Your network contains an Active Directory domain named contoso.com. The domain contains a file
server named Server1 that runs Windows Server 2012 R2.
You view the effective policy settings of Server1 as shown in the exhibit. (Click the Exhibit button.)
On Server1, you have a folder named C:\Share1 that is shared as Share1. Share1 contains
confidential dat
a. A group named Group1 has full control of the content in Share1.
You need to ensure that an entry is added to the event log whenever a member of Group1 deletes a
file in Share1.
What should you configure?
A.
the Audit File Share setting of Servers GPO
B.
the Sharing settings of C:\Share1
C.
the Audit File System setting of Servers GPO
D.
the Security settings of C:\Share1
Explanation:
You can use Computer Management to track all connections to shared resources on a Windows
Server 2008 R2 system.
Whenever a user or computer connects to a shared resource, Windows Server 2008 R2 lists a
connection in the Sessions node.
File access, modification and deletion can only be tracked, if the object access auditing is enabled
you can see the entries in the event log.To view connections to shared resources, type net session at a command prompt or follow these
steps:
In Computer Management, connect to the computer on which you created the shared resource.
In the console tree, expand System Tools, expand Shared Folders, and then select Sessions. You can
now view connections to shares for users and computers.
To enable folder permission auditing, you can follow the below steps:
Click start and run “secpol. msc” without quotes.
Open the Local Policies\Audit Policy
Enable the Audit object access for “Success” and “Failure”.
Go to target files and folders, right click the folder and select properties.
Go to Security Page and click Advanced.
Click Auditing and Edit.
Click add, type everyone in the Select User, Computer, or Group.
Choose Apply onto: This folder, subfolders and files.
Tick on the box “Change permissions”
Click OK.
After you enable security auditing on the folders, you should be able to see the folder permission
changes in the server’s Security event log. Task Category is File System.
References:
httpHYPERLINK “http://social.technet.microsoft.com/Forums/enUS/winservergen/thread/13779c78-0c73-4477-8014-f2eb10f3f10f/#_blank”: //socialHYPERLINK
“http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/13779c78-0c73-4477-
8014-f2eb10f3f10f/#_blank”. technetHYPERLINK “http://social.technet.microsoft.com/Forums/enUS/winservergen/thread/13779c78-0c73-4477-8014-f2eb10f3f10f/#_blank”. microsoftHYPERLINK
“http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/13779c78-0c73-4477-
8014-f2eb10f3f10f/#_blank”. com/Forums/en-US/winservergen/thread/13779c78-0c73-4477-8014-
f2eb10f3f10f/
httpHYPERLINK “http://technet.microsoft.com/en-us/library/cc753927(v=ws.10).aspx#_blank”:
//technetHYPERLINK “http://technet.microsoft.com/en-us/library/cc753927(v=ws.10).aspx#_blank”.
microsoftHYPERLINK “http://technet.microsoft.com/en-us/library/cc753927(v=ws.10).aspx#_blank”.
com/en-us/library/cc753927(v=wsHYPERLINK “http://technet.microsoft.com/enus/library/cc753927(v=ws.10).aspx#_blank”. 10)HYPERLINK “http://technet.microsoft.com/enus/library/cc753927(v=ws.10).aspx#_blank”. aspx
httpHYPERLINK “http://social.technet.microsoft.com/Forums/enUS/winservergen/thread/13779c78-0c73-4477-8014-f2eb10f3f10f/#_blank”: //socialHYPERLINK
“http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/13779c78-0c73-4477-
8014-f2eb10f3f10f/#_blank”. technetHYPERLINK “http://social.technet.microsoft.com/Forums/enUS/winservergen/thread/13779c78-0c73-4477-8014-f2eb10f3f10f/#_blank”. microsoftHYPERLINK
“http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/13779c78-0c73-4477-
8014-f2eb10f3f10f/#_blank”. com/Forums/en-US/winservergen/thread/13779c78-0c73-4477-8014-
f2eb10f3f10f/httpHYPERLINK “http://support.microsoft.com/kb/300549#_blank”: //supportHYPERLINK
“http://support.microsoft.com/kb/300549#_blank”. microsoftHYPERLINK
“http://support.microsoft.com/kb/300549#_blank”. com/kb/300549
httpHYPERLINK “http://www.windowsitpro.com/article/permissions/auditing-folder-permissionchanges#_blank”: //wwwHYPERLINK “http://www.windowsitpro.com/article/permissions/auditingfolder-permission-changes#_blank”. windowsitproHYPERLINK
“http://www.windowsitpro.com/article/permissions/auditing-folder-permission-changes#_blank”.
com/article/permissions/auditing-folder-permission-changes
httpHYPERLINK “http://www.windowsitpro.com/article/permissions/auditing-permission-changeson-a-folder#_blank”: //wwwHYPERLINK
“http://www.windowsitpro.com/article/permissions/auditing-permission-changes-on-afolder#_blank”. windowsitproHYPERLINK
“http://www.windowsitpro.com/article/permissions/auditing-permission-changes-on-afolder#_blank”. com/article/permissions/auditing-permission-changes-on-a-folder
This M$ bullsheisse is killing my brain.
I thought about such answer almost instantly , but following previous questions i was looking for an answer in exhibition image and description.
What is the purpose of such rogue and misleading tests , because definitely not testing Your knowledge. I’ve passed numerous cisco, vmware, ITIL and comptia exams. Even the entry level comptia is testing Your knowledge. I regret taking this path. I should go linux years ago.
0
0
Right here is the right site for anybody who would like to understand this topic. You realize so much its almost hard to argue with you (not that I personally will need to…HaHa). You definitely put a brand new spin on a topic that’s been written about for a long time. Great stuff, just wonderful!|
0
0
hello!,I love your writing very a lot! share we keep in touch more approximately your article on AOL? I require a specialist in this area to solve my problem. May be that’s you! Looking forward to peer you. |
0
0