Nos 130 Lesson 3. Managing Data
B The system will look at both the share permissions and the NTFS permissions and whichever set is more restrictive will be applied to the folder. Answer B is correct. When both NTFS and share permissions have been applied, the system looks at the effective rights for NTFS and share permissions and then applies the most restrictive of the cumulative permissions. If a resource has been shared, and you access it from the local computer where the resource resides, then you will be governed only by the NTFS permissions.
Dan has decided to use a Windows 10 system to store some local folders for network access. The folder will be located on an NTFS partition. Dan has assigned both NTFS permissions and share permissions. Which of the following is true on how share permissions and NTFS permissions work together on the same folder? A Neither. When Windows 10 sets permissions, it does it through servers only. B The system will look at both the share permissions and the NTFS permissions and whichever set is more restrictive will be applied to the folder. C The NTFS permissions will always take precedence. D The share permissions will always take precedence.
A. With the help of Windows 10 Folder Options dialog box Sharing
How can you configure properties associated with files and folders, such as what you see when you access folders and how Windows searches through files and folders? A. With the help of Windows 10 Folder Options dialog box B. Sharing C. Share This Folder D. I don't know
B. Up to 5 GB
How much of cloud storage does Microsoft OneDrive allow users to use up for free without a subscription? A. Up to 5 MB B. Up to 5 GB C. Up to 50 GB D. Up to 500 GB
A Windows 10 Professional Edition B Windows 10 Enterprise Edition C Windows 10 Education Edition Answers A, B, and C are correct. BitLocker Drive Encryption is a data protection feature available in Windows Education, Enterprise, and Professional editions of Windows 10.
In which of the following editions of Windows 10 can you enable BitLocker? Each correct answer represents a complete solution. Choose all that apply. A Windows 10 Professional Edition B Windows 10 Enterprise Edition C Windows 10 Education Edition D Windows 10 Basic Edition
B Give Tom Modify to NTFS security. Answer B is correct. By giving Tom Modify on the NTFS security setting, you're giving him just enough to do his job. You could also give Sales or Finance the Modify permission, but then everyone in those groups would be able to delete, change, and do more than they all need. Also, Tom doesn't need Full Control to change or delete files.
Jeff, the IT manager for Stormwind, has been asked to give Tom the right to read and change documents in the Stormwind Documents folder. The following table shows the current permissions on the shared folder: Table A: Shared folder permissions Group/User*******NTFS******* Shared Sales ***************Read****** Change Marketing *********Modify***** Change R&D****************Deny****** Full Control Finance*************Read********Read Tom*****************Read********Change Tom is a member of the Sales and Finance groups. When Tom accesses the Stormwind Documents folder, he can read all the files, but the system won't let him change or delete files. What do you need to do to give Tom the minimum amount of rights to do his job? A Give Finance Modify to NTFS security. B Give Tom Modify to NTFS security. C Give Sales Full Control to shared permissions. D Give Tom Full Control to NTFS security. E Give Finance Change to shared permissions.
B Folders can be shared through the Net Share command-line utility. D If a folder is shared over the network and a user is accessing it locally, then share permissions will not apply to the local user; only NTFS permissions will apply. Answers B and D are correct. The following are correct statements regarding sharing: - Folders can be shared through the Net Share command-line utility. - If a folder is shared over the network and a user is accessing it locally, then share permissions will not apply to the local user; only NTFS permissions will apply. Answer A is incorrect because share permissions can be applied only to folders and not to files. Answer C is incorrect because if a shared folder is copied, the original folder will still be shared but not the copy.
Sally works as a network administrator for a small organization. There are some resources to which a user needs access and asks Sally to share the resources. Sally uses sharing to allow the network user access to that resource. Which of the following are true statements regarding sharing? Each correct answer represents a complete solution. Choose all that apply. A Share permissions can be applied to folders as well as files. B Folders can be shared through the Net Share command-line utility. C If a shared folder is copied, the original folder along with the copy will be shared. D If a folder is shared over the network and a user is accessing it locally, then share permissions will not apply to the local user; only NTFS permissions will apply.
C MBAM Answer C is correct. Microsoft BitLocker Administration and Monitoring (MBAM) will allow the IT department to use enterprise-based utilities for managing and maintaining BitLocker and BitLocker To Go.
