Exam MD-100 topic 3 question 68 discussion

According To me, answers are correct. Same Segment = Same Vlan = Private ou Domain Profiles Different Segment = Comnunicaiton possible with internet = Public Profil Q1 : NO Q2 : NO Q3 : YES : after enter credential to access share (tested on VMs).

I think the answer should be NO, NO, NO. The last NO is because you technically can reach the share but you will be prompted with a username and password. Nothing is given in the question that you know the credentials, so NO

I tested this. Took a while to set all of it up. The answer is YES NO YES: - There is no mention of usernames and passwords, but Everyone has Full Control over the share - There is no mention of NTFS permissions, there's also no mention of the LEVEL of access only that there IS access - Windows Defender Firewall profiles apply to incoming connections - There is no mention of changing firewall profiles manually, so we go with defaults - If your computer is domain-joined, AND you can reach your domain controller, then your firewall profile is DOMAIN - so Computer1 (which can reach its DC via segment 1) ALLOWS incoming File and Print connections, no matter the type of client or user - If you are domain-joined but you CANNOT reach your domain controller, you default to Guest/Public - so Computer2 (which cannot reach its DC bcz it's in segment 2) does NOT allow incoming File & print connections, regardless of client, user, or anything else - If you are in a workgroup, your firewall profile defaults to Guest/Public - so Computer3 ALLOWS incoming F&P connections

Can anyone confirm this answer?

Share1 is on Computer1. Computer1 has joined the domain and is connected to Segment1. Because Segment1 has domain controller connectivity, Domain is the active firewall profile on Computer1. File and printer sharing is enabled in the domain profile. Therefore we can access Share1 from Computer3. Share2 is on Computer2. Computer2 has joined the domain and is connected to Segment2. Segment2 has no domain controller connectivity, so the active firewall profile is either private or public. This depends on the option the user selected when they first connected to Segment2. When connecting for the first time, Windows asks whether the PC should be visible in this network. If you choose Yes, Windows sets the network to private. If you choose No, Windows sets the network to public. If you don't make a selection, Windows sets the network to Public by default. File and printer sharing is disabled for the Public profile on Computer2. Share3 is on Computer3. Computer3 has not joined the domain and has enabled file and printer sharing in the private and public profiles. Access to Share3 is therefore possible.

Could anyone please confirm or deny the point that tonytones talked about? when he said "I do not think file-sharing access requires being in AD or connected to a DC"

If by segments, they mean subnets, then the network and network profiles allows it. There is internet connectivity with confirms there can be a connection between the 2 subnets, granted that the router is configured properly. I do not think file sharing access requires being in AD or connected to a DC. I would also say No, Yes, Yes. But then again I can be wrong...

Thats what I am think Jonnaz, it s a confusing one, to me I didnt think the segments mattered, I thought it was just whether the firewall would allow the connection based off being private or domain. Auth can be done against the DC via Azure for permission side of it. I was a little unsure if there were any instances of perhaps the machine not being able to check against a DC if it was local though. Would love to have someone explain this further. Hopefully we get some more replies on here.

I think it's N, Y, Y