ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-100 All Questions

View all questions & answers for the MD-100 exam
Go to Exam

Exam MD-100 topic 2 question 6 discussion

Actual exam question from Microsoft's MD-100
Question #: 6
Topic #: 2
[All MD-100 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a computer named Computer1 that runs Windows 10.
A service named Application1 is configured as shown in the exhibit.

You discover that a user used the Service1 account to sign in to Computer1 and deleted some files.
You need to ensure that the identity used by Application1 cannot be used by a user to sign in to sign in to the desktop on Computer1. The solution must use the principle of least privilege.
Solution: On Computer1, you assign Service1 the Deny log on as a service user right.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by kalmann at Oct. 2, 2020, 7:30 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AVP_Riga
Highly Voted 4 years, 2 months ago
B. No.
upvoted 8 times
...
jcgm1990
Most Recent 2 years, 11 months ago
Selected Answer: B
Answer is B
upvoted 1 times
...
Tommo
3 years, 3 months ago
Selected Answer: B
B. No.
upvoted 1 times
...
Aschayder
3 years, 5 months ago
Selected Answer: B
Resposta correta é a B
upvoted 2 times
...
CaloyB_IT
3 years, 7 months ago
Answer B is correct- Enabling deny log on locally will deny that account from being logged in locally
upvoted 2 times
...
CARIOCA
3 years, 9 months ago
This question 6 is the same as question 5 with different answers. What would be the final answer and the justification?
upvoted 1 times
MJU
3 years, 9 months ago
Question 5 asks if denying the service1 account logon on locally via local GP would resolve the problem, and this question asks if deny logon as a service would resolve the problem. In question 5, we WANT to restrict service1 from logging on to the PC as a user to prevent data deletion, however it can still be used as a service account. In question 6, we do NOT WANT to restrict the log on as a service right as it is being used by a service and doing so would break the service.
upvoted 4 times
mikl
3 years, 6 months ago
Agree.
upvoted 1 times
...
...
...
kalmann
4 years, 8 months ago
The answer A is right.
upvoted 2 times
BennyS
4 years, 7 months ago
No, it's obviously not. The service user needs to be able to sign in as a service.
upvoted 20 times
mikl
3 years, 6 months ago
If we set "Deny log on as a service user" for Service1 - how will that prevent Service1 from logging onto the Desktop of Computer1?
upvoted 2 times
...
...
mikl
3 years, 8 months ago
Dead wrong dude.
upvoted 4 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel