Chapter 5 Managing File Systems (Hot Points Part 2)
• Members of the computer's Administrators group have full control. • The operating system has full control. • Members of the computer's Users group have the ability to read and execute programs. • Authenticated users have the ability to create folders in this folder. • Authenticated users have the ability to create files and write data in subfolders only.
The first level of folder in an NTFS partition is the root folder. The default permissions assigned to this folder on the C: drive are:
individual permissions
The list of _______ is only visible when editing a permission entry in the advanced security view
enabled
The option to inherit permissions from the parent is ____ by default.
Read
The permission used for folders allows files and folder data, attributes, ownership, and security to be viewed.
Write
The permission used for folders allows new files and folders to be created in the current folder.
FAT NTFS UDF
The primary file systems used to format bulk storage are?
• Write • Read • List folder contents • Read & execute • Modify • Full control • Special
The standard NTFS permissions for folders and files are:
List Folder Contents
This permission only applies to folders. Without this permission, the files and folders contained in a folder cannot be listed. The user or application can still access the files if they have permission and know the exact file or folder name.
Read & Execute
This permission used for files allows read access to the file's information and, if it is an executable file, the user is allowed to run it. This permission automatically includes the Read permission.
Read & Execute
This permission used for folders allows read access to files and folders below this point. This is the equivalent of enabling Read and List Folder Contents
Full Control
This permission used for folders allows the same actions as Modify plus the ability to change permissions and allow a user to take ownership of the folder. This permission used for files allows the same actions as Modify plus the ability to change permissions and allow a user to take ownership of the file.
Modify
This permission used for folders allows the same actions as Write and Read & Execute permissions combined. The folder can also be deleted. This permission used for files allows the same actions as Write and Read & Execute permissions combined. Files can also be deleted.
Security tab of the drive's properties
To see the permissions for the root folder of an NTFS-formatted volume, view the ?
Effective Permissions
To simplify the analysis, the advanced security view for any file or folder includes a tab called Effective Permissions
drive letters mount points
Users and applications can use _______ to access partitions and volumes
Full control standard permission individual NTFS permission take ownership
Users with the __________ can also assume ownership of a file
scope
When an NTFS permission setting is applied to a file or folder, it also has a______ assigned. The _______ scope determines what other objects are impacted by the assigned permission.
Write
permission used for files allows file data to be rewritten. The file's attributes can be changed and the file's ownership and security can be viewed.
Read
permission used for files allows the file's data, attributes, ownership, and security to be viewed.
False
A folder that is set as encrypted is encrypted itself. (True or False)?
• Members of the computer's Administrators group have full control. • The operating system has full control. • Members of the computer's Users group have the ability to read and execute programs. • Authenticated users have the ability to create, modify, and delete files and folders in this folder and its subfolders.
The default permissions assigned to subfolders on the C: drive and the root folder on all other NTFS partitions are:
NTFS
The encrypt attribute is only supported on volumes and partitions formatted with the _____ file system
Access Control List (ACL)
Every file and folder stored on an NTFS partiton has its own __________.
• This folder only • This folder, subfolders, and files • This folder and subfolders • This folder and files • Subfolders and files only • Subfolders only • Files only
For files, the scope is limited to this object only, which is just the file itself. For folders, the scope can be set to:
fine-tune
Many Individual NTFS permissions exist to _______ access and control for files and folders.
Administrator group
Members of the ________ have the right, by default, to assign or take ownership of a file or folder.
True
NTFS allows special support for larger partitions, alternate data streams, sparse files, file names with special characters, and transactional reliability. (True or False)
symbolic links
NTFS allows the use of file system objects called _______ that transparently point to files and folders in other locations.
• NTFS standard permissions • Individual NTFS permissions
NTFS permissions are assigned using two formats:
first folder
NTFS permissions for folders apply to the ____ on which they are used.
disabled or the file is saved
Once a file is encrypted it will remain encrypted unless the encrypt attribute is ____________ to a destination volume that does not support encrypt.
True
Once inheritance is blocked, the object needs new permissions assigned to it. (true or false)?
valid digital security keys
Only users with _______ can decrypt and access an encrypted file's contents.
• Permissions can be inherited or directly assigned. • Each permission has a scope that determines what range of objects it applies to. • Permissions can be allowed or denied. • Permissions can be applied to groups, and any member of that group receives those permissions. • Users can be members in multiple groups that have different permissions to the same object. • Owners of a file or folder have full control of the object.
Permissions on files and folders can be difficult to analyze. Many items have an impact on calculating permissions:
backup or shadow copies
Previous versions of a file on the local computer are generated by a?
True
Standard NTFS permissions represent a collection of predetermined individual NTFS permissions. (true or false)
Access Control Entries (ACE)
The ACL is a collection of _________ that identify a specific security identifier (that is, who) can perform a given action (that is, what) to a file or folder.
owner
The _____ of a file or folder always has the ability to assign permissions to that file or folder, regardless of what existing permissions are assigned.
Previous Versions
The ________ tab can be used to restore files from backup or shadow copies.
recovery agent
The ___________ is a special user account(s) set by domain policy to allow access to encrypted content in case the local users with access are accidentally deleted.
System and Not content indexed
The attrib command-line utility is used to manage the _____________ attribute flags which cannot be accessed by using Windows Explorer
same
The compress attribute on the file becomes the _____ as the target folder's compress attribute setting.
A folder structure should be designed so that permissions can easily flow down from the top folder to the bottom A folder structure should have a specific permission strategy before users are allowed to store files in it. Specific permissions can be applied to a file or folder for a given user or group of users. Strategically placing permissions based on identifying a specific group is easier to document and explain Exceptions to permissions can be made with specific assignments to files and folders that combine with inheritable and group permissions. All folder permissions strategies should be tested before users are allowed to access and store files
When designing a permission strategy for files and folders, there are several best practices to consider:
True
When files and folders are moved from one location on the volume to another location on the same volume, new content is not created; only pointers to the content are moved in the database. (true or false)
Inherited From column
When viewing the advanced security settings for a folder, the _________ shows where a permission setting was first applied
NTFS
_______ files and folders are protected by standard permissions
Inheritance
_________ allows a permission setting to be con gured at a higher level in the file system and have it propagate to lower subfolders and files.
Copy
_________ operations always create new versions of the content that is being copied.
Permissions strategies
_________ should be carefully considered and documented before they are implemented.
previous versions
can use this tab to restore a previous version of a file after it has been modi ed or deleted
