TestOut Hybrid Server Pro: Core Labs Practice Test

After denoting the Branch4-RODC account's properties, the action taken regarding the password replication policy is to deny passwords from replicating to this read-only domain controller (RODC). This is an important security measure because RODCs are designed to provide specific functionalities in remote or branch office scenarios, allowing them to have limited access to sensitive user credentials.

By denying password replication, you ensure that the RODC only holds passwords for a subset of authorized users, and that no sensitive passwords are replicated to the RODC. This minimizes the risk of exposing critical credentials to potential compromise in less secure locations since the RODC can operate with fewer privileges compared to a full writable domain controller.

The other options do not accurately reflect the nature of password replication in the context of RODCs. Allowing passwords to replicate or setting allowed passwords does not align with the intended security purpose behind utilizing RODCs. Enabling a global catalog pertains to directory services and not specifically to the replication policy of an RODC. Transferring the primary domain controller (PDC) role is unrelated to the password replication policy and involves broader domain controller management tasks.