File Systems

Question 1

How are disks, partitions, and volumes different from one another?

Answer 1

Disks are the storage hardware

Partitions are logical divisions of a disk used to define storage space.

Volumes are contained inside partitions and are used to define how individual files and folders are saved to the storage.

Question 2

What are the 2 primary partition schemes for Mac-formatted disks? What are their differences?

Answer 2

GUID Partition Table (default on Intel Macs)

Apple Partition Map (default on PowerPC Macs)

Question 3

What 2 volume formats are supported for an OS X system volume?

Answer 3

Mac OS Extended (Journaled)

Mac OS Extended (Journaled, Encrypted)

Question 4

How does file system journaling work?

Answer 4

It records what file operations are in progress at any given moment.

Question 5

What are the 4 erase options available in Disk Utility? How are they all different?

Answer 5

Fastest - replaces volume’s directory structure

Good Security - writes zeros on top of all previous disk data

Better Security - writes 3 separate passes of information on top of previous disk data

Most Secure - writes 7 separate passes of information on top of previous disk data

Question 6

How does the Secure Empty Trash feature in Finder work?

Answer 6

It preforms a 7 pass erase on the contents of the trash folder

Question 7

How can you ensure that previously deleted items are securely erased?

Answer 7

From the Erase tab in Disk Utility, you can choose to securely erase the free space of a disk or volume.

Question 8

How can you encrypt a disk without losing its contents?

Answer 8

Secondary (or Control) clicking the disk and then choose Encrypt

Question 9

What 4 methods can be used to eject a volume or disk in the finder?

Answer 9

Drag the disk icon to the trash

Press and hold the eject key for a few moments to unmount and eject optical media

Select the item and choose Eject from the file menu

In Finder, click the small eject button next to the volume

Question 10

What’s the potential side effect of improperly unmounting or ejecting a disk or volume?

Answer 10

Data corruption (The system will automatically verify and repair the disk the next time it is available)

Question 11

How does FileVault 2 protect a user’s data?

Answer 11

By using strong XTS-AES 128 encryption

Question 12

What are the system requirements for using FileVault 2 (2 things)

Answer 12

Must have hidden OS X Recovery HD on the startup disk

Any Legacy FileVault accounts must be decrypted and returned to normal accounts before enabling FileVault 2

Question 13

Which users are allowed to unlock a FileVault 2 protected system?

Answer 13

Any user that’s FileVault enabled

Question 14

How can you unlock a FileVault 2 protected system when all user accounts have lost their passwords?

Answer 14

Use the recovery key that was generated during the FileVault 2 setup

Question 15

How do you identify the ownership and permissions of a file or folder in the finder?

Answer 15

By using the info or Inspector windows of the Finder

Question 16

How do ACLs differ from standard UNIX file system permissions?

Answer 16

Standard UNIX file system permissions allow only for permissions to be set for one owner, one group, and all others.

ACLs on the other hand, allow for an essentially unlimited list of permissions entries.

Question 17

What’s the locked file flag?

Answer 17

It prevents anyone, including the item’s owner, from editing an item. Only the item’s owner can unlock the item to modify it.

Question 18

Why is the root, or beginning, level of a user’s home folder visible to other users?

Answer 18

So they can navigate to the Public shared folder

Question 19

How does the default organization of the file system allow users to safely share local files and folders?

Answer 19

Every home folder contains a Public folder that other users can read and a Drop Box folder that other users can write to.

Question 20

What’s unique about the permissions of the /Users/Shared folder?

Answer 20

The Shared folder is set up to allow all users to read and write files, but only the user who owns an item can delete it from the Shared folder. This is accomplished by using the sticky bit permissions setting.

Question 21

What does it mean when you choose the option to “ignore volume ownership” in the Finder? What are the security ramifications of ignoring volume ownership?

Answer 21

You can choose to ignore ownership on any non system volume. This will ignore any ownership rules and grant any logged-on user unlimited access to the contents of the volume. It’s a potential security risk.

Question 22

Which 2 built-in OS X applications can be used to gather information about storage devices?

Answer 22

Disk Utility

System Information

Question 23

What does the Disk Utility Verify and Repair feature do?

Answer 23

It is used to verify or repair the partition scheme and directory structure of a volume.

Question 24

What’s target disk mode and how is it engaged?

Answer 24

It shares the Mac computer’s internal disks through FireWire or Thunderbolt ports. It can be engaged from Startup Disk preferences or by holding down the T key as you start the Mac

Question 25

What permissions are modified by the Disk Utility Repair Permissions feature

Answer 25

It repairs only the ownership and permissions for items installed by Apple. However, this may resolve issues with third-party products.

Question 26

How can you reset a user’s home folder permissions?

Answer 26

Reset Password application on OS X Recovery