Test Yourself MCSE Designing Security for Windows 2000 (Exam 70-220) - Softcover

From the Back Cover

Exclusive "Exam Watch" features point out the most frequently missed questions - and how to answer them correctly

Answers provide in-depth explanations - and show why the incorrect choices are wrong, as shown below:

A high-level executive of your company has resigned. Two weeks after his departure, the VP of Sales comes to you and asks for permission to access the former executive's network folders on your Windows 2000 network because some important documents are there. How can this be accomplished?

A. Log on as the former executive and choose Transfer Ownership
B. Log on as Administrator and choose Grant Ownership
C. Log on as the VP of Sales and choose Take Ownership
D. Log on as Administrator and choose Modify Owner

D. If the former executive had the folders secured, the only way to gain access to them is to Modify Owner. This is similar to the Take Ownership permission in previous versions of Windows NT. Once you have taken ownership, you can modify the permissions on the folder(s) to grant access to others.

A is not correct. You cannot give or transfer ownership of an object in Windows 2000. This prevents someone from making unauthorized changes and then falsely assigning ownership of the object. B is not correct. There is a permission called Modify Owner but not Grant Ownership in Windows 2000. C is not correct. The VP of Sales would have to be given permission to Modify Owner. This permission is typically only granted to network administrators. However, the permission would not be called Take Ownership, as that permission was used in Windows NT 4.0 and earlier.