CompTIA A+ Chapter 13: Users, Groups, and Permissions
Full Control
Enables you to do anything you want
Modify
Enables you to read, write, and delete both files and subfolders
List Folder Contents
Enables you to see the contents of the folder and any subfolders
Read & Execute
Enables you to see the contents of the folder and any subfolders as well as run any executable programs or associations in that folder
Read
Enables you to view a folder's contents and open any file in the folder
Write
Enables you to write to files and create new files and folders
Which is the best password for the user Joy, who has a pet named Fido and a birth date of January 8, 1982?
Of the choices listed, oddvr88* would be the best password; it has a non-alphanumeric character, which makes it more difficult for a hacker to crack.
user account
Security begins with a ______________ a unique combination of a user name and an associated password, stored in a database on your computer, that grants the user access to the system
Ownership
When you create a new file or folder on an NTFS partition, you become the owner of that file or folder. This is called ______. Owners can do anything they want to the files or folders they own, including changing the permissions to prevent anybody, even administrators, from accessing them.
The chown command
enables you to change the owner and the group with which a file or folder is associated
Change permission
Another important permission for all NTFS files and folders is the __________. An account with this permission can give or take away permissions for other accounts
Administrators
Any account that is a member of the Administrators group has complete administrator privileges. Administrator privileges grant complete control over a machine. It is common for the primary user of a Windows system to have her account in the Administrators group.
Which tool or mechanism defines what resources a user may access and what he or she may do with those resources?
Authorization through NTFS defines resources a user may access and what he or she can do with those resources
How can you encrypt an entire drive, including files and folders belonging to other users?
BitLocker Drive Encryption enables you to encrypt an entire drive, including files and folders belonging to other users.
Power Users
Members of the Power Users group are almost as powerful as members of the Administrators group, but they cannot install new devices or access other users' files or folders unless the files or folders specifically provide them access.
Users
Members of the Users group cannot edit the Registry or access critical system files. They can create groups but can manage only those they create. Members of the Users group are called standard users. If you change the Jane account from administrator to standard user, you specifically take the Jane account out of the Administrators group and place it into the Users group. Nothing happens with her personal files or folders, but what the Jane account can do on the computer changes rather dramatically.
Which of the following file systems enables you to encrypt files, thus making them unviewable by any account but your own?
The Encrypting File System (EFS) enables you to encrypt files, making them unviewable by any account but your own.
Guests
The Guests group enables someone who does not have an account on the system to log on by using a guest account. You might use this feature at a party, for example, to provide casual Internet access to guests, or at a library terminal. Most often, the guest account remains disabled.
Which option enables you to share files easily among multiple users on a single Windows system?
The Public libraries make it easy to share files among multiple users of a single system.
Which tool in Windows 8.1 enables you to create a new user account based on a global Microsoft account?
The Settings charm in Windows 8.1 enables you to create a new user account based on a global Microsoft account.
Which permission enables an administrator to change the ownership of a file without knowing the user account password for that file?
The Take Ownership permission enables an administrator to change the ownership of a file without knowing the user account password for that file
What feature in Windows 7 opens a consent prompt for standard users to enter administrator credentials to accomplish various tasks reserved for the latter group?
The User Account Control feature in Windows 7 provides a consent prompt for standard users to enter administrator credentials to accomplish various tasks normally reserved for the Administrators group.
Which of the following commands is used to change file permissions in Linux?
The chmod command enables you to change file permissions in Linux.
You copy a file from a folder on a hard drive formatted as NTFS, with permissions set to Read for everyone, to a USB thumb drive formatted as FAT32. What effective permissions does the copy of the file have?
The key here is that you are copying from an NTFS hard drive to a FAT32 USB drive. Copying from an NTFS-based partition to a FATor exFAT-based partition creates two copies of the object; the copy of the object in the new location has no effective permissions at all.
Local Security Policy
Windows provides thousands of preset security policies that you may use simply by turning them on in a utility called
Take Ownership permission
With the __________, anyone with the permission can seize control of a file or folder. Administrator accounts have Take Ownership permission for everything. Note the difference here between owning a file and accessing a file. If you own a file, you can prevent anyone from accessing that file. An administrator whom you have blocked, however, can take that ownership away from you and then access that file!
Folder permissions
________ define what a user may do to a folder. One example might be "List folder contents," which gives the permission to see what's in the folder.
File permissions
__________ define what a user may do to an individual file. One example might be "Read and Execute," which gives a user account the permission to run an executable program.
NTFS permissions
are rulesets, connected to every folder and file in your system, that define exactly what any account or group can or cannot do to the file or folder.
Permission propagation
determines what NTFS permissions are applied to files that are moved or copied into a new folder
Inheritance
determines which NTFS permissions any newly introduced files or subfolders contained in a folder receive
A group
is a container that holds user accounts and defines the capabilities of its members
Authentication
is the process of identifying and granting access to some user, usually a person, who is trying to access a system.
The chmod command
is used to change permissions
authorization:
the process that defines what resources an authenticated user may access and what he or she may do with those resources
