HOTSPOT
You have a shared folder named Share1. The folder permissions of Share1 are configured as shown
in the Folder Permissions exhibit. (Click the Exhibit button.)
The Share permissions of Share1 are configured as shown in the Share Permissions exhibit. (Click the
Exhibit button.)
You have a group named Group1. The members of Group1 are shown in the Group1 exhibit. (Click
the Exhibit button.)
Select Yes if the statement can be shown to be true based on the available information; otherwise
select No. Each correct selection is worth one point.
Answer: 
Explanation:
NTFS permissions control access to the files and folders stored on disk volumes formatted with the
NTFS file system. Share permissions control access to folders over a network. To access a file over a
network, a user must have appropriate share permissions (and appropriate NTFS permissions if the
shared folder is on an NTFS volume).Granting a user Full Control NTFS permission on a folder enables
that user to take ownership of the folder unless the user is restricted in some other way.User1 was
not granted Full Control permission.
The Administrators have Full Control permission. I assume that User2 is an administrator since the
Group1 exhibit shows only User1 as a member.
References: http://technetHYPERLINK “http://technet.microsoft.com/enus/library/cc754178.aspx#_blank”.HYPERLINK “http://technet.microsoft.com/enus/library/cc754178.aspx#_blank”microsoftHYPERLINK “http://technet.microsoft.com/enus/library/cc754178.aspx#_blank”.comHYPERLINK “http://technet.microsoft.com/enus/library/cc754178.aspx#_blank”/en-us/library/cc754178HYPERLINK
“http://technet.microsoft.com/en-us/library/cc754178.aspx#_blank”.HYPERLINK
“http://technet.microsoft.com/en-us/library/cc754178.aspx#_blank”aspx
Exam Ref 70-410: Installing and configuring Windows Server 2012 R2, Chapter 2: Configure server
roles and features, Objective 2.1: Configure file and share access, p.75-80
In addition to the explanation:
I think that another possible explanation regarding User2 could be that User2 is simply a member of the Everyone group and therefore had modify rights, which allows him/her to delete the file.
There is no reason to assume user2 was an administrator. His username reflects a simple user. But as there is a speicific permission for everyone with the condition “not member of group1” (first screenshot) which allows modify, he can delete files.
Hello,
rights are cimulative . User 1, member of group1, has “read, execute” ntfs rights. besides, “everyone has share modify rights. Why can’t user 1 delete file ? Thank you/
Hi Otman,
This question is about permissions, not rights. When share permissions and NTFS permissions are used together, the most restrictive permission is applied. In this case, the Everyone group has Change permission on the Share, but Group 1/User 1 are only given Read & Execute permissions for NTFS. Since Read & Execute is more restrictive, that is the permission that is applied for User 1.
IMO the given answer is correct
Change means that user can read/execute/write/delete folders/files within share
Full means exactly that 🙂
Modify contains every right that full control does, except for Change Permission and Take Ownership.
But remember Share permissions are combined with NTFS permissions (the most restrictive permissions are applied).
User 1 effectively has read & execute….. not delete
User 2 has change on share + modify on NTFS folder….both allow delete
Contoso\administrator although not specifically listed anywhere will be a member of the server12\administrators group by default and has full control on share permissions but is not listed in the NTFS folder permissions although the account is a member of everyone group and by that inclusion has modify (ie delete) permissions
http://www.mdmarra.com/2013/11/full-control-v-modify-why-you-should-be.html