Gene Carboni, profile picture
Uploaded byGene Carboni
501 views

70-272 Chapter09

1. The document discusses security permissions for file sharing and accessing resources on a network, including share-level permissions, NTFS permissions, and group policies. 2. Share-level permissions allow control over reading, changing, and full control access when folders are shared on the network, while NTFS permissions provide more granular control over individual files and folders. 3. Effective permissions are determined by evaluating all group memberships a user has, and the most restrictive permission is applied. Group policies can also be used to configure security settings across an organization.

Embed presentation

SECURITY AND SECURITY PERMISSIONS Chapter 9
CHAPTER OVERVIEW AND OBJECTIVES Simple File Sharing Share-level permissions NTFS permissions Combined permissions Security and group policies
SIMPLE FILE SHARING
RUNNING THE NETWORK SETUP WIZARD
SHARING A FOLDER ON THE NETWORK
ENABLING SHARE-LEVEL PERMISSIONS
SHARE-LEVEL PERMISSIONS Read Allows users to view files and folders, view the contents of files and subfolders, and execute programs.* Change Full Control Share Permission Description Allows the user to change NTFS permissions on files and folders (including the shared folder). Administrators must configure share permissions locally or using the Computer Management console. Allows users to add and remove files and subfolders and edit files. *Programs requiring the ability to write to configuration files will not run properly without the Change permission.
SETTING SHARE-LEVEL PERMISSIONS
CALCULATING EFFECTIVE PERMISSIONS Evaluate all group memberships Effective permission is the least restrictive
TROUBLESHOOTING SHARE-LEVEL PERMISSIONS Evaluate all group memberships Ensure permissions are appropriate to requirements Consider Deny permissions
NTFS PERMISSIONS
STANDARD NTFS PERMISSIONS Read Open files and subfolders Open files List Folder Contents Read and Execute Write Modify Full Control NTFS Permission Folders Files Not applicable List contents of folder, traverse folder to open subfolders Create subfolders and add files Not applicable Open files, execute programs All the above + delete All the above + change permissions and take ownership, delete subfolders All the above Modify files All the above + change permissions and take ownership
EFFECTIVE NTFS PERMISSIONS Evaluate all group memberships Effective permission is the least restrictive Deny overrides all others
TROUBLESHOOTING NTFS PERMISSIONS Evaluate all group memberships Ensure permissions are appropriate to requirements Consider Deny permissions
COMBINING SHARE-LEVEL AND NTFS PERMISSIONS
DISCUSSION SCENARIO Finance Bob W., Renee K., Jason G. Manufacturing Ron C., Jerome J. Managers Ron C., Renee K. Reports Finance (Change) Finance (Full Control) Manufacturing (Full Control) Manufacturing (Read + Write) Managers (Read) Managers (Read) Graphics Managers (Change) Managers (Modify) Manufacturing (Deny Read) Group Users in Group Folder Share Permissions NTFS Permissions
BUILT-IN GROUPS Administrators Power Users Backup Operators Users
CHANGING USER GROUP MEMBERSHIPS User gets access token at logon based on group membership Group membership is changed User needs to log on again to receive new access token
LOCAL SECURITY SETTINGS
ACCOUNT POLICIES
ACCOUNT POLICIES (CONT.)
LOCAL POLICIES
GROUP POLICIES
CONFIGURING GROUP POLICY SETTINGS
TROUBLESHOOTING GROUP POLICIES Help and Support Gpresult.exe Rsoc.exe
SUMMARY Simple File Sharing is used in small and home offices No permission restriction for locally shared files Network shared files can be marked read-only Standard share-level permissions are used in larger organizations Ability to control access to Read, Change, Full Control Effective permission is the least restrictive
SUMMARY (CONT.) NTFS permissions Incorporated into the file system More granular than share-level permissions Effective permission is the least restrictive Combined permissions The more restrictive of either share-level or NTFS
SUMMARY (CONT.) Local security policy Controls password strength Controls account lockout policy Assigns user rights and other security-related settings Group policy Controls desktop and application configuration Is tiered so site, domain, and organizational unit override local settings

