Guide - Part 3: File Systems Flashcards

1
Q

How are disks, partitions, and volumes different from one another?

A

Disks are the actual storage hardware; partitions are logical divisions of a disk used to define the storage space; and volumes, contained inside partitions, are used to define how the individual files and folders are saved to the storage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the two primary partition schemes for Mac- formatted disks? What are their differences?

A

GUID Partition Table is the default partition scheme on Intel- based Mac computers, and Apple Partition Map is the default partition scheme on PowerPC-based Mac computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What two volume formats are supported for an OS X system volume?

A

The volume formats supported as system volumes for OS X are Mac OS Extended (Journaled) and Mac OS Extended (Journaled, Encrypted).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How does file system journaling work?

A

File system journaling records which file operations are in progress at any given moment. This way, if a power failure or system crash occurs, after the system restarts, it will be able to quickly verify the integrity of the volume by “replaying” the journal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Core Storage, and what two major OS X features are implemented via Core Storage?

A

Core Storage is a file system management layer that’s used by OS X to provide disk encryption as used by FileVault, and combine separate disks as used by Fusion Drive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the four erase options available in Disk Utility? How are they all different?

A

The four erase options in Disk Utility are:
• Fastest, which simply replaces the volume’s directory
structure
• A second choice, which provides good security by writing zeroes on top of all the previous disk data
• A third choice, which provides even better security by writing three separate passes of information on top of the previous disk data
• Most Secure, which provides the best security by writing seven separate passes of information on top of the previous disk data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How does the Secure Empty Trash feature in Finder work?

A

Secure Empty Trash will perform a 7-pass erase on the contents of the Trash folder.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can you ensure that previously deleted items are securely erased?

A

From the Erase tab in Disk Utility, you can choose to securely erase the free space of a disk or volume. This securely erases any previously deleted files on the selected disk or volume.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How can you encrypt a disk without losing its contents?

A

From the Finder, you can encrypt a disk without losing its contents by secondary (or Control-) clicking the disk and choosing Encrypt from the shortcut menu.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What four methods can be used to eject a volume or disk

from the Finder?

A

The four methods used to eject a volume or disk from the Finder are:
• Drag the disk icon to the Trash in the Dock
• Press and hold the Eject key for a few moments to
unmount and eject optical media
• Select the volume you want to eject and choose Eject from the File menu
• In the Finder sidebar, click the small Eject button next to the volume you want to unmount and eject

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What’s the potential side effect of improperly unmounting or ejecting a disk or volume?

A

Improperly unmounting or ejecting a drive or volume may cause data corruption. The system automatically verifies and repairs an improperly unmounted or ejected volume the next time it becomes available to the Mac.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How does FileVault protect a user’s data?

A

FileVault protects the entire system volume and all its data by using strong XTS-AES 128 encryption. During system startup, a FileVault-enabled user must enter a password to decrypt the system volume.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the system requirements for using FileVault?

A

To enable FileVault, OS X systems must have the hidden OS X Recovery HD volume on the system disk. Also, any Legacy FileVault accounts must be decrypted and returned to normal accounts before FileVault can be enabled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which users are allowed to unlock a FileVault-protected system?

A

Any user who’s FileVault enabled is allowed to unlock a FileVault-protected system. This includes any local or cached network user account that was enabled when FileVault 2 was set up or created after FileVault 2 was enabled. Further, administrators may return to Security & Privacy preferences to enable additional accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How can you unlock a FileVault-protected system when all user accounts have lost their passwords?

A

A FileVault-protected system can be unlocked using the recovery key that was generated during the FileVault setup
process. This key can be entered during system startup and will allow you to reset the user’s account password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How do you identify the ownership and permissions of a file or folder in the Finder?

A

An item’s ownership and permissions can be identified using the Info or Inspector windows in the Finder.

17
Q

How do ACLs differ from standard UNIX file system permissions?

A

Standard UNIX file system permissions allow for permissions to be set only for one owner, one group, and all others. ACLs, on the other hand, allow for an essentially unlimited list of permissions entries.

18
Q

What’s the locked file flag?

A

The locked file flag prevents anyone, including the item’s owner, from editing an item. Only the item’s owner can unlock the item to then allow modification.

19
Q

Why is the root, or beginning, level of a user’s home folder

visible to other users?

A

The root level of a user’s home folder is visible to other users so they can navigate to the Public shared folder.

20
Q

How does the default organization of the file system allow users to safely share local files and folders?

A

Every home folder contains a Public folder that other users can read and a Drop Box folder that other users can write to. All other subfolders in a user’s home folder (except the optional Sites folder) have default permissions that don’t allow access to other users. The Shared folder is also set for all users to share items.

21
Q

What’s unique about the permissions of the /Users/Shared folder?

A

The Shared folder is set up to allow all users to read and write files, but only the user who owns an item can delete it from the Shared folder. This is accomplished using the sticky bit permissions setting.

22
Q

What does it mean when you choose the option to “ignore volume ownership” in the Finder? What are the security ramifications of ignoring volume ownership?

A

You can choose to ignore ownership on any nonsystem volume. This will ignore any ownership rules and grant any
logged-on user unlimited access to the contents of the volume. It’s a potential security risk because it will allow any local user account to have full access to the volume, even if that user didn’t originally mount the volume.

23
Q

Which two built-in OS X applications can be used to gather information about storage devices?

A

Disk Utility and System Information can both be used to gather information about storage devices.

24
Q

What does the Disk Utility Verify and Repair feature do?

A

The Disk Utility Verify and Repair feature is used to verify or repair the partition scheme and directory structure of a volume. These elements contain the information used to locate files and folders on the volume.

25
Q

What is target disk mode and how is it engaged?

A

Target disk mode is a Mac-specific hardware feature that, when engaged, will share the Mac computer’s internal disks through the FireWire ports. Target disk mode can be engaged from Startup Disk preferences or by holding down the T key as you turn on the Mac.

26
Q

Which permissions are modified by the Disk Utility Repair Permissions feature?

A

The Disk Utility Repair Permissions feature repairs only the ownership and permissions for items installed by Apple. However, this may resolve issues with third-party products.

27
Q

How can you reset a user’s home folder permissions?

A

A user’s home folder permissions can be reset from the Reset Password application on OS X Recovery.