CH 14 Test
what is ESRB
(Entertainment Software Rating Board) ratings, such as E for Everyone, T for Teen, or M for Mature.
NTFS permissions: Change permission
Another important permission for all NTFS files and folders is the Change permission. An account with this permission can give or take away permissions for other accounts.
Administrators Group
Any account that is a member of the Administrators group has complete administrator privileges. Administrator privileges grant complete control over a machine. It is common for the primary user of a Windows system to have her account in the Administrators group. When you create the Jane user account, in other words, and make Jane an administrator, you actually place the Jane account in the Administrators group. Because the Administrators group has all power over a system, Jane has all power over the system.
*BitLocker To Go* does what
BitLocker To Go enables you to apply BitLocker encryption to removable drives, like USB-based flash drives. Although it shares a name, BitLocker to Go applies encryption and password protection, but doesn't require a TPM chip
what is the TPM and how does it relate to bitlocker
BitLocker requires a special Trusted Platform Module (TPM) chip on the motherboard to function. The TPM chip (which we looked at earlier, in Chapter 6, "BIOS") validates on boot that the computer has not changed
What is the deny in relation to Inheritance and what does it do
Clicking the Deny checkbox for a particular NTFS permission (see Figure 14.27) tells Windows to overrule inheritance and stop that particular NTFS permission.
What 4 things can happen with permission propagation 1 Copying data within one NTFS-based volume ■ Moving data within one NTFS-based volume ■ Copying data between two NTFS-based volumes ■ Moving data between two NTFS-based volumes
Copying data within one NTFS-based volume ■ Moving data within one NTFS-based volume ■ Copying data between two NTFS-based volumes ■ Moving data between two NTFS-based volumes Let's look at our list of four things techs need to know to see what happens when you copy or move an object, such as a file or folder. 1. Copying within a volume creates two copies of the object. The copy of the object in the new location inherits the permissions from that new location. The new copy can have different permissions than the original. 2. Moving within a volume creates one copy of the object. That object retains its permissions, unchanged. 3. Copying from one NTFS volume to another creates two copies of the object. The copy of the object in the new location inherits the permissions from that new location. The new copy can have different permissions than the original. 4. Moving from one NTFS volume to another creates one copy of the object. The object in the new location inherits the permissions from that new location. The newly moved file can have different permissions than the original. **** ONLY TIME A FILE RETAINS ITS PERMISIONS IS WHEN MOVING WITHIN A VOLUME****
NTFS permissions: Full Control
Enables you to do anything you want
NTFS permissions: Modify
Enables you to read, write, and delete both files and subfolders/Enables you to read, write, and delete the file
NTFS permissions: List Folder Contents
Enables you to see the contents of the folder and any subfolders
NTFS permissions: Read & Execute
Enables you to see the contents of the folder and any subfolders as well as run any executable programs or associations in that folder/Enables you to open and run the file
NTFS permissions: Read
Enables you to view a folder's contents and open any file in the folder/Enables you to open the file
NTFS permissions: File permissions
File permissions define what a user may do to an individual file. One example might be "Read and Execute," which gives a user account the permission to run an executable program.
In Windows, every file and folder on an NTFS partition has a list that contains two sets of data. What are they and what do they do?
First, the list details every user and group that has access to that file or folder. Second, the list specifies the level of access that each user or group has to that file or folder. The level of access is defined by a set of restrictions called NTFS permissions
NTFS permissions: Folder permissions
Folder permissions define what a user may do to a folder. One example might be "List folder contents," which gives the permission to see what's in the folder.
expand on UAC slider
In Figure 14.57, you can see a slider with four levels. The top level (Always notify) means you want UAC to work exactly as it does in Vista, displaying the aggressive consent form every time you do anything that typically requires administrator access. The bottom option (Never notify) turns off UAC. The two levels in the middle are new and are very similar. Both of them do the following: ■ Don't notify me when I make changes. ■ Notify me only when programs try to makes changes. The only difference is in how they show the change. The second-fromtop level will display the typical consent form, but only when programs try to make changes. The third-from-top level displays a consent form, but where the normal consent form dims your desktop and doesn't allow you to do anything but address the form, this consent form just pops up like a normal dialog box.
**What is Inheritance, thoroughly explain**
Inheritance is the process of determining the default NTFS permissions any newly introduced files or subfolders contained in a folder receive. The base rule of Windows inheritance is that any new files or folders placed into a folder automatically get all the NTFS permissions of the parent folder
what tab for Add/Edit Users and/or Groups
It's now time to add users and groups and set their NTFS permissions. Head over to the Security tab
Power Users group
Members of the Power Users group are almost as powerful as members of the Administrators group, but they cannot install new devices or access other users' files or folders unless the files or folders specifically provide them access.
