have references that you need to address. If not, skip the next step.
  • On the Migrating References page, you can choose to copy the references or use a Migration Table.
  • Click Next, click Finish, and then click OK.

PowerShell:

  • Copy-GPO -SourceName < Name of GPO > -TargetName < GPO to be created > -TargetDomain < Domain to send to >
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How do create a Migration Table?

A
  1. Open the GPMC (Group Policy Managmenet Console)
  2. Select the Domain
  3. Right-Click Group Policy Objects and select Open Migration Table Editor
  4. You can populate from a GPO or Backup
  5. Then you must file in the Desitnation Name
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

When would you use a migration Table?

A

When importing a GPO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
  1. How do you reset the Default Domain Policy?
  2. How do you reset the Default Domain Controller Policy?
  3. How do you reset both at the same time?
  4. If you are resetting a default policy and the schema is not the same as what it is shipped with, what should you do?
A
  1. How do you reset the Default Domain Policy?
    • DCGPOFix /target: Domain
  2. How do you reset the Default Domain Controller Policy?
    • DCGPOFix /target: DC
  3. How do you reset both at the same time?
    • DCGPOFix /target: Both
  4. If you are resetting a default policy and the schema is not the same as what it is shipped with, what should you do? (I.E. You update the schema to allow a new feture to work like bitlocker)
    • DCGPOFix /ignoreschema /target: {Domain | DC | Both}]
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

When enforcing a GPO what happens?

A
  • It will have the highest precedence, meaning it is the last to apply
  • Blocking Inheritance will not stop the policy from applying
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does blocking inheritance do?

A
  • Allows you to block all non-enforce group policy objects
  • Enforced Group Policy Objects will still be the last to apply (Precedence of 1)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q
  1. What does changing the link order of Group Policies do?
  2. Where would you change this?
A
  1. What does changing the link order of Group Policies do?
    • It changes the order in which the policy is applied. (I.E. if the GPO (GPO2) is in link order 2 and you move it to link order 1 - It will be moved back in the processing order making it apply after GPO 1)
  2. Where would you change this?
    • Where the group policy is linked. (Note: You can only change the inheritance based on where the GPO is linked)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

How would you filter a GPO to only apply to a certain group?

A
  • In the group policy object, on the Scope Tab, select Authenticated Users
  • Click Remove
  • Click Add… Select the group you would like it to apply to
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How would you add a WMI Filter to a GPO?

A
  • Open the GPMC
  • Select the Domain
  • Next, If you do not already have a WMI filter created, you need to create a WMI Filter
  • Select the Group Policy, In the Scope Tab
  • Select a WMI Filter
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q
  1. Where would you create a WMI filter?
  2. When implementing a GPO with a WMI filter do you create multiple WMI filters or only a single incorperating many systems?
A
  1. Where would you create a WMI filter?
    • Open the GPMC (Group Policy Management Console)
    • Select the Domain
    • Right-Click WMI Filters
    • Click New..
  2. When implementing a GPO with a WMI filter do you create multiple WMI filters or only a single incorperating many systems?
    • You create a single WMI Filter that would fit all systems/requirements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Where would you configure Loopback processing mode?

What is the actual name?

A
  • Computer Configuration -> Policies -> Administractive Templates -> System -> Group Policy
  • Configure user Group Policy loopback processing mode
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Please explain Group Policy Loopback processing?

A
  • Replace: The Computer and User policies are applied only based on the policies that apply to the computer (i.e. meaning the user policies are applied from GPOs like the user was in the same OU as the computer)
  • Merge: The User policies are applied from where the user is and the user policies where the computer is located is merged. (I.E. the policies that is in the computer OU will overwrite or add additional settings to the user settings)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q
  1. What are the different ways that you can force a Group Policy Update?
  2. What does forcing an Update do?
A
  1. What are the different ways that you can force a Group Policy Update?
    • In the GPMC
      • Right-Click the OU
      • Select Group Policy Update…
      • Click Yes
    • CMD
      • on the PC gpupdate /force
    • PowerShell
      • On the PC: Invoke-GPUpdate -Force
      • Remote PC: Invoke-GPUdate -Computer “ [PC Name] “
  2. What does forcing an Update do?
    • Reapplies all policy settings. By default, only policy settings that have changed are applied.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

If a Group Policy objet is confliciting in a Computer and User Policy what takes precedence?

A

The computer policy is applied over the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What are the two places you can comment on a group policy?

A
  1. In the GPME (Group Policy Management Editor), right clikc on the policy, select properties, select comment tab
  2. In the policy you are setting there is a comment block that you can save as well.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What do group policy preferences do to a users settings?

