Chapter 6 Flashcards
What are privileges granted to a specific system entity, such as users, groups, or computers, which enable them to perform a task or access a resource?
Permissions
Rights
Attributes
Abilities
Permissions
What is used to store permissions?
ACL
ACE
Rights tree
Hive
ACL - Access Control List
What do you call permissions that run downward through a hierarchy?
Inheritance
Explicit
Translating
Converting
Inheritance
Which type of sharing is new to Windows 7? Standard sharing Public folder sharing Homegroup sharing NFS sharing
Homegroup sharing
What permission must a user have to print to a printer? Print Manage Printers Manage Documents Full Access
The icacls.exe command performs the following function. Shares folders Creates local printes configures NTFS permissions sets network configuration.
configures NTFS permissions
access control entries (ACEs)
Each ACE consists of a security principal (that is, the name of the user, group, or computer being granted the permissions) and the specific permissions assigned to that security principal.
access control list (ACL)
a collection of individual permissions, in the form of access control entries (ACEs)
effective permissions
the combination of Allow permissions and Deny permissions that a security principal receives for a given system element, whether explicitly assigned, inherited, or received through a group membership.
NTFS permissions
Control access to the files and folders stored on disk volumes formatted with the NTFS file system. To access a file, whether on the local system or over a network, a user must have the appropriate NTFS permissions.
print device
the actual hardware that produces hard copy documents on paper or other print media. Windows 7 supports both local print devices, which are directly attached to the computer’s parallel, serial, Universal Serial Bus (USB), or IEEE 1394 (FireWire) ports, or network interface print devices, which are connected to the network, either directly or through another computer.
printer
the software interface through which a computer communicates with a print device. Windows 7 supports numerous interfaces, including parallel (LPT), serial (COM), USB, IEEE 1394, Infrared Data Access (IrDA), and Bluetooth ports, and network printing services such as lpr, Internet Printing Protocol (IPP), and standard TCP/IP ports.
printer control language (PCL)
a language understood by the printer. PCLs can be standardized, as in the case of the PostScript language, or they can be proprietary languages developed by the print device manager.
printer driver
a device driver that converts the print jobs generated by applications into an appropriate string of commands for a specific print device. Printer drivers are designed for a specific print device and provide applications with access to all of the print device’s features.
print server
a computer (or stand‐alone device) that receives print jobs from clients and sends them to print devices that are either locally attached or connected to the network.
security principal
the name of the user, group, or computer being granted the permissions
Share permissions
Control access to files and folders shared over a network. To access a file over a network, a user must have appropriate share permissions and appropriate NTFS permissions.
Registry permissions
Control access to specific parts of the Windows registry. An application that modifies registry settings or a user attempting to manually modify the registry must have the appropriate registry permissions.
Active Directory permissions
Control access to specific parts of an Active Directory hierarchy. Although Windows 7 cannot host an Active Directory domain, desktop technicians might require these permissions when servicing computers that are members of a domain.
security identifiers (SIDs)
the security principals involved are users and groups
security access token
contains the SIDs for the user’s account and all of the groups to which the user belongs
authorization
compares these SIDs to those stored in the file or folder’s ACEs to determine what access the user should have
