What should you do?

Your network contains an Active Directory domain named contoso.com. All of the AppLocker policy settings for the member servers are configured in a Group Policy object (GPO) named GPO1. A member server named Server1 runs Windows Server 2012 R2. On Server1, you test a new set of AppLocker policy settings by using a local computer policy. You need to merge the local AppLocker policy settings from Server1 into the AppLocker policy settings of GPO1.

What should you do?
A . From Local Group Policy Editor on Server1, export an .inf file. Import the .inf file by using Group Policy Management Editor.
B . From Server1, run the Set-ApplockerPolicy cmdlet.
C . From Local Group Policy Editor on Server1, export an .xml file. Import the .xml file by using Group Policy Management Editor.
D . From Server1, run the New-ApplockerPolicy cmdlet.

View Answer

Answer: B

Explanation:

The Set-AppLockerPolicy cmdlet sets the specified Group Policy Object (GPO) to contain the specified AppLocker policy. If no Lightweight Directory Access Protocol (LDAP) is specified, the local GPO is the default.

When the Merge parameter is used, rules in the specified AppLocker policy will be merged with the AppLocker rules in the target GPO specified in the LDAP path. The merging of policies will remove rules with duplicate rule IDs, and the enforcement setting specified by the AppLocker policy in the target GPO will be preserved. If the Merge parameter is not specified, then the new policy will overwrite the existing policy.

References:

http://technet.microsoft.com/en-us/library/ee791816(v=ws.10).aspx

Exam Ref 70-410: Installing and configuring Windows Server 2012 R2, Chapter 10: Implementing Group Policy, Lesson1: Planning, Implementing and managing Group Policy, p. 479