You work as the network administrator at certifyme.com. The certifyme.com
network consists of a single Active Directory domain named certifyme.com. All
servers on the certifyme.com network run Windows Server 2003 and all client
computers run Windows XP Professional.
A server named certifyme-FS02 has been configured as a file server.
certifyme-FS02 hosts a shared folder named UserDocs. 350-001 A global group named
Full-time Employees has been granted the Full Control Permission over UserDocs.
A certifyme.com user complained that another employee deleted his files that he
stored in the UserDocs folder. Due to this deletion of files, the CIO instructed you to
record any attempts made to delete files from the UserDocs folder, as well as to
record an event each time that a user modifies the permissions for the UserDocs
folder. To this end you need to configure an appropriate audit policy.
Leading the way in IT testing and certification tools, www.certifyme.com
- 36 -
What should you do?
A. Configure Audit object access policy for failure.
B. Configure Audit directory service access policy for success and failure.
C. Configure Audit object access policy for success and failure.
D. Configure Audit privilege use policy for failure.
E. Configure Audit directory service access policy for failure.
Answer: C
Explanation: You record each time a user tries to delete a file; you should configure
Audit object access policy to track both successful and failed access events. The Audit
object access policy setting must be enables as well as auditing must be enabled in the
UserDocs DACL. 640-802 Here you can get a granular method of auditing different types of
access including the modification of access permissions.
Incorrect Answers:
A : You should be configuring auditing to track success and failed attempts.
B : The Audit directory service access policy record each attempt to access Active
Directory service objects for which SACLs have been defined. This auditing will not
yield the desired results. VCP-310
D : The Audit privilege use policy tracks events that are created when a user exercises a
user right. This is not what needs to be tracked.
E : The Audit directory service access policy record each attempt to access Active
Directory service objects for which SACLs have been defined. Configuring thus method
of auditing will not yield the desired result.
Reference:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment