السلام عليكم:
rule: في TESTKING إصدار رقم 33 و ما قبله أول سؤالين Simulations مو محلولين أنا عرفت الإجابة على السؤال التاني بس الأول مو متأكد لأنه كاتبين ملخص عن الإجابة و الملخص هو يلي ضيعني .
السؤال هو:

You are the network administrator for TestKing.com. The network consists of a
single Active Directory domain named TestKing.com.
All client computer accounts for the sales department reside in an organizational
unit (OU) named Sales Computers. All user accounts for sales department
employees reside in an OU named Sales Employees. A local file named Appl.msi is
located in the C:\Software folder.
You deploy and configure a new software restriction policy Group Policy object
(GPO). Users report that they cannot start Appl.msi, when they are logged on to
computers in the sales department.
You need to ensure that sales department users are not able to run App1.msi,
regardless of its location or if it is renamed. You also need to ensure that HR
department users are able to run App1.msi. You should not create or modify any
GPO links. Your solution must be completed by using the fewest possible settings.
What should you do?

ملخص الجواب :

Need exhibit to see OU structure and to see where the policies are applied.
It looks like the policy is applied to the sales computers. We need a certificate rule to
prevent Sales users using the application.

أرجوا المساعدة و شكرا