More Related Content

PPT
MS DOS
bysumatipuri
 
PDF
ITFT - DOS - Disk Operating System
byBlossom Sood
 
PPTX
What is-dos-operating-system
byparag dhok
 
DOCX
Disk operating system
byswati suman
 
PPT
Lect basic computer
bysusir
 
PPTX
Disk operating system
byHasnahana Chetia
 
PPT
Disk Operating System ( D O S)
byMihalR
 
PPT
Disk Operating systems
byalemay villegas
 
MS DOS
bysumatipuri
 
ITFT - DOS - Disk Operating System
byBlossom Sood
 
What is-dos-operating-system
byparag dhok
 
Disk operating system
byswati suman
 
Lect basic computer
bysusir
 
Disk operating system
byHasnahana Chetia
 
Disk Operating System ( D O S)
byMihalR
 
Disk Operating systems
byalemay villegas
 

What's hot

PPTX
Disk operating system
byRaza Jaan
 
PPT
Ms dos
byMercy Lou Yecla
 
PPT
Dos commad. by ammar nawab ppt
byAmmar_n
 
PPT
Introduction to ms dos
byIndika Rathninda
 
PPTX
Dos
byErm78
 
PPTX
cmd commands project
byKritika Chauhan
 
PPTX
Unit II - MS DOS Commands
byHepsijeba
 
PPT
Dos commands
bysuraj pandey
 
PPTX
MS Dos command
byHardik Patel
 
PPT
Guide to Windows 7 - Managing File Systems
byGene Carboni
 
PPTX
Basic dos-commands
byparag dhok
 
PDF
Dos commands
byravindravalmiki26
 
PPT
Shadow copy
bySanjeev Gupta
 
PPTX
Window xp slides
byUsman Abdullah
 
PPSX
Ms dos tutorial
byEhtisham Ali
 
PPTX
DOS - Disk Operating System
byMeqdad Darweesh
 
PPTX
Lenovo lse force_copied
byRyoichi Kida
 
PPTX
Ms DOS
byGunjan Singh
 
Disk operating system
byRaza Jaan
 
Ms dos
byMercy Lou Yecla
 
Dos commad. by ammar nawab ppt
byAmmar_n
 
Introduction to ms dos
byIndika Rathninda
 
Dos
byErm78
 
cmd commands project
byKritika Chauhan
 
Unit II - MS DOS Commands
byHepsijeba
 
Dos commands
bysuraj pandey
 
MS Dos command
byHardik Patel
 
Guide to Windows 7 - Managing File Systems
byGene Carboni
 
Basic dos-commands
byparag dhok
 
Dos commands
byravindravalmiki26
 
Shadow copy
bySanjeev Gupta
 
Window xp slides
byUsman Abdullah
 
Ms dos tutorial
byEhtisham Ali
 
DOS - Disk Operating System
byMeqdad Darweesh
 
Lenovo lse force_copied
byRyoichi Kida
 
Ms DOS
byGunjan Singh
 

Viewers also liked

PDF
Total Cost of Ownership Evaluation for Network Centric Systems of Systems
byMarco Lisi
 
PPTX
Communication disconnect
byowencharters
 
PPT
Beckstrom's Law - The Economics Of Networks Defcon July 31, 2009
byRodBeckstrom
 
PDF
3 Dec 2013 Integrated computational materials CDE themed competition presenta...
byDefence and Security Accelerator
 
PPTX
The Network Effects
byChandan Kumar Jha
 
PDF
Master navigation torino_2013
byMarco Lisi
 
PDF
Beneficial Ownership And Bsa
byDeborah_K_Williams
 
PDF
Throughlife integrated concurrent_engineering_master_gaudenzi_2016_lisi_v02
byMarco Lisi
 
PDF
From Selling Technology to Selling Value (2008)
byMarc Jadoul
 
PDF
Using Business Architecture to enable customer experience and digital strategy
byCraig Martin
 
PDF
Unit of Value: A Framework for Scaling
byGreylock Partners
 
PDF
Bridging business analysis and business architecture - The Open Group webinar
byCraig Martin
 
Total Cost of Ownership Evaluation for Network Centric Systems of Systems
byMarco Lisi
 
Communication disconnect
byowencharters
 
Beckstrom's Law - The Economics Of Networks Defcon July 31, 2009
byRodBeckstrom
 
3 Dec 2013 Integrated computational materials CDE themed competition presenta...
byDefence and Security Accelerator
 
The Network Effects
byChandan Kumar Jha
 
Master navigation torino_2013
byMarco Lisi
 
Beneficial Ownership And Bsa
byDeborah_K_Williams
 
Throughlife integrated concurrent_engineering_master_gaudenzi_2016_lisi_v02
byMarco Lisi
 
From Selling Technology to Selling Value (2008)
byMarc Jadoul
 
Using Business Architecture to enable customer experience and digital strategy
byCraig Martin
 
Unit of Value: A Framework for Scaling
byGreylock Partners
 
Bridging business analysis and business architecture - The Open Group webinar
byCraig Martin
 

Similar to 70-272 Chapter09

PPT
Itt operating systems unit 05 lesson 06
byblusmurfydot1
 
PPT
IT109 Microsoft Operating Systems Unit 05 lesson 06
byblusmurfydot1
 
PPTX
2dvm kp 2.pptx
bynoorazuwa2
 
PPT
1556 a 04
byLê Liêu
 
PPTX
Pace IT - Basic OS Security Settings (Part 1)
byPace IT at Edmonds Community College
 
