Microsoft OS Security--Permissions

Question 1

Users

Answer 1

Users are an identity with a set of attributes and assigned permissions.

Question 2

Groups

Answer 2

By creating groups, administrators can combine users together based on the role they perform in the company, known as role-based access control (RBAC), and the level of access that require to a resource or group of resources.

Question 3

Create a Marketing group

Answer 3

1-Create a user named student01.
2-Create a group named Marketing.
3-Add student01 to the Marketing group.

Question 4

NTFS permissions

Answer 4

NTFS permissions are assigned to files and folders, and typically combine two components:

1. User and/or group identifiers.
2. The permission assigned (level of access) to the resource.

Basic permissions:
Full control
Modify
Read & Execute
Write
Read
List folder contents

Question 5

Inherited permissions

Answer 5

it’s important to note that some permission check marks are darker than others:

Lighter: Indicates inherited or implicit permissions.
Darker: Indicates explict permissions.
Note: The Explict Deny permission is the most restrictive, so use it sparingly.

Note: All permissions are considered when a user accesses a file or folder. If the user is a part of multiple groups assigned to a resource, the least restrictive NTFS permission applies.

Question 6

Shared permissions

Answer 6

Shared permissions apply to folders than are made available to other users over a network connection. Permissions include:

Full control
Change
Read

Accessing a shared resource over a network will apply both shared permissions and NTFS permissions, and the most restrictive permission will be the effective permission.