Question 5 of 1 0
You are the network administrator for southsim.com. The network consists of a single Active Directory
domain. All the servers run Windows Server 2012 R2. All the clients run Windows 8. The clients are shared by
multiple users at work .
You want to allow only members of the Sales team to run the sales lead application . The rule should use the
digital signature of the software and apply to all current and future versions of the application, regardless of
the filename or its location .
You decide to create an executable rule with a publisher condition using application control policies.
What should you do?
0 Add the publisher’s certificate to the Trusted Root certificate store on your computer.
@ Browse and select the executable file for the application. Modify the rule to include the product name
information .
0 Copy the publisher’s certificate to your computer. Browse and select the certificate when creating the
rule .
0 Add the publisher’s certificate to the Trusted Publishers certificate store on your computer.
Explanation
When creating an executable rule using the publisher condition, the digital certificate information is extracted from the
signature information included in an executable file. Select the executable file, then select the information contained in
the certificate to use in creating the rule.
When creating a certificate rule with software restriction policies, you must copy the certificate to your computer and use
the certificate when creating the rule.
Objectives
Objectives for MS 70-41 0:
603 Configure application restriction policies
References
LabSim for Windows Server Pro: Install and Configure, Section 8.9.
[Questions.exm 680 303 MCS4]