The owner of your company has come to you and stated that he wants all of the hardware on all systems to use BitLocker and BitLocker To Go. What utility should you install to help manage and maintain BitLocker and BitLocker To Go? A MABM B MAAM C MBAM D MNBM
A. True
True or false: Only the operating system drive or internal hard drives can be encrypted with BitLocker. A. True B. False
D Smart cards Answer D is correct. Smart cards are plastic cards (the size of a credit card) that can be used in combination with other methods of authentication. This process of using a smart card along with another authentication method is called two-factor authentication or multi-factor authentication.
Vincent is an instructor for Stormwind and he is talking to Paige, the company's IT Manager. Vincent asks Paige to implement some type of two-factor authentication. Which of the following will Paige install to complete this request? A Passwords and usernames B Retina scanners C Fingerprint scanners D Smart cards
B. BitLocker Drive Encryption
What allows you to encrypt an entire system drive in the event of theft? A. The user's SID number B. BitLocker Drive Encryption C. Full Disk Encryption D. I don't know
A. Inherited permissions
What are the permissions that get applied from a parent folder to any files or subfolders in that folder as well as any subsequently created objects called? A. Inherited permissions B. Full Control C. Read & Execute D. List Folder COntente
B. dir /q
What command will you use to see who owns a directory from the command prompt? A. icacls B. dir /q C. /setintegritylevel D. I don't know
C. TPM (Trusted Platform Module) version 1.2 or higher
What does BitLocker use to store the security key? A. Upto 5 GB B. dir /q C. TPM (Trusted Platform Module) version 1.2 or higher D. I don't know
B. DAC (Dynamic Access Control)
What gives administrators the ability to control file access by using a central access policy? A. TPM (Trusted Platform Module) version 1.2 or higher B. DAC (Dynamic Access Control) C. Sharing D. I don't know
A. A descriptive name by which users will access the folder.
What is a Share Name? A. A descriptive name by which users will access the folder B. Sharing C. Inherited permissions D. I don't know
Sharing
What is the process of allowing network users access to a resource located on a computer called? A. Network Unlock B. Share This Folder C. Sharing D. Tethering
A. The user's SID number
When you assign rights to a user, those rights and permissions get associated with what? A. The user's SID number B. The user's email C. The user's user name D. The user's password
B. Network Unlock
Which feature allows administrators to easily manage desktops and servers that are configured to use BitLocker? A. Full Disk Encryption B. Network Unlock C. Up to 5 GB D. Dynamic Access Control (DAC)
B. /setintegritylevel
Which icacls command option will you use to set an integrity level of Low, Medium, or High? A. /grant B. /setintegritylevel C. /remove D. /deny
A. Share This Folder
Which shared folder option makes the folder available through local access and network access? A. Share This Folder B. Share Name C. Permissions D. I don't know
A. Full Disk Encryption (FDE)
Which type of encryption allows an entire disk to be encrypted? A. Full Disk Encryption B. BitLocker C. The user's SID number D. I don't know
C Show Encrypted Or Compressed NTFS Files In Color Answer C is correct. Will can use the folder setting Show Encrypted Or Compressed NTFS Files In Color to help Doug recognize the compressed files. Administrators can set this folder option so that compressed and encrypted files are shown as a different color. Answer A is incorrect. Show Drive Letters option specifies whether drive letters are displayed in the folder. When disabled, only the name of the disk or device will be shown. Answer D is incorrect. Show Preview Handlers In Preview Pane option shows the contents of files in the preview pane. Answer B is incorrect. Show Pop-up Description For Folder And Desktop Items option displays encrypted or compressed files in an alternate color when they are displayed in a folder window.
Will, your company's IT director, is trying to train a new IT administrator named Doug. Doug has asked Will which server files are compressed. Which of the following folder settings can Will use to help Doug most easily recognize the compressed files? A Show Drive Letters B Show Pop-up Description For Folder And Desktop Items C Show Encrypted Or Compressed NTFS Files In Color D Show Preview Handlers In Preview Pane
A Windows 8.1 Enterprise B Windows 10 Education D Windows 10 Professional Answers A, B, and D are correct. BitLocker Drive Encryption is a data protection feature available in Windows Education, Enterprise, and Professional editions of Windows 10. It is also available on Windows 7 and Windows 8 corporate editions (Enterprise, Professional, etc.). Answer C is incorrect because Windows 7 Home doesn't support BitLocker Drive Encryption.
