Advanced file system (encrypt,compress,disk quota)


Published on

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Advanced file system (encrypt,compress,disk quota)

  1. 1. 70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Advanced File System Management
  2. 2. File Compression <ul><li>Reduces amount of disk space needed for files and folders </li></ul><ul><li>Automatically uncompressed when the resource is accessed </li></ul><ul><li>Compressed resources displayed in different color in Windows Explorer (blue by default) </li></ul><ul><li>Moving and copying resources can affect compression </li></ul>
  3. 3. Configuring Folder Compression Settings <ul><li>Objective: Configure a folder to compress its contents </li></ul><ul><li>Create a folder, copy a file into it </li></ul><ul><li>Set the compression attribute on the folder to compress itself and its contents </li></ul><ul><li>Note the appearance of the folder and verify compression of contents </li></ul>
  4. 4. (continued)
  5. 5. COMPACT <ul><li>Used with NTFS file system only </li></ul><ul><li>Command-line utility for configuring the compression attribute </li></ul><ul><li>Syntax </li></ul><ul><ul><li>COMPACT (to view) </li></ul></ul><ul><ul><li>COMPACT switches resourcename (to set attributes) </li></ul></ul><ul><li>Switches </li></ul><ul><ul><li>/c (to compress resources) </li></ul></ul><ul><ul><li>/u (to uncompress resources) </li></ul></ul>
  6. 6. File Encryption <ul><li>Encrypting File System (EFS) uses public key cryptography to encrypt files and folders </li></ul><ul><li>Only on NTFS file systems </li></ul><ul><li>Transparent to user </li></ul><ul><li>Implemented using 2 main types of keys </li></ul><ul><ul><li>File encryption key (FEK) </li></ul></ul><ul><ul><ul><li>Session key added to header of encrypted data ( data decryption field ) </li></ul></ul></ul><ul><ul><li>Public key encrypts DDF </li></ul></ul>
  7. 7. File Encryption (continued) <ul><li>Main challenge for public key cryptography is when users leave organization </li></ul><ul><li>Can rename user account </li></ul><ul><li>Can use data recovery agent </li></ul><ul><ul><li>FEK also stored in data recovery field (DRF) </li></ul></ul><ul><ul><li>Encrypted using data recovery agent’s public key </li></ul></ul><ul><ul><li>Default is administrator, additional recovery agents can be designated </li></ul></ul><ul><li>Moving or copying files can affect encryption </li></ul><ul><li>Encrypted files cannot be compressed, vice versa </li></ul>
  8. 8. Encrypting Files Using Windows Explorer <ul><li>Objective: Implement and test file encryption security using EFS </li></ul><ul><li>Configure encryption on a folder and create a file in the folder </li></ul><ul><li>Try to open the folder and file from another user account and observe results </li></ul><ul><li>Try to open the folder and file from a domain administrator account and observe results </li></ul>
  9. 9. Sharing Encrypted Files <ul><li>In Windows 2000, only user and data recovery agent could access an encrypted file </li></ul><ul><li>In Windows Server 2003, Advanced Attributes allows sharing with other specific named users </li></ul><ul><li>Issues: </li></ul><ul><ul><li>Only for files, not folders </li></ul></ul><ul><ul><li>Can only share with users, not groups </li></ul></ul><ul><ul><li>Users must have a certificate on computer </li></ul></ul><ul><ul><li>Users must have appropriate NTFS permissions </li></ul></ul>
  10. 10. Sharing Encrypted Files (continued)
  11. 11. Disk Quotas <ul><li>Disk quotas used to monitor and control user disk space </li></ul><ul><li>Advantages </li></ul><ul><ul><li>Prevents users from consuming all disk space </li></ul></ul><ul><ul><li>Encourages users to delete old files </li></ul></ul><ul><ul><li>Allows monitoring for planning purposes </li></ul></ul><ul><ul><li>Allows monitoring of individual users </li></ul></ul><ul><li>Disabled by default </li></ul><ul><li>Implemented only on NTFS volumes </li></ul><ul><li>Configured from Properties of a volume </li></ul>
  12. 12. Disk Quotas (continued)
  13. 13. Disk Quotas (continued)
  14. 14. Disk Quotas (continued)
  15. 15. Configuring and Managing Disk Quotas <ul><li>Objective: Enable and manage disk quota settings </li></ul><ul><li>Enable quota management </li></ul><ul><li>Configure “soft” disk quota settings </li></ul><ul><li>Observe results </li></ul><ul><li>Set up a warning situation and observe results </li></ul>
  16. 16. Managing Disk Quotas from the Command Line <ul><li>FSUTIL QUOTA command-line utility can be used to manage disk quotas </li></ul><ul><ul><li>Can enable/disable, modify, display, track, report </li></ul></ul><ul><ul><li>Example (to enable disk quotas on drive E) </li></ul></ul><ul><ul><ul><li>fsutil quota enforce e: </li></ul></ul></ul><ul><ul><li>Events written to System log (displayed in Event Viewer) every hour by default </li></ul></ul><ul><ul><ul><li>fsutil behavior command can change the interval </li></ul></ul></ul><ul><li>Help available for fsutil quota and fsutil behavior commands in Help and Support Center </li></ul>
  17. 17. Managing Disk Quotas from the Command Line (continued)