1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

70-294 QOTD for May 27th

Discussion in 'Active Directory Exams' started by tripwire45, May 26, 2004.

  1. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    Keith is a junior network admin for a company that designs classified sonar equipment for Navy submarines. This is a single domain network running a Windows Server 2003 Active Directory domain. He has been delegated complete authority over the Design OU. While password length and complexity is important throughout the domain, members of the design OU are required to use more secure passwords than the rest of the domain. These passwords must be of at least 10 characters that must be changed every 30 days. Keith right clicks the OU container, selects properties, selects the group policy tab and navigates the path to Password Policy. There, he makes the appropriate changes to the password policy for the Design OU. Later, when he logs on to a test account in the Design OU, he discovers that he is able to log on with a password that meets the default settings for the domain. What is the issue? Choose one answer.

    A. Keith does not have sufficient permissions to change the OU’s password policies. He must be a member of the Enterprise Admins group.
    B. Keith does not realize that the range of characters can only be set to eight or more and that the minimum amount of time that can be set to change passwords is 45 days. When he set these values to invalid settings, the system defaulted to the domain’s default group policy settings.
    C. The Design OU Group Policy Container is set to Block Policy Inheritance which allows the domain’s default group policy settings for passwords to be applied instead of those Keith applied to the OU’s GPO.
    D. Password policies can only be set at the domain or site levels and any password policies set at the OU level are ignored.
    E. Password policies can only be set at the domain level and any password policies set at the OU level are ignored.
    F. Password policies can only be set at the site level and any password policies set at the OU level are ignored.

    Answer later.
     
    Certifications: A+ and Network+
  2. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Answer for today E
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  3. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  4. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    Ya'know, Ryan...now that you've revealed keith's "super secret" e-mail address...some Government agent is going to have to try and kill you... :eek: :wink:
     
    Certifications: A+ and Network+
  5. AJ

    AJ Administrator Administrator

    6,773
    102
    221
    Gotta go with the boys as it's the obvious answer :D
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Looking at doing ..................
  6. nugget
    Honorary Member

    nugget Junior toady

    7,796
    71
    224
    I would have picked C (why not?) as a possible reason but I will bow to the superior knowledge of the gang and pick E. :oops:
     
    Certifications: A+ | Network+ | Security+ | MCP (270,271,272,290,620) | MCDST | MCTS:Vista
    WIP: MCSA, 70-622,680,685
  7. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    hmm maybe ill post this response later instead of ruining the question :)
    EDIT: this is what i had written
    The reason nugget, is that password policy can only be defined on a domain level, although other elements of group policy can be filtered and shaped with access lists, block inheritence etc, password policy from the domain will always supersede any changes you make lower down in the tree
    its an odd one, and i am unsure why they did it that way (anyone care to comment?) but it is one of the prime reasons for using multiple domains still even though OUs replace thier need on many other levels
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  8. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    Correct answer is E. Password policy changes can only be made at the domain level. If they are made anywhere else, the policy changes are ignored. More later.
     
    Certifications: A+ and Network+

Share This Page

Loading...