Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains two servers named Server1 and Server2 that run Windows
Server.
You need to ensure that you can use the Computer Management console to manage Server2. The solution must use the principle of least privilege.
Which two Windows Defender Firewall with Advanced Security rules should you enable on Server2? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Click on the arrows to vote for the correct answer
A. B. C. D. E.AB
https://docs.microsoft.com/en-us/windows-server/administration/server-manager/configure-remote-management-in-server-managerTo enable the Computer Management console to manage Server2 while adhering to the principle of least privilege, we need to enable specific Windows Defender Firewall with Advanced Security rules on Server2. The Computer Management console uses Distributed Component Object Model (DCOM) and Windows Management Instrumentation (WMI) to manage remote servers.
Out of the five rules provided as options, we need to select two rules that are required to allow remote management while following the principle of least privilege.
A. the COM+ Network Access (DCOM-In) rule: This rule allows incoming network traffic using DCOM protocol to COM+ applications. It is not required to manage Server2 remotely using the Computer Management console. Therefore, this rule is not required.
B. all the rules in the Remote Event Log Management group: This option is incorrect because it includes all the rules in the Remote Event Log Management group, which might allow more access than needed, violating the principle of least privilege.
C. the Windows Management Instrumentation (WMI-In) rule: This rule allows incoming network traffic for WMI. It is required to manage Server2 remotely using the Computer Management console.
D. the COM+ Remote Administration (DCOM-In) rule: This rule allows incoming network traffic using DCOM protocol to remote COM+ applications. It is not required to manage Server2 remotely using the Computer Management console. Therefore, this rule is not required.
E. the Windows Management Instrumentation (DCOM-In) rule: This rule allows incoming network traffic using DCOM protocol to WMI. It is required to manage Server2 remotely using the Computer Management console.
Therefore, the correct answers are C. the Windows Management Instrumentation (WMI-In) rule and E. the Windows Management Instrumentation (DCOM-In) rule.