A

It sets them as standards but user can always change them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What options do you have for when you set a group policy preference?

A

C - Create

R - Replace

U - Update

D - Delete

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What is the difference between Create, Update, Replace, and Delete in a Group Policy Preference?

A
  • Create – is very low impact and low risk–it’s a “safe” move. E.g. If this mapping or connection does not exist, then create it. Otherwise, if it does exist, then do nothing.
  • Replace – It will not only create new objects, but destroy old ones, too. No matter what, you are getting this new object.
  • Update – You might overwrite something. You can update the object with new settings, or create the object if it doesn’t exist. However, you should note: it does not remove or destroy any objects. Update cannot delete anything, like Replace can.
  • Delete – This is exactly what it sounds like: delete the object. Just get rid of it.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

How would you leave a Group Policy Link inplace but stop it from applying?

A

Disable the Group Policy Link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is a Group Policy client-side extension?

A

Client-side extensions interpret setting in a GPO to make appropriate changes to the local computer or to the currently logged-on user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is different about the Security CSE (Client-Side Extension)?

A

Security settings reapply every 16 hours even if a GPO has not changed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

How would you configure CSE’s to reapply policy settings at background refresh even if the GPO has not changed?

A

You would configure the GPO:

Configure < CSE Name > preference extension policy procssing

EX. Configure Drive Maps preference extension policy procssing

38
Q
  1. Is the latest Group Policy applied at start up?
  2. How would you change this to either apply Group Policy (GP) or not apply GP at start up?
A
  1. No - it might only receive cached policies
  2. Enable the GPO: Always wait for the network at startup and logon
    • Note: the GPO lives here: Computer Configuration\Policies\Administrative Templates\System\Logon
39
Q

How is a client aware of a Group Policy update?

A

By the GPOs Version number

40
Q

Group Policies in SYSVOL are replicated by…?

A
  • For Windows Server 2008, Windows Server 2008 R2, Windows Server 2003, and Windows 2000: FRS replicates SYSVOL
  • For Windows Server 2008 or newer: you can configure SYSVOL replication by using DFS Replication
41
Q
  1. How does group policy address the issue of slow links?
A
  1. It determins whether the connectiong should be considered a slow link. Each CSE then used that to determin whether to apply settings or not. By default a link is considered slow if it is less than 500 kbps
    2.
42
Q

How does the following CSE process slow link? Can it be changed?

Registry policy processing

A

Slow link processing: On

Can be changed: No

43
Q

How does the following CSE process slow link? Can it be changed?

Internet Explorer Maintenance

A

Slow link processing: Off

Can be changed: Yes

44
Q

How does the following CSE process slow link? Can it be changed?

Software Installation policy

A

Slow link processing: Off

Can be changed: Yes

45
Q

How does the following CSE process slow link? Can it be changed?

Folder Redirection policy

A

Slow link processing: Off

Can be changed: Yes

46
Q

How does the following CSE process slow link? Can it be changed?

Scripts policy

A

Slow link processing: Off

Can be changed: Yes

47
Q

How does the following CSE process slow link? Can it be changed?

Security policy

A

Slow link processing: ON

Can be changed: No

48
Q

How does the following CSE process slow link? Can it be changed?

Internet Protocol security (IPsec) policy

A

Slow link processing: Off

Can be changed: Yes

49
Q

How does the following CSE process slow link? Can it be changed?

Wireless policy

A

Slow link processing: Off

Can be changed: Yes

50
Q

How does the following CSE process slow link? Can it be changed?

Encrypting File System (EFS) Recovery policy

A

Slow link processing: On

Can be changed: Yes

51
Q

How does the following CSE process slow link? Can it be changed?

Disk Quota policy

A

Slow link processing: Off

Can be changed: Yes

52
Q
  1. What is the behavior of Group Policy when a computer is disconnected from the network?
  2. What is the behavior of Group Policy whena remote user connects to the network?
A
  1. The settings previously applied by group policy continue to take effect. However, startup, logon, logoff, and shutdown scripts will not run.
  2. The Group Polic Client wakes up and determine if a refresh window was missed and if so will refresh to obtain the latest GPOs.
53
Q

What is Group Policy Caching?

A

Group Policy infomraiton is cahed (saved) after everybackgroup processing session. This improces performance in general by reducing the repetitive downloads of GPOs.

54
Q

What are the chacteristics of Group Policy Chacing?

A

The Group Policy Caching feature has the following characteristics:

  • When Group Polic applies during computer startup and user logon (Synchronous processing) occurs, chaced policies will be applied
    • If Always wait for the newtowrk at computer startup and user logon is enabled it will always run synchronously
55
Q

What are the two distinct sections of Group Polic Preferences?

A
  • Windows Settings
  • Control Panel Settings
56
Q

What are the for basic options that you can perform for a new GPO preference?

What do each do?

A
  • Create - Create a new preference setting for the user or computer
  • Delete - Remove an existing preference setting for the user or computer
  • Replace - Delete and recreate a preference setting for the user or computer. The result is that Group Policy preferences replace all existing settings and files associated with the preference item
    • Example: Remove whatever drive mapping exists for this share, and create a new one with these settings
  • Update - Modify an existing preference setting for the user or computer
    • Example: If there is no existing object to update, then create the object–but don’t delete any objects, just update them
57
Q

What are the differences between Group Policy Settings and perferences listed below?

  • Group Policy Settings are reapplied
  • Group Policy Settings disable the user interface that are managed by policy
  • Group Policy Settings are applied at regular intervals
  • Users are prevented from changing policy settings
  • What happens if there is a conflict between a preference and a policy?
A

What are the differences between Group Policy Settings and perferences listed below?

  • Group Policy Settings are reapplied
    • Answer: Preference settings are not enforced
  • Group Policy Settings disable the user interface that are managed by policy
    • Answer: Preferences do not do
  • Group Policy Settings are applied at regular intervals
    • Answer: You can apply preferences once only or at regular intervals
  • Users are prevented from changing policy settings
    • End user can change any preference setting that is applied through Group
  • What happens if there is a conflict between a preference and a policy?
    • The value of the policy setting always applies
58
Q

What are the different ways you can install Applications through Group Policy?

A
  • Assigning Software
  • Publishing Software
59
Q

What are the charateristics for Installing software via GPO:

  • Assigning
  • Publishing
  • Advanced
A
  • Assigning - Avalible to assign via User or Computer
    • When you assign software to a user, the user’s Start menu advertises the software when the user logs on. Installation does not begin until the user double-clicks the application’s icon or a file that is associated with the application
    • Users do not share deployed applications. When you assign software to a user, an application that you install for one user through Group Policy may not be available to other users. Assigning software to a user is preferred when the software is used by a subset of users, or when the software has licensing costs associated with it and you do not want to purchase licenses that will not be used.
    • When you assign an application to a computer, the application is installed the next time that the computer starts. The application will be available to all users of the computer. Assigning software to a computer is preferred when you need to have the software installed on a specific set of computers or on all computers in an environment, regardless of which users use the computers. This is a common situation when dealing with agent software, such as monitoring agents, security-related agents, or management agents
  • Publishing - Cannot be published to computers
    • The Programs\Programs and Features\ shortcut in Control Panel advertises a published application to the user. Users can install the application by using the Install a program from the network shortcut, or extension activation can install the application. Extension activation will initiate the program installation when a user clicks on a file type that is associated with the program.
    • Control Panel does not advertise applications to users who do not have permission to install them.
  • Advanced
    • Opens the Software installation Properties to allow you to customize set up. This can also be done once selecting publish or assign
60
Q

What is the characteristics of Folder Redirection?

A
  • You Change the folder’s storage location from the user’s computer’s local hard disk to a shared folder on a network drive
  • After you redirect the folder it still appears to the user that it is on the hard disk
  • You can also enable Offline files in conjunction to synchronize data in the redirected folder
61
Q

What are the available settings for folder redirection?

What does each do?

A
  • None
    • None is the default setting. Folder redirection is not enabled.
  • Basic.
    • Basic folder redirection is for:
      • Users who must redirect their folders to the same parent folder.
      • Users who need their data to be private.
  • Advanced
    • You can use Advanced redirection to specify different network locations for different Active Directory® security groups.
  • Follow the Documents folder.
    • Follow the Documents folder redirection is available only for the Pictures, Music, and Videos folders. This setting makes the affected folder a subfolder of the Documents folder.
62
Q

To allow folder redirection settings to take effect with just one log in, what must be enabled?

A

The GPO: Always wait for the network at computer startup and logon

63
Q

When creating a Basic or Advanced Folder Redirection what options do you have?

A
  • Create a folder for each user under the root path.
    • Examples: This option creates a folder in the form \server\share\User Account Name\Folder Name. For example, if you want to store your users’ desktop settings in a shared folder called Documents on a server called LON-DC1, you could define the root path as \lon-dc1\Documents.
  • Each user has a unique path for the redirected folder to ensure that data remains private.
    • Example/Notes: By default, each user is granted exclusive rights to his or her folder. In the case of the Documents folder, the current contents of the folder are moved to the new location.
  • Redirect to the following location.
    • Details/Notes: This option uses an explicit path for the redirection location. It causes multiple users to share the same parent path for the redirected folder. By default, the user is granted exclusive rights to the folder. In the case of the Documents folder, the current contents of the folder are moved to the new location.
  • Redirect to the local user profile location.
    • This option moves the location of the folder to the local user profile under the Users folder.

