ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-100 All Questions

View all questions & answers for the MD-100 exam
Go to Exam

Exam MD-100 topic 3 question 26 discussion

Actual exam question from Microsoft's MD-100
Question #: 26
Topic #: 3
[All MD-100 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
A user named User1 has a computer named Computer1 that runs Windows 10. Computer1 is joined to an Azure Active Directory (Azure AD) tenant named contoso.com. User1 joins Computer1 to contoso.com by using [email protected].
Computer1 contains a folder named Folder1. Folder1 is in drive C and is shared as Share1. Share1 has the permission shown in the following table.

A user named User2 has a computer named Computer2 that runs Windows 10. User2 joins Computer2 to contoso.com by using [email protected].
User2 attempts to access Share1 and receives the following error message: `The username or password is incorrect.`
You need to ensure that User2 can connect to Share1.
Solution: You create a local group on Computer1 and add the Guest account to the group. You grant the group Modify access to Share1.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Anthony_2770 at Oct. 23, 2020, 5:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
aek_latamene
Highly Voted 3 years, 4 months ago
Hello, I would like to see at least one response from CARIOCA, you are always looking for an answer without making any effort, I see your unnecessary comment on all questions ... sorry but ....
upvoted 22 times
...
Anthony_2770
Highly Voted 4 years, 4 months ago
Share-level permissions must be assigned to the Azure AD identity representing the same user or group in your AD DS to support AD DS authentication to your Azure file share. Authentication and authorization against identities that only exist in Azure AD, such as Azure Managed Identities (MSIs), are not supported with AD DS authentication. There are three Azure built-in roles for granting share-level permissions to users: Storage File Data SMB Share Reader allows read access in Azure Storage file shares over SMB. Storage File Data SMB Share Contributor allows read, write, and delete access in Azure Storage file shares over SMB. Storage File Data SMB Share Elevated Contributor allows read, write, delete, and modify Windows ACLs in Azure Storage file shares over SMB.
upvoted 8 times
...
Wojer
Most Recent 2 years, 8 months ago
The funny think is that it allow me to access. maybe becasue I ude on prem Domain users accounts not AzureAD
upvoted 1 times
...
jcgm1990
2 years, 10 months ago
Selected Answer: B
B is correct
upvoted 1 times
...
PChi
3 years, 1 month ago
I thought you cannot access on premise file shares via could account but you can in the vise versa effect by extending smb shares from azure ad ds to ad ds... is this not true? Doing research and digging now but can someone post up some articles involving shares btwn azure AD DS and AD DS? Or if you don't mind, explain to me please the relation involving share/NTFS permissions between the two please? I NEED to understand. Lol. Thank you in advance.
upvoted 1 times
PChi
3 years, 1 month ago
via cloud account*
upvoted 1 times
...
...
Tommo
3 years, 1 month ago
Selected Answer: B
B is correct here.
upvoted 1 times
...
CARIOCA
3 years, 8 months ago
Is the final answer correct or not?
upvoted 1 times
...
AVP_Riga
4 years ago
Note: Modify - it is NTFS option, Share has a "Change".
upvoted 5 times
...
Merma
4 years, 1 month ago
https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable
upvoted 1 times
ercluff
3 years, 9 months ago
As with previous instances of this question, there is NO on-premise AD domain mentioned in this question. The article quotes pertains to the synchronizing of Azure AD with on-premise AD domains. This question is about two Windows 10 endpoints that both become joined to an Azure AD domain. The share created, in order to be of any availability to user2 must be constructed in the Azure AD. Local groups or permissions don't transfer to the cloud.
upvoted 3 times
...
...
Anthony_2770
4 years, 6 months ago
User has no NTFS permissions with the provided solution. The Everyone group includes all members of the Authenticated Users group as well as the built-in Guest account, and several other built-in security accounts like SERVICE, LOCAL_SERVICE, NETWORK_SERVICE , and others. A Guest account is a built-in account on a Windows system that is disabled by default.
upvoted 3 times
...
Anthony_2770
4 years, 6 months ago
Notes : The Guest account is a low-privilege Windows account that exists on every Windows system. It's available to users that don’t have an account defined and need occasional access to a Windows system. Users logging on using the Guest account can access local data and applications but can't install software or hardware. By default, the Guest account is disabled and isn't password-protected. It also has the “User cannot change password” and “Password never expires” account properties set.
upvoted 6 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago