Identity with Windows Server 2016 — Question 177

Your network contains an Active Directory domain named contoso.com.
You have three top-level organizational units (OUs) named OU1, OU2 and OU3. OU1 contains user accounts. OU2 contains the computer accounts for shared public computers. OU3 contains the computer accounts for laptops.
You have two Group Policy objects (GPOs) named GPO1 and GPO2. GPO1 is linked to OU1. GPO2 is linked to OU2.
You need to prevent the user settings in GPO1 from being applied when a user signs in to a shared public computer. If a user signs in to a laptop, the user settings in GPO1 must be applied.

Answer options

• A. Loopback processing
• B. GPO link enforcement
• C. Security Filtering
• D. Inheritance blocking

Correct answer: A

Explanation

The correct answer is A, Loopback processing, which allows user settings to be overridden based on the computer's OU. This means that when a user logs into a public computer, GPO1's settings can be ignored. The other options, such as GPO link enforcement, security filtering, and inheritance blocking, do not specifically address the requirement to apply user settings conditionally based on the computer type.