Users group
Members of the Users group cannot edit the Registry or access critical system files. They can create groups but can manage only those they create. Members of the Users group are called standard users
what do the The three groups, in order, stand for in Linux permissions
Owner Permissions for the owner of this file or folder ■ Group Permissions for members of the group for this file or folder ■ Everyone Permissions for anyone for this file or folder
What is Permission Propagation
Permission propagation is the process of determining what NTFS permissions are applied to files that are moved or copied into a new folder.
what are Security Policies
Security policies are just rules we apply to users and groups to do, well, just about everything but NTFS permissions. Would you like to configure your system so that the Accounting group can only log on between 9 a.m. and 5 p.m.? There's a security policy for that. How about forcing anyone who logs on to your system to use a password that's at least eight characters long? There's a security policy for that as well. Windows provides thousands of preset security policies that you may use simply by turning them on in a utility called Local Security Policy.
Guests group
The Guests group enables someone who does not have an account on the system to log on by using a guest account. You might use this feature at a party, for example, to provide casual Internet access to guests, or at a library terminal. Most often, the guest account remains disabled.
what is the Inheritance base rule
The base rule of Windows inheritance is that any new files or folders placed into a folder automatically get all the NTFS permissions of the parent folder
what is the chmod command and its number system
The chmod command is used to change permissions. Sadly, it uses a somewhat nonintuitive numbering system that works as follows: r: 4 w: 2 x: 1 For example, we can interpret the permissions on -rw-rw-r-- 1 mikemyers mi6 299 Oct 2 18:36 launch_codes as follows: ■ Owner's permissions are 6: 4+2 (rw-) ■ Group's permissions are 6: 4+2 (rw-) ■ Everyone's permissions are 4: 4 (r--) The chmod command uses the following syntax to make permission changes: chmod <permissions> <filename> Using this nomenclature, we can make any permission change we want using only three numbers. The current permissions can be represented by 664. If we want to keep the launch codes out of the wrong hands, we just change the 4 to a 0: 660. To make the change, we use the chmod command as follows:
what is the chown command and how do you use it (syntax)
The chown command enables you to change the owner and the group with which a file or folder is associated. The chown command uses the following syntax: chown <new owner> filename To change the group, use the following syntax: chown <owner>:<group> filename
what are the 3 letters in Linux permissions and what do they stand for in order
The letters r, w, and x represent the following permissions: ■ r Read the contents of a file ■ w Write or modify a file or folder ■ x Execute a file or list the folder contents
The primary way to set NTFS permissions
The primary way to set NTFS permissions is through the Security tab under the Properties of a folder or file
what is User Account Control (UAC) *REVISITED* (elaborate), what Version of windows did UAC roll out in
User Account Control enables users to know when they are about to do something that has serious consequences. Here are some examples of common actions that require administrator privileges: ■ Installing and uninstalling applications ■ Installing a driver for a device (e.g., a digital camera driver) ■ Installing Windows Updates ■ Adjusting Windows Firewall settings ■ Changing a user's account type ■ Browsing to another user's directory rolled out in VISTA
What is UAC and what does it do?
User Account Control, a feature that enables standard users to do common tasks and provides a permissions dialog box when standard users and administrators do certain things that could potentially harm the computer (such as attempt to install a program).
NTFS permissions: Ownership
When you create a new file or folder on an NTFS partition, you become the owner of that file or folder. Owners can do anything they want to the files or folders they own, including changing the permissions to prevent anybody, even administrators, from accessing them.
what versions of windows offer full drive encryption
Windows Ultimate and Enterprise editions and Windows 8/8.1 Pro offer full drive encryption through BitLocker Drive Encryption
NTFS permissions: Take Ownership permission
With the Take Ownership permission, anyone with the permission can seize control of a file or folder. Administrator accounts have Take Ownership permission for everything. Note the difference here between owning a file and accessing a file. If you own a file, you can prevent anyone from accessing that file. An administrator whom you have blocked, however, can take that ownership away from you and then access that file!
how to encrypt files/folders
You right-click on the file or folder you want to encrypt and select Properties. In the Properties dialog box for that object, select the General tab and click the Advanced button (see Figure 14.38) to open the Advanced Attributes dialog box. Click the checkbox next to Encrypt contents to secure data
what are NTFS permissions
define exactly what any particular account can or cannot do to the file or folder and are thus quite detailed and powerful
NTFS permissions: Write
e Enables you to write to files and create new files and folders/Enables you to open and write to the file
Permissions are cumulative, what does this mean
e. If you have Full Control on a folder and only Read permission on a file in the folder, you get Full Control permission on the file
what system does windows use for **FULL DRIVE ENCRYPTION**
full drive encryption through BitLocker Drive Encryption