You are an IT administrator for Stormwind.com. Your company's employees run various operating systems on their computers. You want to implement BitLocker on your network. Which operating systems support BitLocker Drive Encryption? Each correct answer represents a complete solution. Choose all that apply. A Windows 8.1 Enterprise B Windows 10 Education C Windows 7 Home D Windows 10 Professional
C Give Admin Full Control to NTFS security. E Give Admin Full Control to shared permissions. Answers C and E are correct. The Admin group needs Full Control on the NTFS security and shared permission settings to do its job. To be able to give other users permissions, you must have Full Control permission.
You are the IT manager for your company. You have been asked to give the Admin group the rights to read, change, and assign permissions to documents in the Stormwind Documents folder. The following table shows the current permissions on the Stormwind Documents shared folder: Table A: Shared folder permissions Group/User*******NTFS*******Shared Sales***************Read*******Change Marketing*********Modify******Change R&D****************Deny*******Full Control Finance*************Read*******Read Admin*************Change******Change What do you need to do to give the Admin group the rights to do its job? Each correct answer represents a part of the solution. Choose all that apply. A Give Full Control to NTFS security. B Give Sales Full Control to shared permissions. C Give Admin Full Control to NTFS security. D Give Finance Modify to NTFS security. E Give Admin Full Control to shared permissions.
A Change Marketing's Modify right to Read on the NTFS permissions. D Change Marketing's Change permission to Read on the Shared permissions. Answers A and D are correct. The Marketing group needs to have Read on both NTFS and Shared. This is the best way to do it. If you change either permission, you will restrict Marketing to Read-only, but changing both guarantees that it only has Read. Answers B and C are incorrect because giving Full Control to the Marketing group will allow it to access all permissions.
You are the IT manager for your company. You have been asked to give the Marketing group the right to Read-only on all the documents in the Sales folder. The following table shows the current permissions on the Sales shared folder: Group/User*******NTFS*******Shared Sales**************Read********Change Marketing********Modify*******Change R&D***************Deny********Full Control Finance************Read*********Read Admin************Change*******Change What do you need to do to give the Marketing group the right to do its job? Each correct answer represents a complete solution. Choose all that apply. A Change Marketing's Modify right to Read on the NTFS permissions. B Give Full Control to Marketing NTFS security. C Change Marketing's Change permission to Full Control to shared permissions. D Change Marketing's Change permission to Read on the Shared permissions.
B Give Sales Change to shared permissions. C Give Sales Modify to NTFS security Answers B and C are correct. The Sales group needs Modify on the NTFS security and Change shared permission settings to do their job.
You are the IT manager for your company. You have been asked to give the Sales group the right to read and change documents in the StormWind Documents folder. The following table shows the current permissions on the Stormwind Documents shared folder: Table A: Shared folder permissions Group/User*******NTFS*******Shared Sales**************Read********Read Marketing*********Modify*****Change What do you need to do to give the Sales group the right to do their job? Each correct answer represents a part of the solution. Choose all that apply. A Give Sales Full Control to NTFS security. B Give Sales Change to shared permissions. C Give Sales Modify to NTFS security. D Give Marketing Change to shared permissions.
C Within a Local Group Policy, set the BitLocker Drive Encryption. Answer C is correct. Windows 10 comes with a feature called BitLocker Drive Encryption. BitLocker encrypts the drive so if it's removed or stolen, the data can't be accessed. To configure BitLocker, you must either use a Local Group Policy or the BitLocker icon in Control Panel.
You are the network administrator for a large organization. You have a Windows 10 machine that needs to prevent data from being accessed if the hard drive is stolen. Which of the following methods will you use to accomplish this task? A Within the Hardware icon in Control Panel, set the BitLocker Drive Encryption. B Within the System icon in Control Panel, set the BitLocker Drive Encryption. C Within a Local Group Policy, set the BitLocker Drive Encryption. D Within the Device Manager icon in Control Panel, set the BitLocker Drive Encryption.
A Rename Rick's account to John. Answer A is correct. The easiest way to manage this transition is to simply rename Rick's account to John. It is very important to remember that rights and permissions get associated with a user's SID number and not a username. By renaming Rick's account to John, John will automatically have all of the rights and permissions to any resource that Rick had access to.
You are the network administrator for a medium-sized company. Rick was the head of HR and recently resigned. John has been hired to replace Rick and has been given Rick's laptop. You want John to have access to all of the resources to which Rick had access. What is the easiest way to manage the transition? A Rename Rick's account to John. B Copy Rick's account and call the copied account John. C Go into the Registry and do a search and replace to replace all of Rick's entries with John's name. D Take ownership of all of Rick's resources and assign John Full Control to the resources.
