Question... This cant be the right answer..
TechJunky
Member Posts: 881
You are the network administrator for your company. The network consists of a single Active Directory domain.
All network servers run Windows 2003. A member server named Server 1 hosts a folder named Public, which stores files for all useres in your company. Public is located on an NTFS partition. Existing permissions for Public are configured as follows.
Security: Administrators - Allow: Full Control, Modify, Read & Execute, List Folder Contents, Read, Write
You need to share Public on the network. All network users, including members of the Administrators group, should have read-only permissions on the contents of the folder.
Which two actions should you Perform? Choose two.
A. Share Public with default share permissions.
B. Share Public by assigning the Allow - Full control permission to the Everyone group.
C. Share Public by assigning the Allow - Full control permission to the Authenticated users group.
D. On the security tab, add Authenticated users group and assign the Allow - Read permission to this group.
E. On the security tab, add the interactive group and assign the Allow - Read permission to this group.
F. On the security tab, assign the Deny - Full control permission to the Administrators group.
Answer is supposidly A and D.
How is this so..
If the Administrators still have full control they will be able to modify files etc.
Is it because the share permission only allows them read access, so they are referring to network access, not local NTFS access?
This must be so... Because D makes sense. It completes the objective for all users, and A would make it so network access for admins and all users could only read. Wish they were more clear.
Making me think close to lunch isn't a good deal.
All network servers run Windows 2003. A member server named Server 1 hosts a folder named Public, which stores files for all useres in your company. Public is located on an NTFS partition. Existing permissions for Public are configured as follows.
Security: Administrators - Allow: Full Control, Modify, Read & Execute, List Folder Contents, Read, Write
You need to share Public on the network. All network users, including members of the Administrators group, should have read-only permissions on the contents of the folder.
Which two actions should you Perform? Choose two.
A. Share Public with default share permissions.
B. Share Public by assigning the Allow - Full control permission to the Everyone group.
C. Share Public by assigning the Allow - Full control permission to the Authenticated users group.
D. On the security tab, add Authenticated users group and assign the Allow - Read permission to this group.
E. On the security tab, add the interactive group and assign the Allow - Read permission to this group.
F. On the security tab, assign the Deny - Full control permission to the Administrators group.
Answer is supposidly A and D.
How is this so..
If the Administrators still have full control they will be able to modify files etc.
Is it because the share permission only allows them read access, so they are referring to network access, not local NTFS access?
This must be so... Because D makes sense. It completes the objective for all users, and A would make it so network access for admins and all users could only read. Wish they were more clear.
Making me think close to lunch isn't a good deal.
Comments
-
undomiel Member Posts: 2,818It could have been a bit more clear but it does seems like it is asking about network access instead of local access since it first asks about sharing the folder and then mentions "network users" which both strongly imply that it is talking about network access. This is also supported by the answers only refering to share permissions. So you would take the most restrictive permissions which in this case is Authenticated Users being allowed only Read access on the share.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
wedge1988 Member Posts: 434 ■■■□□□□□□□he answer is definately correct, A + D. Just rememer that microsoft want you to separate the permssions i your head when you answer their questions, if it says "Share" which is the key word here! then assume share permissions!
Also, the most restrictive permissions overwrite the other permissions, i wouldnt use the everyone group though, if users with older operating systems connect to your network then they wont be able to read NTFS so assume teyd access only share permissions. (Which eliminates most rstrictive permissions)
by the way, what testing software was that? i used trascender... and even te actual tests ometimes arent clear about things, but ill say the microsoft ones are the best ive ever taken.~ wedge1988 ~ IdioT Certified~
MCSE:2003 ~ MCITP:EA ~ CCNP:R&S ~ CCNA:R&S ~ CCNA:Voice ~ Office 2000 MASTER ~ A+ ~ N+ ~ C&G:IT Diploma ~ Ofqual Entry Japanese -
Tontonsam Member Posts: 90 ■■□□□□□□□□Let me explain you. Everybody agrees that D is a right answer. Let focus on the answer A. When someone want access through network share, we use both shared and NTFS security permissions. And when we use shared and local NTFS permissions, the most restrictive permission apply. In this case, the permission for Administrator is (Shared = Read ; Local NTFS = Full control, modify, etc...), so the most restrictive permission is Read. Then, Administrator has read permission.
What we should know. It is more pratical and more advisable to give shared access full control and manage permission through local NTFS. It is more easy like that.MCP 70-270 / 70-290 -
TechJunky Member Posts: 881Yeah, I understood what the permission's were doing. I was stumped with the network access deal. I guess I should have just known because it was a microsoft question it meant network access and not local.