nerdexam
GIAC

GSEC · Question #246

GSEC Question #246: Real Exam Question with Answer & Explanation

The correct answer is C. Template application requires domain administrator rights. Applying security templates through the Windows Security Configuration and Analysis snap-in requires domain administrator privileges when targeting domain-joined systems.

Question

What requirement must an administrator remember when utilizing Security Configuration and Analysis (SCA) to apply security templates to Windows systems?

Options

  • ATemplate application should be done remotely
  • BTemplates must be received from a domain controller
  • CTemplate application requires domain administrator rights
  • DTemplate application cannot be automatically reversed

Explanation

Applying security templates through the Windows Security Configuration and Analysis snap-in requires domain administrator privileges when targeting domain-joined systems.

Common mistakes.

  • A. SCA can be used locally on the target machine and does not require remote administration; it is commonly run directly on the system being configured.
  • B. Security templates are standard .inf files that can be created or stored locally and do not need to originate from a domain controller.
  • D. Security template application can be reversed by reapplying a previous template or using a rollback template, so automatic reversal is not strictly impossible through re-configuration.

Concept tested. Windows SCA privilege requirements for template application

Reference. https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSEC Practice
What requirement must an administrator remember when utilizing... | GSEC Q#246 Answer | NerdExam