70-647 · Question #20
70-647 Question #20: Real Exam Question with Answer & Explanation
The correct answer is B. In the Default Domain Controller Policy, configure a Directory Services Auditing policy.. To implement an audit and compliance policy and ensure that all changes made to Active Directory objects are recorded, you need to configure a Directory Services Auditing policy in the Default Domain Controller Policy. In Windows Server 2008, you can enable Audit Directory Servic
Question
Options
- AOn all domain controllers, run the Security Configuration Wizard (SCW).
- BIn the Default Domain Controller Policy, configure a Directory Services Auditing policy.
- CIn the Default Domain Controller Policy, configure and implement a file-level audit policy for
- DCreate a Group Policy object (GPO) linked to the Domain Controllers OU.
Explanation
To implement an audit and compliance policy and ensure that all changes made to Active Directory objects are recorded, you need to configure a Directory Services Auditing policy in the Default Domain Controller Policy. In Windows Server 2008, you can enable Audit Directory Service Access policy to log events in the Security event log whenever certain operations are performed on objects stored in Active Enabling the global audit policy, Audit directory service access, enables all directory service policy subcategories. You can set this global audit policy in the Default Domain Controllers Group Policy (under Security Settings\Local Policies\Audit Policy). ea8e02b4b2a51033.mspx?mfr=true
Community Discussion
No community discussion yet for this question.