PPT
G Mac Chapter05
byG-Madras Academy of Connectivity
 
PPT
Lesson 6 - Understanding File and Print Sharing
byGene Carboni
 
PPT
70 271 Stu Chap05
byGene Carboni
 
PPT
Chapter05 Managing File Access
byRaja Waseem Akhtar
 
PPTX
Into the Abyss: Evaluating Active Directory SMB Shares on Scale (Secure360)
byScott Sutherland
 
PPTX
06 File System
byMuhammad Sarfraz
 
PPSX
Lesson 9: Managing Files
byMahmmoud Mahdi
 
PPTX
Chapter 3pppppppppppppppppppppppppppp.pptx
byadugnanegero
 
PDF
3 windowssecurity
byricharddxd
 
PPTX
UNIT 6-EXPLAINING THE ROLE OF THE NETWORK ADMINISTRATOR AND SUPPORT.pptx
byLeahRachael
 
DOCX
Running head Identifying Potential Malicious Attacks1IDEN.docx
bycowinhelen
 
PPT
Mcts chapter 6
bySadegh Nakhjavani
 
PPTX
6421 b Module-10
byBibekananada Jena
 
PPTX
COC 3_introduction network computer server.pptx
byVeronGuelas1
 
PPTX
Files and folders
bycatacutanjcsantos
 
Itt operating systems unit 05 lesson 06
byblusmurfydot1
 
IT109 Microsoft Operating Systems Unit 05 lesson 06
byblusmurfydot1
 
2dvm kp 2.pptx
bynoorazuwa2
 
1556 a 04
byLê Liêu
 
Pace IT - Basic OS Security Settings (Part 1)
byPace IT at Edmonds Community College
 
G Mac Chapter05
byG-Madras Academy of Connectivity
 
Lesson 6 - Understanding File and Print Sharing
byGene Carboni
 
70 271 Stu Chap05
byGene Carboni
 
Chapter05 Managing File Access
byRaja Waseem Akhtar
 
Into the Abyss: Evaluating Active Directory SMB Shares on Scale (Secure360)
byScott Sutherland
 
06 File System
byMuhammad Sarfraz
 
Lesson 9: Managing Files
byMahmmoud Mahdi
 
Chapter 3pppppppppppppppppppppppppppp.pptx
byadugnanegero
 
3 windowssecurity
byricharddxd
 
UNIT 6-EXPLAINING THE ROLE OF THE NETWORK ADMINISTRATOR AND SUPPORT.pptx
byLeahRachael
 
Running head Identifying Potential Malicious Attacks1IDEN.docx
bycowinhelen
 
Mcts chapter 6
bySadegh Nakhjavani
 
6421 b Module-10
byBibekananada Jena
 
COC 3_introduction network computer server.pptx
byVeronGuelas1
 
Files and folders
bycatacutanjcsantos
 

More from Gene Carboni

PDF
CarboniGoogleTrainerResume
byGene Carboni
 
PPT
Chapter 3 - The Adjusting Process
byGene Carboni
 
PPT
Lesson 7 - Maintaining, Updating, and Protecting
byGene Carboni
 
PPT
Lesson 8 - Understanding Backup and Recovery Methods
byGene Carboni
 
PPT
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
byGene Carboni
 
PPT
Lesson 5 - Managing Devices
byGene Carboni
 
PPT
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
byGene Carboni
 
PPT
Lesson 4 - Managing Applications, Services, Folders, and Libraries
byGene Carboni
 
PPT
Lesson 2 - Understanding Operating System Configurations
byGene Carboni
 
PPT
CHAPTER 3 Measuring Business Income: The Adjusting Process
byGene Carboni
 
PPT
CHAPTER 2 Recording Business Transactions
byGene Carboni
 
PDF
CHAPTER 1 Accounting and the Business Environment
byGene Carboni
 
PPT
7th ed ppt ch07
byGene Carboni
 
PPTX
Introducing Widows 7
byGene Carboni
 
PPT
Guide to Windows 7 - Managing Disks
byGene Carboni
 
PPT
Guide to Windows 7 - Using the System Utilities
byGene Carboni
 
PPT
Guide To Windows 7 - Installing Windows 7
byGene Carboni
 
PPT
Guide To Windows 7 - Introduction to Windows 7
byGene Carboni
 
PPT
Accounting - Chapter 1
byGene Carboni
 
PPT
Introduction to Hardware
byGene Carboni
 
CarboniGoogleTrainerResume
byGene Carboni
 
Chapter 3 - The Adjusting Process
byGene Carboni
 
Lesson 7 - Maintaining, Updating, and Protecting
byGene Carboni
 
Lesson 8 - Understanding Backup and Recovery Methods
byGene Carboni
 
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
byGene Carboni
 
Lesson 5 - Managing Devices
byGene Carboni
 
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
byGene Carboni
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
byGene Carboni
 