D Uncheck Hide Extensions For Known File Types. Answer D is correct. Filename extensions for known files are hidden by default. If you want to be able to see the filename extension for all files, you must uncheck the box Hide Extensions For Known File Types.
You are using Windows 10 and you have created a file called "my text" in Notepad having a .txt extension type. You need to change the extension type from .txt to .vbx. What setting do you need to change on the folder so that you can see the extension types? A Uncheck Hide All File Types. B Check Show Extensions For Files. C Check Unhide Extensions For Files. D Uncheck Hide Extensions For Known File Types.
B The system will look at the cumulative share permissions and the cumulative NTFS permissions. Whichever set is more restrictive will be applied. Answer B is correct. When both NTFS and share permissions have been applied, the system looks at the effective rights for NTFS and share permissions and then applies the most restrictive of the cumulative permissions. If a resource has been shared and you access it from the local computer where the resource resides, then you will be governed only by the NTFS permissions.
You have a network folder that resides on an NTFS partition on a Windows 10 computer. NTFS permissions and share permissions have been applied. Which of the following statements best describes how share permissions and NTFS permissions work together if they have been applied to the same folder? A The NTFS permissions will always take precedence. B The system will look at the cumulative share permissions and the cumulative NTFS permissions. Whichever set is more restrictive will be applied. C The system will look at the cumulative share permissions and the cumulative NTFS permissions. Whichever set is less restrictive will be applied. D The share permissions will always take precedence.
C By using smart cards Answer C is correct. You will use smart cards to accomplish the task. Smart cards are credit-card-sized IDs that can have chips built into the card for rights and permissions. Many smart cards can have ID information printed onto the PVC card. Answer D is incorrect. BitLocker To Go allows you to put BitLocker on removable media such as external hard disks or USB drives. Answer B is incorrect. BitLocker Drive Encryption prevents individuals from stealing your computer and viewing personal and sensitive data found on your hard disk. Answer A is incorrect. MBAM (Microsoft BitLocker Administration and Monitoring) allows the IT department to use enterprise-based utilities for managing and maintaining BitLocker and BitLocker To Go.
You work for a government contractor. The contractor needs you to have security ID badges issued to all users so that the users are assigned their groups and rights through the ID badge. How will you accomplish this? A By using MBAM B By using BitLocker Drive Encryption C By using smart cards D By using BitLocker To Go on the ID badges
A Set the permissions for a file. C Take ownership of a file Answers A and C are correct. User2 can set the permissions for a file and take ownership of a file that can't be performed by User1. If you select the Full Control permission, all permissions will be checked by default and can't be unchecked, and then User2 can perform all the above four actions. Answers B and D are incorrect because these actions can be performed by User1. A person having the Modify permission over a file can change the attributes of the file and delete the file.
Your network contains an Active Directory domain named contoso.com. The domain contains a computer named Computer1 that runs Windows 10. On Computer1, you create an NTFS folder and assign the Full Control permission to everyone. You share the folder as Share1 and assign the permissions shown in the following table: Table A: Assigned Permissions User*******Permission User1*******Modify User2******Full Control When accessing Share1, what actions can be performed by User2 but not by User1? Each correct answer represents a part of the solution. Choose all that apply. A Set the permissions for a file. B Delete a file. C Take ownership of a file. D Rename a file.
C User2 and User3 Answer C is correct .Both User2 and User3 can delete the contents of Folder1. User2 is a member of Group2 having Full Control permission, and User3 is a member of Group3 having Modify permission. Hence, both can delete the contents of the folder. Answer B is incorrect because User1 can't delete the contents of Folder1 as it is a member of Group1 having only Read permission. Answers D and A are incorrect because both User2 and User3 can delete the contents of Folder1.
Your network contains an Active Directory domain. The domain contains the users shown in the following table: Table A: Domain Users User*******Member of User1*******Group1 User2*******Group1, Group2 User3*******Group1, Group3 The domain contains a computer named Computer1 that runs Windows 10. Computer1 contains a folder named Folder1 that has the following permissions: Table B: Folder1 Permissions Group*******Permission Group1*******Read Group2******Full Control Group3*******Modify Which of the following can delete the contents of Folder1? A Only User3 B User1 and User2 C User2 and User3 D Only User2