- (Exam Topic 4)
You have a computer named Computer1 that runs Windows 10. Computer1 contains a folder named Data on drive C. The Advanced Security Settings for the Data folder are shown in the exhibit. (Click the Exhibit tab.)

You share C:Data as shown in the following table.

User1 is a member of the Users group.
Administrators are assigned Full control NTFS permissions to C:Data.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Solution:
NO, NO, YES
''For example, for a resource, if you assign a user the Read permission and assign the Modify permission on a groep that the same user is member of, the effective acces permissions are a combination of the Read permissions and the modify permissions, wich is modify permission. When you combine Permissions that include Deny permissions, NTFS will evaluate the the deny permissions before the alloe permissions that are set on the same resource with explicit deny taking precedence over all Allow Permissions"

Does this meet the goal?

Correct Answer:A

- (Exam Topic 4)
Your network contains an Active Directory domain. The domain contains 1,000 computers that run Windows 10.
You configure Microsoft Edge settings by using domain and local Group Policy Objects (GPOs).
You need to generate a report that contains all the Microsoft Edge policy settings applied to a computer. What should you do?

Correct Answer:C
The Get-GPOReport cmdlet would generate a report for all domain group policy objects. However, this would not display the settings that are applied by local group policy objects.
To display the settings applied by both domain and local GPOs, you would have to open Microsoft Edge and enter edge://policy in the address bar.

- (Exam Topic 4)
You have a computer that runs Windows 10 and contains the folders shown in the following table.

You create the groups shown in the following table.

On FolderA, you remove permission inheritance. To each folder, you assign the NTFS permissions shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Solution:
YES YES NO

Does this meet the goal?

Correct Answer:A

- (Exam Topic 4)
You have a workgroup computer named Computer1 that runs Windows 10 and has the users shown in the following table.

User Account Control (UAC) on Computer1 is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Solution:
Box 1: Yes
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode is set to Prompt for consent When an operation requires elevation of privilege, the user is prompted to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege.
Box 2: Yes
User1 is a member of Administrators group.
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode is set to Prompt for consent When an operation requires elevation of privilege, the user is prompted to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege.
Box 3: Yes
User Account Control: Behavior of the elevation prompt for standard users is set to Prompt for credentials (Default) When an operation requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
References:
https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/user-account-contro

Does this meet the goal?

Correct Answer:A