New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-800 Exam - Topic 8 Question 38 Discussion

Actual exam question for Microsoft's AZ-800 exam
Question #: 38
Topic #: 8
[All AZ-800 Questions]

Task 1

You need to prevent domain users from saving executable files in a share named \\SRVl\Dat

a. The users must be able to save other files to the share.

Show Suggested Answer Hide Answer
Suggested Answer: A

One possible solution to prevent domain users from saving executable files in a share named SRVlData is to use file screening on the file server. File screening allows you to block certain files from being saved based on their file name extension. Here are the steps to configure file screening:

On the file server, openFile Server Resource Managerfrom theAdministrative Toolsmenu.

In the left pane, expandFile Screening Managementand click onFile Groups.

Right-click onFile Groupsand selectCreate File Group.

In theFile Group Propertiesdialog box, enter a name for the file group, such asExecutable Files.

In theFiles to includebox, enter the file name extensions that you want to block, such as.exe, .bat, .cmd, .com, .msi, .scr. You can use wildcards to specify multiple extensions, such as *.exe.

ClickOKto create the file group.

In the left pane, click onFile Screen Templates.

Right-click onFile Screen Templatesand selectCreate File Screen Template.

In theFile Screen Template Propertiesdialog box, enter a name for the template, such asBlock Executable Files.

On theSettingstab, select the optionActive screening: Do not allow users to save unauthorized files.

On theFile Groupstab, check the box next to the file group that you created, such asExecutable Files.

On theNotificationtab, you can configure how to notify users and administrators when a file screening event occurs, such as sending an email, logging an event, or running a command or script. You can also customize the message that users see when they try to save a blocked file.

ClickOKto create the file screen template.

In the left pane, click onFile Screens.

Right-click onFile Screensand selectCreate File Screen.

In theCreate File Screendialog box, enter the path of the folder that you want to apply the file screening to, such asSRVlData.

Select the optionDerive properties from this file screen template (recommended)and choose the template that you created, such asBlock Executable Files.

ClickCreateto create the file screen.

Now, domain users will not be able to save executable files in the share named SRVlData. They will be able to save other files to the share.


by Zona at Jan 26, 2024, 12:15 PM

Limited Time Offer

25%

Off

Get Premium AZ-800 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Lavina
3 months ago
Totally agree, this is a common issue in shared environments!
upvoted 0 times
...
Louisa
3 months ago
Wait, how do you prevent just executables without blocking everything?
upvoted 0 times
...
Haydee
4 months ago
I think they should be able to save scripts too, right?
upvoted 0 times
...
Irma
4 months ago
Sounds good, but can users still save .zip files?
upvoted 0 times
...
Pearlie
4 months ago
Just set NTFS permissions to deny .exe files.
upvoted 0 times
...
Paola
4 months ago
I feel like we might have to use Group Policy for this, but I can't remember the exact steps to implement it.
upvoted 0 times
...
Phung
4 months ago
This seems similar to a practice question we did on file permissions. I think we might need to use a combination of settings.
upvoted 0 times
...
Twana
5 months ago
I remember something about using NTFS permissions, but I can't recall if that alone would prevent executables.
upvoted 0 times
...
Hildred
5 months ago
I think we need to set up file screening on the share to block executable files, but I'm not entirely sure how to configure that.
upvoted 0 times
...
Nidia
5 months ago
Alright, let's do this. I'm pretty confident I can get this sorted out.
upvoted 0 times
...
Judy
5 months ago
No problem, I've dealt with this kind of task before. I'll use a combination of share and NTFS permissions.
upvoted 0 times
...
Annelle
5 months ago
Wait, I'm a bit confused. Do we need to block all executable files or just specific ones?
upvoted 0 times
...
Lenna
5 months ago
Okay, I think I know how to handle this. I'll need to set some file permissions on the share.
upvoted 0 times
...
Jin
5 months ago
Hmm, this looks like a tricky one. I'll need to think through the best approach carefully.
upvoted 0 times
...
Skye
5 months ago
I'm a bit confused on how to calculate the rate of return here. Is there a specific formula I should be using? I want to make sure I get this right.
upvoted 0 times
...
Nakisha
5 months ago
Hmm, I'm not sure about this one. I know it's important to test with different browsers, but I'm not sure if we need to test with older versions too. I might go with option B just to be safe.
upvoted 0 times
...
Cherelle
5 months ago
Hmm, I'm not entirely sure about the difference between a risk management plan and a risk register. I'll need to think this through carefully.
upvoted 0 times
...
Lewis
2 years ago
What if we set up a separate share for approved executables and have users request access if they need to install something? That way we maintain control without shutting down the main share completely.
upvoted 0 times
Tish
2 years ago
Agreed, let's give it a shot and see how it goes.
upvoted 0 times
...
Georgene
2 years ago
It's definitely better than completely shutting down the main share for everyone.
upvoted 0 times
...
Genevive
2 years ago
I think it's worth trying out to see if it helps prevent any security risks.
upvoted 0 times
...
Latanya
2 years ago
It could be a bit of a hassle, but at least we would have more control over what is being saved on the main share.
upvoted 0 times
...
Edmond
2 years ago
But wouldn't it be a hassle for users to request access every time?
upvoted 0 times
...
Cruz
2 years ago
That sounds like a good idea.
upvoted 0 times
...
...
Art
2 years ago
Haha, I can already imagine the angry emails from users who can't save their 'totally-not-virus.exe' files anymore. But you're right, we need a solution that doesn't cripple their workflow.
upvoted 0 times
...
Chantell
2 years ago
I agree, we need to balance security and usability. Maybe we could use file type filtering or access control lists to allow certain types of files but block executables specifically.
upvoted 0 times
...
Cherri
2 years ago
This question seems straightforward, but I'm a little worried about the potential impact on user productivity if we can't let them save executable files. Maybe we could explore a more targeted solution instead of just blocking everything.
upvoted 0 times
...

Save Cancel