The Human Resources department has a parent shared folder setup on the server. There are two groups
that have access, one called managers and one called staff. There are many sub folders under the parent
shared folder, one is called payroll. The parent folder access control list propagates all subfolders and all
subfolders inherit the parent permission. Which of the following is the quickest way to prevent the staff
group from gaining access to the payroll folder?
A.
Remove the staff group from the payroll folder
B.
Implicit deny on the payroll folder for the staff group
C.
Implicit deny on the payroll folder for the managers group
D.
Remove inheritance from the payroll folder
Explanation:
Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges
for a resource, you’re denied access by default.
Incorrect Answers:
A: This will not work because the question states: “The parent folder access control list propagates all
subfolders and all subfolders inherit the parent permission.”C: This will deny access for the managers group.
D: Removing inheritance from the payroll folder will also affect the manages group.Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 26, 44