Friday, June 27, 2008

350-001 testking and VCP-310,640-802 braindumps

You work as the network administrator at certifyme.com. The certifyme.com
network consists of a single Active Directory domain named certifyme.com. All
servers on the certifyme.com network run Windows Server 2003 and all client
computers run Windows XP Professional.

Users that work in the Research department access confidential files that reside in a
shared folder named UserPerformance. None of the other certifyme.com business
units' users should be able to access these files. To this end you configure the
necessary shared and NTFS permissions to ensure that only Research department
users have access to the files within the UserPerformance folder.
Leading the way in IT testing and certification tools, www.certifyme.com
- 33 -

You have been instructed by the CIO to perform monitoring on the
UserPerformance folder so as to check whenever users other than the Research
department access the data. 350-001 To perform this exercise, you need to use a user account
that does not have the shared and NTFS permissions assigned which are granted to
the Research security group for the folder.

What should you do?

A. Enable auditing for failed events in Privilege Use
Use Event Viewer to examine the logged event entries
B. Enable auditing for failed events in Directory Service.
Use Event Viewer to examine the logged event entries.
C. Enable auditing for failed events in Object Access.
Use Event Viewer to examine the logged event entries.
D. Assign the Generate security audits user right to the user account.
Use Event Viewer to examine the logged event entries. 640-802
Answer: C
Explanation: Configuring the Object Access audit policy in this manner will let you
know when this user account attempted to access the UserPerformance folder and
failed to access the Research department's files. To view all logged event entries.

Incorrect Answers
A: The Privilege Use audit policy tracks when a user effects a user right. You do not
want to track events for all rights.
B: The Directory Service audit policy tracks when users access Active Directory objects
which have system access control lists (SACLs).
D: You do not want to enable the user account to make entries in the security log for
object access auditing. VCP-310 You want to verify that the user account cannot access the
UserPerformance shared folder.

Reference:
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)