70-243 · Question #97
You have a System Center 2012 Configuration Manager environment. You need to prevent computers in remote offices from installing packages from the distribution point in the main office. What should yo
The correct answer is A. Configure the central site system role with protected boundaries.. Configuring the central site distribution point with protected boundaries restricts its use to clients within those boundaries, blocking remote office clients from pulling content from it.
Question
You have a System Center 2012 Configuration Manager environment. You need to prevent computers in remote offices from installing packages from the distribution point in the main office. What should you do?
Options
- AConfigure the central site system role with protected boundaries.
- BConfigure the remote office site system roles with protected boundaries.
- CConfigure the central site distribution point as a protected distribution point.
- DConfigure the remote office distribution points as protected distribution points.
How the community answered
(24 responses)- A75% (18)
- B8% (2)
- C4% (1)
- D13% (3)
Why each option
Configuring the central site distribution point with protected boundaries restricts its use to clients within those boundaries, blocking remote office clients from pulling content from it.
In ConfigMgr 2012, a distribution point configured with protected boundaries will only serve clients that fall within the defined boundary set. By assigning protected boundaries to the central (main office) site system role that include only the main office network ranges, remote office clients are explicitly excluded from using that distribution point as a content source.
Configuring remote office site system roles with protected boundaries would restrict which clients use the remote DPs, but would not prevent those same remote clients from reaching back to the central office DP.
Marking the central DP as a protected distribution point without specifying the correct associated boundaries does not by itself restrict access - the boundaries define which clients are allowed, so the boundary configuration is the critical step.
Configuring remote office DPs as protected ensures remote clients prefer local DPs but does not block remote clients from falling back to the unprotected central DP when needed.
Concept tested: Restricting distribution point access with protected boundaries
Source: https://learn.microsoft.com/en-us/mem/configmgr/core/servers/deploy/configure/boundary-groups
Topics
Community Discussion
No community discussion yet for this question.