Mike Meyers' CompTIA A+ Chapter 13 Users, Groups, and Permissions
group
* A _________ is a container that holds user accounts and defines the capabilities of its members *an efficient way of managing multiple users * assign a certain level of access for a file or folder
Users
* Members of the _________ group cannot edit the Registry or access critical system files * Can create groups but manage only those they create * Members of this group are also called Standard users.
Local Users and Groups
* help you create, modify, and delete users and groups * Accessed through Computer Management
administrative shares
**Created by default—appear as C$ or ADMIN$ Used so administrators can access everything If deleted, recreated at reboot Cannot change their default permissions Hidden—do not appear when you browse a machine over the network, though you can map them by name
User Account Control (UAC)
*stop unauthorized changes to Windows *enables users to know when they are about to do something that has serious consequences *a pop-up dialog box that seemed to appear every time you tried to do anything
local user account
Every Windows system stores the user accounts as an encrypted database of user names and passwords. Windows calls each record in this database a ________
Change permission
Account with this permission can give or take away permissions for other accounts.
Security policies
All Windows versions have a Local Security Policy utility. Open a command line and run secpol to access. Security policies are organized as containers with subcontainers of preset policies
Administrators
Any account that is a member of the ______________ group has complete _____________ privileges, which grant complete control over a machine
Take Ownership permission
Anyone with the permission can seize control of a file or folder. Administrator accounts have ________ for everything.
Ownership
Creating a new file/folder makes you the owner. Owners can do anything they want to the files or folders they own. Can change permissions to prevent anybody from accessing them, if desired
Folder permissions
Define what a user may do with a folder Example: List folder contents
File permissions
Define what a user may do with an individual file Example: Read and Execute - permission to run an executable program
chown command
Enables you to change owner and group with which a file or folder is associated Syntax: chown <new owner> filename
Power Users group
Existed before Vista to give almost all power of an administrative account
Copying from one NTFS volume to another
Inherits new permissions
Copying within a volume
Inherits new permissions
Moving from one NTFS volume to another
Inherits new permissions
Moving within a volume
Keeps original permissions
Power Users
Members of the ________ group are almost as powerful as Administrators, but they cannot install new devices or access other users' files or folders unless the files or folders specifically provide them access.
Guests
The Guests group enables someone who does not have an account on the system to log on by using a guest account.
Security tab
The top section is a list of users and groups that currently have NTFS permissions to that folder, and the bottom section is a list of NTFS permissions for the currently selected users and groups
chmod command
Used to change permissions Uses numbering system r:4; w:2, x:1
user account
User name and password combination, stored in a database on your computer, that grants the user access to the system
Sharing Resources
Windows 7 *Sharing is simple through Public libraries for documents, music, pictures, and videos. *Open Windows Explorer and click down arrow next to one of the libraries folders. Windows 8/8.1/10 *These Windows versions have the same Libraries as Windows 7, but not visible by default. *To display, right-click on white space on left side of navigation section of File Explorer.Select Show libraries
NTFS permissions
_________ are rulesets, connected to every folder and file in your system, that define exactly what any account or group can or cannot do to the file or folder.
BitLocker Drive Encryption
_____________ encrypts the whole drive, including every user's files, so it's not dependent on any one account
Permission propagation
______________ determines what NTFS permissions are applied to files that are moved or copied into a new folder.
Inheritance
_____________is the process of determining default NTFS permissions for newly introduced files or subfolders. Any new files or folders placed into a folder automatically get all the NTFS permissions of the parent folder.
Encrypting File System (EFS)
an encryption scheme that any user can use to encrypt individual files or folders on a computer *encrypted files is based on that specific installation of Windows
strong password
at least eight characters in length, including letters, numbers, and non-alphanumeric symbols
global user account
functions like a local account but adds the benefit of synchronizing some of your stuff with the global account settings
Sharing Folders and Files
right-click on a file or folder, select Properties, and head over to the Security tab
encryption
scrambling of data
local shares
shares added manually are called _______
Authentication
the process of identifying and granting access to some user, usually a person, who is trying to access a system
Authorization
the process that defines what resources an authenticated user may access and what he or she may do with those resources *NTFS file system defines specific resources the user may access