Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012
R2. The domain contains a member server named Server1. Server1 has the File Server server role installed.
On Server1, you create a share named Documents. The Documents share will contain the files and folders of
all users.
You need to ensure that when the users connect to Documents, they only see the files to which they have
access.
What should you do?
A.
Enable access-based enumeration.
B.
Configure Dynamic Access Control.
C.
Modify the Share permissions.
D.
Modify the NTFS permissions.
Explanation:
Access-based Enumeration is a new feature included with Windows Server 2003 Service Pack 1. This feature
allows users of Windows Server 2003-Based file servers to list only the files and folders to which they have
access when browsing content on the file server. This eliminates user confusion that can be caused when
users connect to a file server and encounter a large number of files and folders that they cannot access.
Access-based Enumeration filters the list of available files and folders on a server to include only those that the
requesting user has access to. This change is important because this allows users to see only those files and
directories that they have access to and nothing else. This mitigates the scenario where unauthorized users
might otherwise be able to see the contents of a directory even though they don’t have access to it.
Access-Based Enumeration (ABE) can be enabled at the Share properties through Server ManagerExam Ref 70-410: Installing and configuring Windows Server 2012 R2, Chapter 2: Configure server roles and
features, Objective 2.1: Configure file and share access, p. 75-80.