HOTSPOT
Your network contains an Active Director domain named contoso.com. The domain contains a file server
named Server1. All servers run Windows Server 2012 R2.
You have two user accounts named User1 and User2. User1 and User2 are the members of a group named
Group1. User1 has the Department value set to Accounting, user2 has the Department value set to Marketing.
Both users have the Employee Type value set to Contract Employee.
You create the auditing entry as shown in the exhibit. (Click the Exhibit button.)
To answer, complete each statement according to the information presented in the exhibit. Each correct
selection is worth one point.
Answer: 
Explanation:
Don’t understand this at all.
I somewhat I understand the first part.
Opening a file could mean reading a file which was already set. But I am guessing that the authors meant writing to a file. That way the second part makes more sense, because user2 already has auditing on reading files and user2 is already audited on that.
I’ve seen this in the exam, it’s worded exactly the same. I agree with the answers given.
User 1 = “not equal to accounting” which needs changing to log his deletion
User 2 = on the permissions user2 doesn’t have ‘Read’ so it wouldn’t log them opening a file
Is this dump enough to pass?
Andrew – Is this dump enough to pass?
Andrew that answer doesnt make sense
that means the user can delete files but not open them ???????
No kurt, that means that audit will be generated for:
– User1 actions (we arent predicting if he has or will have rights to do it), actions of deleting files IF the given conditio will be changed,
– User2 if in audit definition, among the rights that audit is configured for looking “at” will be added right to read. It is, because audit procesor looks at strictly given rights in audit definition, and compares them in cases of events to rights used by entities to access objects (files in that case). If they equal, then event can be processed furter (condition checking, etc.), if not then event is no longer processed.
The answer is correct.
Part 1 – we have to change the first condition as at the moment it is only doing it for users not in the Accounting group (which User1 is)
Part 2 – the conditions are correct for User2 but we need to change the Permissions to include Read