HOTSPOT
You have a shared folder named Share1. The folder permissions of Share1 are configured
as shown in the Folder Permissions exhibit.(Click the Exhibit button.)
The Share permissions of Share1 are configured as shown in the Share Permissions
exhibit.(Click the Exhibit button.)
You have a group named Group1. The members of Group1 are shown in the Group1
exhibit.(Click the Exhibit button.)
Select Yes if the statement can be shown to be true based on the available information;
otherwise select No. Each correct selection is worth one point.
Answer: 
Explanation:
NTFS permissions control access to the files and folders stored on disk volumes formatted
with the NTFS file system. Share permissions control access to folders over a network. To
access a file over a network, a user must have appropriate share permissions (and
appropriate NTFS permissions if the shared folder is on an NTFS volume).Granting a user
Full Control NTFS permission on a folder enables that user to take ownership of the folder
unless the user is restricted in some other way.User1 was not granted Full Control
permission.
The Administrators have Full Control permission. I assume that User2 is an administrator
since the Group1 exhibit shows only User1 as a member.
References:http://technet.microsoft.com/en-us/library/cc754178.aspx
Exam Ref 70-410: Installing and configuring Windows Server 2012 R2, Chapter 2: Configure
server roles and features, Objective 2.1: Configure file and share access, p.75-80
I disagree with this answer. I’m going to copy someones post from the same question on an older version of this test
“The correct answer for User 1 is “YES”.
I was so unsecure, that I tested it for user1 & user2 in my own lab.
The test confirmed my 1st thought – User1’s Membership in Group1 doesn’t deny his permissions to modify. It is an authenticated user as User2, so it is getting the permission over “everyone”.
To make a cross-check I added a advanced permission for group1 to deny creating files and folders and deleting -> than no creating or deleting was possible
It is the same like in 1995 when I started with Windows NT Server 3.51 -> explicit deny goes always over allow, but if that is not the case allow permissions are cumulated.”
The reason I agree with this is the following: http://www.ntfs.com/ntfs-permissions-precedence.htm (See number 4)
Since the permissions on Group 1 and Everyone are allow they combine to just become Modify and User 1 should be able to delete files as well as User2 and Administrator
0
0
However, the condition for “Everyone” is “Not member of Each (Group1)” so would that not exclude User1 from the NTFS permissions granted to “Everyone?”
0
0
everyone is everyone! it doesn’t matter if in a group or not! so many wrong posts here…
0
0
I don’t get it… Why would anyone assume user 2 is an administrator? And if User1 is in a group where only “modify” is allowed and ‘not’ “full control” then why would User one be able to delete? To me, I only see the admin with full control and able to delete.
0
0
same thoughts….. haist
0
0
The key for solving this question is looking at the condition where everyone is granted modify with a condition that “Not member of each (Groups1 (Contoso\group1)) , so everyone can delete files in the share except members of Group1 …that was a surprise for me.
So the good answer is
No
Yes
Yes
0
0
I agree with OttAdmin.
Correct answer is: No, Yes, Yes.
Administrator:
Is the Owner of the folder and has Full Control permissions.
User 1:
-NTFS: Read/Execute (Blocks the users from deleting)
-Is not considered part of “Everyone” because there’s a condition that excludes that.
User 2:
-NTFS: Modify (Allows deleting)
-Considered part of “Everyone”.
Share permissions are not restrictive here:
-Everyone gets change (allows for most tasks except modifying permissions to share)
-Administrators FULL control.
0
0
No, Yes, Yes.
0
0
in my opinion aswers are
1. no- share permision for everyone = change (!= delete)
2. no – only localad mistrators group Server12\administrators can delete files, in question no any iformation so user2 is in group adminstrator
3. yes
0
0
I turned in his laboratory.
User1 has no rights to save or delete. Answer NO
User2 and saves and deletes. Answer YES
Administrator and saves and deletes. Answer YES
0
0
This one took me awhile. My answer NO, YES , YES. No for user 1 because the explicit deny of group1 in the everyone ntfs permission. The everyone modify NTFS is considered as far as I can tell less restrictive then the Change Share. So the users get the NTFS except Group1. Who get Read and Execute only.
Things to look at in this question
1) The condition that is part of the everyone NTFS permission.
2) The Share is most likely created by the servers local administrator notice the Owner. Administrator (Server12\Administrator)But since contoso\administrators are part of everyone they get to delete because of the NTFS modify permission.
3) fuck this question. If you were doing this exam online proctored with no whiteboard or scrap it would be a major pain in the ass and time suck.
4) The big thing to remember is that Share Change is pretty much = to NTFS Modify. A lot of people myself included used to eqate Share Change with NTFS Write
0
0
Also notice that this folder does not have inheritance enabled.
0
0
Confirmed No, Yes, Yes is correct.
I tried it in my lab.
0
0
Tried to recreate the question: ans: No, YES, YES is the right one 🙂
0
0