HOTSPOT
You have a file server named Server1 that runs Windows Server 2012 R2. Server1 contains a folder
named Folder1.
A user named User1 is a member of Group1 and Group2. A user named User2 is a member of
Group2 and Group3.
You need to identify which actions the users can perform when they access the files in Share1.
What should you identify?
To answer, select the appropriate actions for each user in the answer area.
Answer: 
why they can’t modify permissions on files?
because, in order to modify permissions, you must have full control NTFS permissions. a better question is why User1 cannot run executables? User1 has write permissions, as a member of Group1, which implies execute permissions.
Exactly my point of view. I have even tested it on lab environment and this is what I got -> http://www.aiotestking.com/microsoft/what-should-you-identify-42/#comment-1228930
does anybody know an easy way to understand permissions?
Share permissions has nothing to do with the files, but instead only folders being being shared. Whereas the Folder permissions, is what NTFS does, and it goes down to file level.
In order to “RUN” anything you need the “execute” privilege or “Full Control”.
https://www.youtube.com/watch?v=7zEoOXBvUUg
Why User2 cannot edit content of files ?
why User1 cannot run executables ?
Share permissions and NTFS permissions are independent in the sense that neither changes the other. The final access permissions on a shared folder are determined by taking into consideration both the share permission and the NTFS permission entries. The more restrictive permissions are then applied.
https://technet.microsoft.com/en-us/library/cc754178.aspx
Anyone struggling with permissions might find this useful
http://www.ntfs.com/ntfs-permissions-combined.htm
Answer is correct. I tested it in lab.