PrepAway - Latest Free Exam Questions & Answers

You need to ensure that unauthorized users are not able to access the shared folder that contains confidential

Your company uses shared folders. Users are granted access to the shared folders by using
domain local groups. One of the shared folders contains confidential data.
You need to ensure that unauthorized users are not able to access the shared folder that
contains confidential data.
What should you do?

PrepAway - Latest Free Exam Questions & Answers

A.
Enable the Do not trust this computer for delegation property on all the computers of
unauthorized users by using the Dsmod utility.

B.
Instruct the unauthorized users to log on by using the Guest account. Configure the Deny
Full control permission on the shared folders that hold the confidential data for the Guest
account.

C.
Create a Global Group named Deny DLG. Place the global group that contains the
unauthorized users in to the Deny DLG group. Configure the Allow Full control permission on
the shared folder that hold the confidential data for the Deny DLG group.

D.
Create a Domain Local Group named Deny DLG. Place the global group that contains the
unauthorized users in to the Deny DLG group. Configure the Deny Full control permission on
the shared folder that hold the confidential data for the Deny DLG group.

Explanation:

http://technet.microsoft.com/en-us/library/cc755692%28v=ws.10%29.aspx
Any group, whether it is a security group or a distribution group, is characterized by a scope
that identifies the extent to which the group is applied in the domain tree or forest. The
boundary, or reach, of a group scope is also determined by the domain functional level
setting of the domain in which it resides. There are three group scopes: universal, global,
and domain local.
The following table describes the differences between the scopes of each group.

When to use groups with domain local scope
Groups with domain local scope help you define and manage access to resources within a
single domain. For example, to give five users access to a particular printer, you can add all
five user accounts in the printer permissions list. If, however, you later want to give the five
users access to a new printer, you must again specify all five accounts in the permissions list
for the new printer.


Leave a Reply