MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.

Slides:



Advertisements
Similar presentations
Managing User, Computer and Group Accounts
Advertisements

Chapter Five Users, Groups, Profiles, and Policies.
1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
Chapter 7: Configuring Disks. 2/24 Objectives Learn about disk and file system configuration in Vista Learn how to manage storage Learn about the additional.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
70-270: MCSE Guide to Microsoft Windows XP Professional Second Edition, Enhanced Chapter 4: Managing Windows XP File Systems and Storage.
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
1 Chapter Overview Managing Compression Managing Disk Quotas Increasing Security with EFS Using Disk Defragmenter, Check Disk, and Disk Cleanup.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Group Accounts; Securing Resources with Permissions
1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security.
Chapter 5 File and Printer Services
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 6: Windows File and Print Services.
70-270: MCSE Guide to Microsoft Windows XP Professional Second Edition, Enhanced Chapter 4: Managing Windows XP File Systems and Storage.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
Chapter Four Managing Windows XP File Systems and Storage.
Week 9 Objectives Securing Files and Folders Protecting Shared Files and Folders by Using Shadow Copies Configuring Network Printing.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.
Gorman, Stubbs, & CEP Inc. 1 Introduction to Operating Systems Lesson 12 Windows 2000 Server.
C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.
IOS110 Introduction to Operating Systems using Windows Session 8 1.
Managing Groups, Folders, Files and Security Local Domain local Global Universal Objects Folders Permissions Inheritance Access Control List NTFS Permissions.
Chapter 9: SHARING FILE SYSTEM RESOURCES1 CHAPTER OVERVIEW  Create and manage file system shares and work with share permissions.  Use NTFS file system.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Module 3 Configuring File Access and Printers on Windows ® 7 Clients.
Guide to MCSE , Second Edition, Enhanced 1 File Storage Basics Basic storage Centers on partitioning physical disk Dynamic storage New method supported.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
Chapter 10: Rights, User, and Group Administration.
Module 3: Configuring File Access and Printers on Windows 7 Clients
Chapter 8 Configuring and Managing Shared Folder Security.
MCSE Guide to Microsoft Windows Vista Professional Chapter 5 Managing File Systems.
Page 1 NTFS and Share Permissions Lecture 6 Hassan Shuja 10/26/2004.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
Guide to MCSE , Second Edition, Enhanced 1 Managing NTFS Permissions NTFS Only file system supported by Windows XP that offers file- level security.
NetTech Solutions Security and Security Permissions Lesson Nine.
Managing Applications, Services, Folders, and Libraries Lesson 4.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
1 Introduction to NTFS Permissions Assign NTFS permissions to specify Which users and groups can gain access to folders and files What they can do with.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Configuring and Managing Resource Access Lecture 5.
1 Chapter Overview Understanding Shared Folders Planning, Sharing, and Connecting to Shared Folders Combining Shared Folder Permissions and NTFS Permissions.
1 Introduction to Shared Folders Shared folders provide network users access to files. Users connect to the shared folder over the network. Users must.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
11/06/ أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 5.
11 SUPPORTING WINDOWS XP FILE AND FOLDER ACCESS Chapter 5.
ITMT Windows 7 Configuration Chapter 6 – Sharing Resource ITMT 1371 – Windows 7 Configuration 1.
Managing Data by Using NTFS
Managing Data by Using NTFS
Chapter 9: Managing Groups, Folders, Files, and Object Security
Creating and Managing Folders
Presentation transcript:

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources

Guide to MCDST Objectives Understand the basic Windows XP security model Understand the characteristics of the Windows XP file systems Manage NTFS permissions Use file compression Use file encryption

Guide to MCDST Objectives (continued) Manage simple and classic file sharing Manage shared folders Troubleshoot resource access problems Understand security auditing

Guide to MCDST The Windows XP Security Model Windows XP Professional –Can establish local security when used as a standalone system or in a workgroup –Can participate in domain security Access token –Includes information about: User’s identity Permissions List of groups to which user belongs

Guide to MCDST The Windows XP Security Model (continued) Access control list (ACL) –Contains a list of permissions associated with a resource Domain controller –Authenticates domain logons –Maintains the security policies and the account database for a domain

Guide to MCDST The Windows XP Security Model (continued) All objects are logically subdivided into three parts –A type identifier –A list of services or functions –A list of named attributes that may or may not have associated data items, called values

Guide to MCDST File Systems Windows XP supports –The File Allocation Table (FAT, also called FAT16) –FAT32 file systems –The New Technology File System (NTFS) –File-level security, encryption, compression, auditing, and more

Guide to MCDST FAT and FAT32 Important features of FAT –Supports volumes up to 4 GB in size –Most efficient on volumes smaller than 256 MB –A root directory that can contain only 512 entries –Has no file-level compression –Has no file-level security –A maximum file size of 2 GB

Guide to MCDST NTFS Important features –Supports volumes up to 2 TB in size –Is most efficient on volumes larger than 10 MB –Has a root directory that can contain unlimited entries –Has file-level compression –Has file-level security –Has file-level encryption