Lesson 2 - Understanding Operating System Configurations
byGene Carboni
 
CHAPTER 3 Measuring Business Income: The Adjusting Process
byGene Carboni
 
CHAPTER 2 Recording Business Transactions
byGene Carboni
 
CHAPTER 1 Accounting and the Business Environment
byGene Carboni
 
7th ed ppt ch07
byGene Carboni
 
Introducing Widows 7
byGene Carboni
 
Guide to Windows 7 - Managing Disks
byGene Carboni
 
Guide to Windows 7 - Using the System Utilities
byGene Carboni
 
Guide To Windows 7 - Installing Windows 7
byGene Carboni
 
Guide To Windows 7 - Introduction to Windows 7
byGene Carboni
 
Accounting - Chapter 1
byGene Carboni
 
Introduction to Hardware
byGene Carboni
 

70-272 Chapter09

  • 1.
    SECURITY AND SECURITYPERMISSIONS Chapter 9
  • 2.
    CHAPTER OVERVIEW ANDOBJECTIVES Simple File Sharing Share-level permissions NTFS permissions Combined permissions Security and group policies
  • 3.
  • 4.
    RUNNING THE NETWORKSETUP WIZARD
  • 5.
    SHARING A FOLDERON THE NETWORK
  • 6.
  • 7.
    SHARE-LEVEL PERMISSIONS ReadAllows users to view files and folders, view the contents of files and subfolders, and execute programs.* Change Full Control Share Permission Description Allows the user to change NTFS permissions on files and folders (including the shared folder). Administrators must configure share permissions locally or using the Computer Management console. Allows users to add and remove files and subfolders and edit files. *Programs requiring the ability to write to configuration files will not run properly without the Change permission.
  • 8.
  • 9.
    CALCULATING EFFECTIVE PERMISSIONSEvaluate all group memberships Effective permission is the least restrictive
  • 10.
    TROUBLESHOOTING SHARE-LEVEL PERMISSIONSEvaluate all group memberships Ensure permissions are appropriate to requirements Consider Deny permissions
  • 11.
  • 12.
    STANDARD NTFS PERMISSIONSRead Open files and subfolders Open files List Folder Contents Read and Execute Write Modify Full Control NTFS Permission Folders Files Not applicable List contents of folder, traverse folder to open subfolders Create subfolders and add files Not applicable Open files, execute programs All the above + delete All the above + change permissions and take ownership, delete subfolders All the above Modify files All the above + change permissions and take ownership
  • 13.
    EFFECTIVE NTFS PERMISSIONSEvaluate all group memberships Effective permission is the least restrictive Deny overrides all others
  • 14.
    TROUBLESHOOTING NTFS PERMISSIONSEvaluate all group memberships Ensure permissions are appropriate to requirements Consider Deny permissions
  • 15.
    COMBINING SHARE-LEVEL ANDNTFS PERMISSIONS
  • 16.
    DISCUSSION SCENARIO FinanceBob W., Renee K., Jason G. Manufacturing Ron C., Jerome J. Managers Ron C., Renee K. Reports Finance (Change) Finance (Full Control) Manufacturing (Full Control) Manufacturing (Read + Write) Managers (Read) Managers (Read) Graphics Managers (Change) Managers (Modify) Manufacturing (Deny Read) Group Users in Group Folder Share Permissions NTFS Permissions
  • 17.
    BUILT-IN GROUPS AdministratorsPower Users Backup Operators Users
  • 18.
    CHANGING USER GROUPMEMBERSHIPS User gets access token at logon based on group membership Group membership is changed User needs to log on again to receive new access token
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
    TROUBLESHOOTING GROUP POLICIESHelp and Support Gpresult.exe Rsoc.exe
  • 26.
    SUMMARY Simple FileSharing is used in small and home offices No permission restriction for locally shared files Network shared files can be marked read-only Standard share-level permissions are used in larger organizations Ability to control access to Read, Change, Full Control Effective permission is the least restrictive
  • 27.
    SUMMARY (CONT.) NTFSpermissions Incorporated into the file system More granular than share-level permissions Effective permission is the least restrictive Combined permissions The more restrictive of either share-level or NTFS
  • 28.
    SUMMARY (CONT.) Localsecurity policy Controls password strength Controls account lockout policy Assigns user rights and other security-related settings Group policy Controls desktop and application configuration Is tiered so site, domain, and organizational unit override local settings