Presentation is loading. Please wait.

Presentation is loading. Please wait.

C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.

Published byOctavia Dean Modified over 8 years ago

Similar presentations

Presentation on theme: "C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in."— Presentation transcript:

1 C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING

2 INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in FAT files type. NTFS permission is used to identify which users & groups can gain access to the files & folders.

3 FILE PERMISSION & FOLDER PERMISSION Standard permission = permissions that controls a broad range of permissions. Ex: Full control Folders have same standard permissions as files but Folder has extra standard permission which is ‘List Folder Contents’

4 S TANDARD NTFS FILE & FOLDER PERMISSION

5 P LANNING NTFS PERMISSIONS Guidelines to follow before assigning permissions: Group the files into application, data & home folders to simplify administration Benefit: assign permissions only to folders not to the individual files, backup is less complex. Allow users only the level of access that they require Create group according to the access that the group member requires for resources. Assign the read & execute permission to the user group & administrator when you assign permission to work with data / application folders. Assign read & execute permission & the write permission to the users group. Full Control permission to owner for public data folders.

6 P LANNING NTFS PERMISSIONS Deny permissions only when it is essential to deny specific access to a specific user account / group. Encourage users to assign permissions to the files & folders that they create & educate them about how to do so.

7 T AKE OWNERSHIP OF FILES & FOLDERS Every object (files & folders) on an NTFS volume has an owner who controls how permissions are set on the object & to whom permissions are granted. When a user creates an object, the user automatically becomes the object’s owner. The owner of a file, an administrator or anyone with Full Control permission can assign Take Ownership permission to a user account / group.

8 T AKE OWNERSHIP OF FILES & FOLDERS The following rules apply for taking ownership of file/folder. Current owner / user with Full Control can assign the full control standard permissions or the Take Ownership special access permission to another user account / group. Administrator can take ownership of a file or folder. If an administrator takes ownership, the Administrator group can become the owner & any member from this group can change the permissions for file & folders and assign the Take Ownership permission to other group/user

9 N TFS PERMISSIONS INHERITANCE By default, permissions that you assign to the parent folder are inherited to the subfolders 7 files contained in the parent folder. You can also prevent this inheritance by un-checking the ‘Inherit from parent the permission entries that apply to child objects’ box.

10 E FFECTS ON COPYING FILES & FOLDERS Permissions change when you copy files/folders from one folder to another or from one volume to another. Ex: if you copy folders to the FAT volumes, the folder will lose their NTFS permissions.

11 E FFECTS ON COPYING FILES & FOLDERS When you copy a file within or between NTFS volumes, note the following; Windows XP professional treats it as a new file & takes on the permissions of the destination folder. You must have write permission for the destination folder to copy files & folders. You become the creator and owner.

12 E FFECTS ON COPYING FILES & FOLDERS When you move a file or folder within NTFS volume; The file / folder retains the original permissions. You must have write permission for the destination folder to move files & folders to it. You must have modify permission for the source file/folder You become the creator & owner.

13 E FFECTS ON COPYING FILES & FOLDERS When you move a file / folder between NTFS volumes: The file/folder inherits the permissions of the destination folder. You must have the write permission for the destination folder to move files & folders into it. You must have the modify permission for the source file / folder. You become the creator & owner.

14 O VERVIEW OF SECURITY POLICY Security policy = to be secure for a system, organization or other entity. There are 2 types of policies in Windows XP Professional; Local security policy – applied to specific computers that are members of a workgroup Group policy – applied to sites, domain & it effects all computers or users that are members of the container to which the group policy is assigned.

15 L OCAL SECURITY POLICY Allows you to implement security relevant settings on a local computer such as group membership, permissions & rights, password requirements, desktop setting etc. Some of the settings are: Account policy – password policies Local policies – audit policy, user right & security option Public key policies – used to configure encrypted data recovery agent & trusted certificate authorities. Software restriction policies – prevent unwanted applications IP security policies – configure the security of network internet protocol System services – manage security setting such as print services, internet services, network services etc Registry – to manage registry subkeys & entries File system – manage security settings on local file system

16 G ROUP POLICY Administrators primary tool for controlling how programs, network resources & the Operating system behaves. It can be configured at the local level / within the active directory structure. Administrators can manage the group policy components such as enforce password history, administrative templates, security settings, software installation, scripts and folder redirection.

17 C ONFIGURING ACCOUNT POLICY Account policy = a policy that controls the password requirements & how the system responds to invalid logon attempts. 2 ways to configure; Password policy & Account lockout policy

18 C ONFIGURING ACCOUNT POLICY

19

20 C ONFIGURING USER RIGHT Administrators can assign specific rights to group accounts / individual user accounts. These rights authorize users to perform specific actions such as logging on the system interactively or backing up files / directories. It is recommended that user rights should be assigned only to groups & not the individual group accounts. 2 types of user rights ; privileges & Logon rights

21 C ONFIGURING SECURITY OPTIONS Windows XP Professional’s special security options are grouped into the following categories: accounts, audit, devices, domain controller, domain member, interactive logon, microsoft network client, network access, network security, recovery console, shutdown, system cryptography & system objects. These options can be accessed in the Local Security window which is inside the Local policy Folder.

22 S ECURITY OPTIONS

Download ppt "C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in."

Similar presentations

MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.

1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.

1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Group Accounts; Securing Resources with Permissions

Group Accounts; Securing Resources with Permissions
Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.

Microsoft ® Official Course Module 7 Configuring File Access and Printers on Windows ® 8 Clients.

Similar presentations

Ads by Google