Designing, Deploying, and Tracking Group Policy Controls

One of the most important considerations when designing GPOs is efficiency. You want to define and link the minimum number of GPOs to satisfy your security policy. Creating too many GPOs will increase the time and effort you’ll need to administer and maintain your security policy. Having too many GPOs also increases the possibility of errors and opportunities for attackers to compromise your systems. The simplest environment would be one in which you define one set of GPOs that applies to all computers and all users in all domains. Unfortunately, few environments end up being that simple. Functional demands often require different controls for various computers and users.

GPO Application ...

Get Security Strategies in Windows Platforms and Applications, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.