Guide to MCDST Converting File Systems FAT and FAT32 volumes on a system –Can be migrated to the NTFS format without losing data To convert an NTFS volume to FAT or FAT32, you must: –Back up your data –Reformat the volume –Restore your data

Guide to MCDST Managing NTFS Permissions NTFS –The only file system supported by Windows XP that offers file-level security –File and folder permissions are nearly identical NTFS file and folder permissions –Read –Write (folders) –Write (files)

Guide to MCDST Managing NTFS Permissions (continued) NTFS file and folder permissions (continued) –List Folder Contents (folders only) –Read & Execute (folders) –Read & Execute (files) –Modify (folders) –Modify (files) –Full Control (folders) –Full Control (files) –Special Permissions

Guide to MCDST Managing NTFS Permissions (continued)

Guide to MCDST Managing NTFS Permissions (continued)

Guide to MCDST Managing NTFS Permissions (continued)

Guide to MCDST Rules for Working with NTFS Permissions NTFS object permissions always apply NTFS object permissions are cumulative NTFS file permissions override any contradictory settings on the parent or container folder Deny overrides all other specific Allows

Guide to MCDST Rules for Working with NTFS Permissions (continued) When disabling inheritance for an NTFS object, select to: –Copy the parent object’s permissions to the current object –Remove permissions assigned from the parent and retain only object-specific settings

Guide to MCDST Inheritance of Permissions Situations in which inheritance comes into play –Moving an object within the same volume or partition –Copying an object within the same volume or partition –Moving an object from one volume or partition to another –Copying an object from one volume or partition to another

Guide to MCDST File Compression The ability to compress data on the basis of single files, folders, or entire volumes Offers the benefit of being able to store more data in the same space, but performance suffers Configuring and managing file compression –Involves enabling or disabling the file compression attribute on one or more files or folders

Guide to MCDST File Compression (continued)

Guide to MCDST Encrypting File System Allows you to encrypt data stored on an NTFS drive Uses a public and private key encryption method Does not function without a Recovery Agent Windows XP automatically designates the local Administrator as the Recovery Agent

Guide to MCDST Encrypting File System (continued) Primary benefit –If your computer is either physically accessed or stolen, the data is protected Primary drawback –The increased processing power required to encrypt all writes and decrypt all reads on the fly

Guide to MCDST Encrypting File System (continued) Each generation of operating systems uses a different default cryptography algorithm for EFS –Windows 2000 EFS uses DESX –Windows XP Professional EFS uses 3DES –Windows Server 2003 and Windows XP Professional with Service Pack 1 EFS use: AES by default Support 3DES and DESX

Guide to MCDST Simple File Sharing Used when quick and easy file sharing is needed from a Windows XP Professional system Offers a limited range of configuration options for shared resources Effective only when Windows XP is a member of a workgroup

Guide to MCDST Managing Shared Folders The Sharing tab, found on both FAT/FAT32 and NTFS folder Properties dialog boxes, offers the following controls: –Do not share this folder –Share this folder –Share name –User limit –Permissions

Guide to MCDST Managing Shared Folders (continued) Issues when working with shares –Permission levels are the only way to impose security on shared FAT volumes –Shares are folders, not individual files –Share permissions apply only to the network access point where the folder resides –Default permission for a new share is Full Control for the Everyone group

Guide to MCDST Managing Shared Folders (continued) Issues when working with shares –Multiple share permission levels caused by group memberships are cumulative –Deny always overrides any other specifics allowed –The most restrictive permissions of cumulative share or cumulative NTFS apply –Share permissions only restrict access for network users, not local users

Guide to MCDST Troubleshooting Access and Permission Problems To resolve permission or access problems: –Determine what valid access the user should have –Inspect the resource object’s permissions based on: Groups and the specific user What actions are set to Allow or Deny –Inspect the share’s permissions based on: Groups and the specific user What actions are set to Allow or Deny

Guide to MCDST Troubleshooting Access and Permission Problems (continued) To resolve permission or access problems (continued): –Inspect the user’s group memberships –Attempt to access other resources with the user account from the same computer and a different computer –Attempt to access the problematic resource with the Administrator account from the same computer and a different computer

Guide to MCDST Troubleshooting Access and Permission Problems (continued) Guidelines when designing permission levels –Grant permission only as needed –Rely upon NTFS to restrict access –Grant Full Control only when necessary, even on shares –Change permissions on a folder level; allow changes to affect all child elements

Guide to MCDST Auditing for Security Auditing –The security process that records the occurrence of specific operating system events –Events Significant occurrences in the system that require users to be notified or a log entry to be added –Can provide valuable information about: Security breaches Resource activity User adeptness

Guide to MCDST Auditing for Security (continued)

Guide to MCDST Auditing for Security (continued)

Guide to MCDST Summary Windows XP –Can participate as a client in workgroup and domain networks –Supports FAT/FAT32 and NTFS file systems Local and network access to NTFS-hosted resources –Controlled through the use of permissions Compression –Reduces the amount of drive space that some files consume

Guide to MCDST Summary (continued) File encryption –Used to restrict access to files and folders to a specific user account Sharing file resources can be done through –Simple file sharing for workgroup members or –Classic file sharing for domain members Troubleshooting access and permissions involves verifying that users are members of the correct groups

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.