Configuring Advanced Windows Server 2012 Services — Question 116
Your network contains an Active Directory domain. The domain contains a read-only domain controller (RODC) named RODC1 that runs Windows Server 2012
R2.
A domain user named User1 is a member of the following domain groups:
✑ DnsAdmins
✑ Backup Operators
✑ Account Operators
✑ DHCP Administrators
✑ Hyper-V Administrators
✑ Allowed RODC Password Replication Group
User1 is authenticated by RODC1.
You discover that the password for User1 is not cached on RODC1.
Which two groups prevent the password from being cached on RODC1? (Each correct answer presents part of the solution. Choose two.)
NOTE: Each correct selection is worth one point.
Answer options
- A. DnsAdmins
- B. Allowed RODC Password Replication Group
- C. Backup Operators
- D. DHCP Administrators
- E. Hyper-V Administrators
- F. Account Operators
Correct answer: C, F
Explanation
The Backup Operators and Account Operators groups prevent the password of User1 from being cached on RODC1 because members of these groups are not allowed to have their passwords replicated to RODCs. The other groups, while having specific permissions, do not impose restrictions on password caching for an RODC.