Question

You are the security administrator for a large metropolitan school district. you are reviewing security standards with the network administrators for the high school. the school's computer center has workstations for anyone's use. all computers in the computer center are members of the computer center computers global group. all workstations are currently located in the computers container. the computer center computers have access to the internet so users can perform research. any user who uses these computers should be able to run internet explorer only. other computers in the high school should not be affected. to address this security concern, you create a group policy object (gpo) named computer center security.

how can you configure and apply this gpo to enforce the computer center's security?

a. configure the computer configuration node of the computer center security gpo to restrict software to internet explorer only. link the gpo to the domain and allow access to the computer center computers group only.
b. configure the user configuration node of the computer center security gpo to restrict software to internet explorer only. link the gpo to the computers container and allow access to the computer center computers group only.
c. configure the user configuration node of the computer center security gpo to restrict software to internet explorer only. link the gpo to the domain and allow access to the computer center computers group only.
d. configure the computer configuration node of the computer center security gpo to restrict software to internet explorer only. link the gpo to the computers container and allow access to the computer center computers group only.

Answer 1

To ensure that the computer center's workstations only run Internet Explorer, the Computer Configuration node of a GPO should be set to restrict software accordingly and linked to the Computers container, with permissions set for the Computer Center Computers group only.

Step-by-step explanation:

To address the security concern of the high school's computer center, where any user should only be able to run Internet Explorer, a Group Policy Object (GPO) named Computer Center Security needs to be properly configured and applied.

The correct approach would be to configure the Computer Configuration node of the GPO to restrict software usage to Internet Explorer only. This is because the policy should apply to computers regardless of who logs on to them. The GPO should then be linked to the specific organizational unit where the designated computers are located, which would be the Computers container—as all computer center computers are members of it.

Therefore, the correct answer would be to:

1. Configure the Computer Configuration node of the Computer Center Security GPO to restrict software to Internet Explorer only.
2. Link the GPO to the Computers container and set security filtering to allow access to the Computer Center Computers group only.

By linking the GPO directly to the Computers container where the relevant computers reside, it will ensure that the policy is enforced only on those specific workstations without affecting other computers in the high school.