Sharing Resources & Wrights Management (Chapter 5) Flashcards
User & Group account
User Account
- The logon ID that identifies each user
Security Group
- a collection of user accounts that can be assigned permission
Computer management\ local User and Group
- allows for managing groups
Group account windows Home
Only allowed creation of two group types
- Standard User
- Administrative User
Group account windows professional
Allows the creation of multiple groups
- Administrative User
- Guest User
- Power User
Local & Group user management console
Group User Command Prompt
- net user ‘username password’ /add
Group User Command Prompt
- net user ‘username password’ /add
Commands used to add users to a group
Local Security Policy
Policy
- a subset of a security profile, and a document that outlined the specific requirements and rules that everyone must meet
Administrative Tools\ Local Security Policy
SSO
Single Sign-On
An authentication technology that allows a user to authenticate once and be authorised for multiple services
Credential Manager
Is a cache that stores password for website/windows
Peer-to-peer Network
A network with no dedicated server and each computer acts as both a sever and a client
Workgroup
A small group of computers on a network that shares resources in a peer-to-peer fashioned
Homegroup
A windows networking feature designed to allow window 7 & 8 home network to share files and printers easily through a simple password protection mechanism
Share
The ability to share a resource over a network,
- share folder are open and cant have any share permission assigned to it, folders within the share can have permissions assigned
- requires a Share Name & Maximum number of user allowed to connect at once
Share Permission
Full Control
- read, edit, create, delete and assign permissions
Change
- read, edit, create and delete
**Read*
- read
NTFS manages the permissions
Network Drive
A local share that has been assigned a drive letter, such as on a Network attached Storage devices
NTFS Folder Premission
A drive format that gives added security to the drive in the form of permission.
- sub folders and all files of a folder with set permissions also inherit same permission
- Read
- Write
- List ( view names of files & subfolder)
- Read & Execute
- Modify
- Full control
2 Level Permission
1) Application folders
- read/execute permission
2) Data storage
- Modify or read permission.
3) Home directories
- full control given to a relevant user
Permission types
Share Permission
- permission assigned to a shared resources on a network
-only works when trying to access the share over the network
NTFS
- permission assigned to folders and files that is applied each time the folder/file is being accessed
Share / NTFS Permission best practices
- subfolder and files that have a permission set on their present folder also inherit the same permission
- Share and NTFS permission can be applied to a folder/file but the most restrictive permission will be applied
- if a user is in two different NTFS groups with different permissions for each set, then the least effective applies
Effective Access
Allows you view the permissions that a user/ group will have to a folder/file
Accounts Directory
Local Accounts
- an account that is only associated with the computer it was created one
Local Security Accounts database
- a local database where local system account information is stored
Security Accounts Manager
- where all the security information for the local Account is stored
Windows Sever Domain Controller
- windows based server that provides domain authentication services
Active Directory Domain Services
The database that contains the user,groups and computer accounts in a window server domain
Member Server
Any server-based system that have been configured into the domain, but do not maintain a copy of the Active Directory Database
Organizational Unit
a way of dividing the domain up into different administrative realms (Containers) in a Window Active Directory
Windows Domain
A form of network in which all computers, printers, security protocol are registered to a central database that centralizes settings
- Domain security
- configuration
- Policy Settings
Organizational Units
A server that has been has been configured differently to the Active directory Database to act as different administrative role
Group Policy Objects (GPO)
- means of applying security settings and other administrative settings across a range of computers and users
Administrative Templates
- GPO files for registry-based policy management (.ADM extension)
Security Templates
- settings for services and policy configuration for a server operating in a particular application role
RSoP
- a group of policy report showing all of the GPO settings and how they affect the network
Folder Redirection
A Microsoft technology that allows an administrator user to redirect the path of a local folder to a folder on a network share, making the data available to the user when they log into any computer on the network where the network share is located.
Roaming Profiles
A Microsoft Technology that redirects user profiles to a network share so that the information is available when the user logs into any computer on the network
Offline files
Files/folders from a network share that are cached locally