Documents Folder Redirection

  • Redirect to the user’s home directory.
    • This option is available only for the Documents folder. When used, the Documents folder is redirected to the home directory configured on the user’s Active Directory user object.
64
Q

Where is the folder redirection GPO?

A

User Configuration -> Policies -> Windows Settings -> Folder Redirection

65
Q
  1. How would you redirect a users documents folder so that their data is private?
  2. How would you redirect only HR/IS user’s documents folder so that their data is private? Each will need their own root. Every department has their own Security Group.
A
  1. How would you redirect a users documents folder so that their data is private?
    • Edit the Group Policy Object
    • Select Folder Redirection
    • Right Click, sleect Properties
    • In Settings Select: Basic
    • Target Folder Location: Create a folder for each user under the root path
    • Enter the path for the folder root
  2. How would you redirect only HR/IS user’s documents folder so that their data is private? Each will need their own root.
    • Edit the Group Policy Object
    • Select Folder Redirection
    • Right Click, select Properties
    • In Settings Select: Advanced
      1. Add…
      2. Select the IT Security Group
      3. Target Folder Location: Create a folder for each user under the root path
      4. Enter the path for the folder root
    • “Repeat 1-4” But use the HR Security Group
    • Enter the path for the folder root

*

66
Q
  1. What GPO Settings can you configure for User Configuration?
  2. What GPO Settings can you configure for Computer Configuration?
A
  1. What GPO Settings can you configure for User Configuration?
    • Logon
    • Logoff
  2. What GPO Settings can you configure for Computer Configuration?
    • Startup
    • Shutdown
67
Q

What is the limitation on running PowerShell scripts through Group Policy?

A

The computers must be Server 2008R2/Windows 7 or newer

68
Q

If an administrative template setting exist in both the User and Computer settings and there exists a settings conflict which applies?

A

the Computer settings

69
Q
  1. What is a Centeral Store?
  2. Where is the Centeral Store located?
A
  1. The Central Store is a repository of ADMX and ADML files. When the Central Store is configured for a domain, management stations use the PolicyDefinitions folder of the Central Store instead of their local copy of ADMX/ADML files. This gives you one location to keep updated and ensures that all Group Policy admins are using the same set of ADMX/ADML files without having to distribute the updates to multiple computers or servers.
  2. \ < The Domain Name > \SYSVOL\ < The Domain Name > \policies
70
Q

How would you import security templates into a GPO?

A
  1. Take a create Security Template (You can create this in the mmc using the security template snap-in), it will the file format of .inf
  2. Open the GPMC
  3. Go to Computer Configuration -> Policies -> Windows Settings -> Security Settings
  4. Right-Click Security Settings, select Import Policy
  5. Select the Policy Template that you created
71
Q

You can filter which administrative templates are visible in the GPME (Group Policy Management Editor):

  1. What are the three basic property filters?
  2. What are the other ways you can filter?
A
  1. What are the three basic property filters?
    • Managed
    • Congiured
    • Commented
  2. What are the other ways you can filter?
    • ​​Keyword Filters
    • Requirements Filters
72
Q

What is the following administrative template basic property filter?

  • Managed
  • Configured
  • Commented
A
  • Managed settings are those that the Group Policy Client service governs, and the settings are removed when they fall out of scope for a computer or user.
  • There are three states for administrative template settings: Not Configured, Enabled, or Disabled. When you filter by Configured, only those changed from Not Configured are shown.
  • Commented When set to Yes, only those settings that have comments are shown. When set to No, only those settings without comments are shown. The default is Any, which doesn’t filter on comments.
73
Q

You can filter which administrative templates are visible in the GPME (Group Policy Management Editor):

What are requirements filters?

A

It specifies the product that you want to view
administrative template settings for.

74
Q
  1. What is the minimal operating system version that Group Policy preferences are supported natively?
    • Server
    • Desktop
  2. If you want to use Group Policy preferences for Servers or Desktops older than the minimal OS supported what do you need to do?
  3. What OS Versions can this be used for?
A
  1. What is the minimal operating system version that Group Policy preferences are supported natively?
    • Windows Server 2008 and Newer
    • Windows Vista Service Pack 2 and Newer
  2. If you want to use Group Policy preferences for Servers or Desktops older than the minimal OS supported what do you need to do?
    • You can download and install Group Policy client-side extensions of Group Policy preferences
  3. Windows Server 2003, Windows XP Service Pack 3 (SP3), and Windows Vista Service Pack 1 (SP1)
75
Q

If you want to use Group Policy preferences for Servers or Desktops older than the minimal OS supported what do you need to do?

