70-350 Implementing Microsoft Internet Security and Acceleration (ISA) Server 2004 Study Guide

Demo Question 12.

You work as the network administrator at EliteCertify.com. The EliteCertify.com network consists of a single Active Directory domain named EliteCertify.com. The EliteCertify.com network contains an ISA Server 2004 computer named EliteCertify -SR10 and a Windows Server 2003 computer named EliteCertify -SR11. EliteCertify -SR10 is configured to generate daily reports and automatically publish them to a shared folder named CK_Reports on EliteCertify -SR11. With this report, you also create an account named CK\IsaReport. You configure EliteCertify -SR10 to create reports in the security context of the CK\IsaReport account. The existing permissions on the CK_Reports folder are as follows. Group or user name Allow permissions CERTKILLERSR11\ Admin Full Control System Full Control CK\Managers Read List Folder Contents Read & Execute CK\IsaReport Full Control You need to configure the minimum NTFS permissions on the CK_Reports folder. What should you do?

A. You need to change the system object from Full Control to Modify.
B. You need to change CK\IsaReport object from Full Control to Read.
C. You need to change CK\IsaReport object from Full Control to Write.
D. You need to change the system object from Full Control to Read and Write.


Display Answer

Answer: C

Explanation: Reports are collections of information generated from data collected from the ISA Server log files. You can use the reporting feature to summarize and analyze common usage patterns. You can also use reports to monitor the security of your network. You can generate a report immediately or you can schedule reports to generate on a recurring basis. To allow others to view the published report, give them read permissions to that folder. In this case you are using the CK\IsaReport account; therefore you should remove the FULL Control permissions and change it to write permissions.