Chapter 4 Flashcards
Managing data access
Groups
Used to ease network administration by grouping users together who have similar permission requirements (and are an important part of network management).
SID
Security Identification number, given when a user is created on a local Windows system or on an Active Directory domain.
What happens when you assign rights to a user?
The rights and permissions get associated to the user’s SID not the username. Because of this you can rename user accounts without issues.
Folder Options
Three tabs: General, View, Search.
What does the Search tab do?
Used to configure how Windows 10 searches for files.
What Windows OS have the ability to apply data governance to your file server?
Windows Server 2012 R2, Windows 10.
What is Dynamic Access Control (DAC)?
Allows to identify data using automatic and manual data classifications and then control access to those files based on the classifications.
What is AD RMS?
Active Directory Rights Management Service encryption for Microsoft Office documents.
Difference between rights and permissions?
Rights pertain to operations on the system, whereas permissions pertain to operations on specific objects.
What is EFS?
Encrypted File System
What does a security descriptor contain?
The user/group that owns the object, the users/groups who are allowed/denied access to the object, and the users/groups whose access to the object will be audited.
How do you see who owns a directory?
Type dir /q in the command prompt.
How do you use the ICACLS command-line utility to display or modify user access permissions?
/grant grants permissions
/remove revokes permissions
/deny denies permissions
/setintegritylevel sets an integrity level of Low/Medium/High.
What is Sharing?
The process of allowing network users access to a resource located on a computer.
What is BitLocker Drive Encryption?
A feature that allows you to encrypt your entire drive (only the OS or internal hard drives).