A
76
Q

What does the Common Property tab do in a Group Policy Preference?

A

Control the behavior of the preference

77
Q

What are the common properties for all group policy preferences?

A
  • Stop processing items in this extension
  • Run in logged-on user’s security context
  • Remove this item when it is no longer applied
  • Apply once and do not reapply
  • Use item-level targeting
78
Q

What does the following Group Policy Common Property do?

Stop processing items in this extension if an error occurs

A

If an error occurs while processing a preference, no other preferences in this GPO will process.

79
Q

What does the following Group Policy Common Property do?

Run in logged-on user’s security context

A

Preferences can run as the System account or the logged-on user. This setting forces the logged-on user context.

80
Q

What does the following Group Policy Common Property do?

Remove this item when it is no longer applied

A

Unlike policy settings, preferences are not removed when the GPO that delivered it is removed. This setting will change that behavior.

81
Q

What does the following Group Policy Common Property do?

Apply once and do not reapply

A

Normally, preferences are refreshed at the same interval as Group Policy settings. This setting changes that behavior to apply the setting only once on logon or startup.

82
Q

What does the following Group Policy Common Property do?

Use item-level targeting

A

You can use this feature to specify criteria easily, so that you can determine exactly which users or computers will receive a preference

83
Q

What are the different categories for item-level targeting (name five) ?

A

What are the different categories for item-level targeting (name five) ?

  • Computer name
  • IP address range
  • Operating system
  • Security group
  • User
  • Windows Management Instrumentation (WMI) queries
  • Site
  • OU
  • Network Connection
  • Mac Address Range
  • LDAP Query
  • Domain
  • Disk Space
84
Q

How do you create a group policy preference to deploy a shortcut?

A

In the Group Policy Management Editor naviate to:

  • either User or Computer Configuration
  • Preferences -> Windows Settings -> Shortcuts
  • Right-Click and select New -> Shortcut
    • Select an action (CRUD Create, Update, Replace, Delete)
    • Enter a Name
    • Enter the location of the shortcut
85
Q

How do you create a Group Policy Preference for File deployement?

A
  • In the Group Policy Management Editor naviate to:
  • either User or Computer Configuration
  • Preferences -> Windows Settings -> Files
  • Right-Click and select New -> File
    • Select an action (CRUD Create, Update, Replace, Delete)
    • Enter where the Source File is
    • Enter where you would like the file to end up
86
Q

How do you create a Group Policy Preference for Folder deployement?

A
  • In the Group Policy Management Editor naviate to:
  • either User or Computer Configuration
  • Preferences -> Windows Settings -> Folders
  • Right-Click and select New -> Folder
    • Select an action (CRUD Create, Update, Replace, Delete)
    • Enter the path for the folder
87
Q

How do you create a Group Policy Preference for Printer deployement?

A
  • In the Group Policy Management Editor naviate to:
  • either User or Computer Configuration
  • Preferences -> Control Panel Settings -> Printers
  • Right-Click and select New
    • Shared Printers
    • TCP/IP Printers
    • Local Printer
88
Q

How do you create a Group Policy Preference for Custom Registry Settings deployement?

A
  • In the Group Policy Management Editor naviate to:
  • either User or Computer Configuration
  • Preferences -> Windos Settings -> Registry
  • Right-Click and select New -> Registry Item
    • Select CRUD ( Create, Udpate, Replace, Delete)
    • Select the Hive
    • Select the Key Path (& Value name if needed)
89
Q

How do you create a Group Policy Preference for Internet Explorer Settings?

A
  • In the Group Policy Management Editor naviate to:
  • either User or Computer Configuration
  • Preferences -> Control Panel Settings -> Internet Options
  • Right-Click and select New
    • Select the Internet Explorer Version you are targeting
  • Specify settings like you would in IE Settings for a local computer
90
Q

How do you create a Group Policy Preference for Power Options?

A
  • In the Group Policy Management Editor naviate to:
  • either User or Computer Configuration
  • Preferences -> Control Panel Settings -> Power Options
  • Right-Click and select New
    • Power Options for XP
    • Power Scheme for XP
    • Power Plan for Windows 7 and above
  • Select CRUD ( Create, Udpate, Replace, Delete) - Windows 7 specific after this
  • Select the power plan
    • Balanced
    • High Performance
    • Power Saver
  • Set as the active power plan

MCSA 70-411 - Global Knowledge (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions