You have a file server named Server1 that runs Windows Server 2012 R2. Server1 contains a folder named Folder1.
A user named User1 is a member of Group1 and Group2. A user named User2 is a member of Group2 and Group3.
You need to identify which actions the users can perform when they access the files in Share1.
What should you identify?
To answer, select the appropriate actions for each user in the answer area.
Hot Area:
Answer: 
Explanation:
User 1:– Read the files
– Edit the contents of the files
– Delete files created by other users
– Modify the permissions on the files
– Execute executable files
User 2:
– Read the files
– Edit the contents of the filesShare permissions apply to users who connect to a shared folder over the network. Group membership of User1 means that he has Full control permission and
User2 only has Read and change permission.http://technet.microsoft.com/en-us/library/cc754178.aspx
Exam Ref 70-410: Installing and configuring Windows Server 2012 R2, Chapter 2: Configure server roles and features, Objective 2.1: Configure file and share
access, p. 75-80
if you’re going to disable inheritance then the answers should be:
User1: YYNNN
User2: YNNNY
Tested and confirmed!!!
By default, inheritance is enable.
I think correct answer can be:
User1: YYNYN
User2: YNNNY
tested on lab
user1 YYNNN
user2 YNNNY
Correct. In fact, is is clearly stated in the MSFT website that the only permission that allows users to change files permissions, is “Full Control”
Table 13-4 Special Permissions for Files
https://msdn.microsoft.com/en-us/library/bb727008.aspx?f=255&MSPPError=-2147217396
All correct
The question is not worded correctly, but after looking at the answer, the phrase “You need to identify which actions the users can perform when they access the files in Share1.” actually stands for accesing the files LOCALLY in Share1.
The way the question is presented doesn’t make clear if the users access the files locally or remotely, it just says “access the files”
on full control can change file permissions
The share and NTFS permissions assigned to a file or folder can conflict. For example, if a user has the NTFS Write and Modify permissions for a folder but lacks the Change share permission, that user will not be able to modify a file in that folder.
the permission between two group may conflict. But either one of the groups grants a specific permission, the user has that permission.
http://www.mcmcse.com/microsoft/guides/ntfs_and_share_permissions.shtml
With combined share and ntfs permissions you need to take the applied share + NTFS permissions and the most restrictive of the two get applied.
Tested on my lab
User1 Y Y N N N
User2 Y N N N Y
I did disable inheritance in order to set it.
Did anyone pass the exam and know for fact what the correct answer as per Microsoft?
make sense
How Combining NTFS and Shared Folder Permissions Works
When you apply both NTFS and shared folder permissions, remember that the more restrictive of the two
permissions dictates the access that a user will have to a file or folder. The following two examples explain
this further:
• If you set the NTFS permissions on a folder to Full Control, but you set the shared folder permissions
to Read, then that user has only Read permission when accessing the folder over the network. Access
is restricted at the shared folder level, and any greater access at the NTFS permissions level does not
apply.
• Likewise, if you set the shared folder permission to Full Control, and you set the NTFS permissions to
Write, then the user will have no restrictions at the shared folder level, but the NTFS permissions on
the folder grants only Write permissions to that folder.
The user must have appropriate permissions on both the NTFS file or folder and the shared folder. If no
permissions exist for the user (either as an individual or as the member of a group) on either resource,
access is denied.
ref: 20410C
Installing and Configuring
Windows Server® 2012
page 342
User 1 will have a cumulative NTFS permission of Read & Write and share permission of Full control.
User 2 will have a cumulative NTFS permission of Read & Execute and share permission of Change (Read/Write/Execute/delete)
The effective least permission of NTFS and Share will be applied, based on that
User 1 – YYNNN
User 2 – YNNNY
Note:
Write permission can’t delete (other’s) Folders, execute files or add permissions.
Execute Permission can’t edit, delete folders or add/remove permissions.