Chapter 13 - User Groups and Permissions

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

A strong password should be at least _______________ characters in length.

eight

List three recommendations with regard to good password practices.

-Use eight or more characters in length. -Use combinations of letters, punctuation symbols and numbers. -Do not use names, e.g. your spouse or pets

Which character in a password is most helpful in defeating common word hacks?

@

What problem can arise with a policy requiring users to change passwords at regular intervals?

Although the concept of regularly changing passwords sounds good on paper, it is a hard policy to maintain in the real world. For starters, users tend to forget passwords when they change a lot. This can lead to an even bigger security problem because users start writing passwords down.

What process identifies and grants access to a user who is trying to access a system?

Authentication

A user account with the _______________ permission can give or take away permissions for other accounts.

Change

With the ____________________ permission for an NTFS partition, you can give or take away permissions for other accounts.

Change

Clicking the _______________ checkbox for a particular NTFS permission tells Windows to overrule inheritance and stop that particular NTFS permission.

Deny

List a few examples of the Public libraries in the Windows 7.

Documents, Music, Pictures, and Videos.

In a Windows system, what is a local user account?

Every Windows system stores the user accounts as an encrypted database of user names and passwords. Windows calls each record in this database a local user account.

How many notification levels of UAC did Microsoft include in Windows 7?

Four

In professional editions of Windows, the _______________ is a powerful too that can be used to create, modify, and remove users and groups.

Local Users and Groups

In Windows 7, which UAC notification level is the default setting?

Notify me only when programs try to make changes

How are Libraries folders displayed in Windows File Explorer?

Right-click in the navigation section and click Show Libraries.

The primary way to set NTFS permissions is through the _______________ tab under the folder or files Properties.

Security

What chip on the motherboard validates on boot that you still have the same operating system installed and that the computer was not hacked by some malevolent program?

TPM

List the standard NTFS permissions for a folder.

The standard permissions for a folder are Full Control, Modify, Read & Execute, List Folder Contents, Read, and Write.

What did Microsoft do to make User Account Control (UAC) less bothersome to users in Windows 7?

To make UAC less aggressive, Microsoft introduced four UAC levels. To see these levels, start typing user account control in the search field and select the option to Change User Account Control settings to open the Control Panel app. This is Windows 10. You can also go to the User Accounts applet in Control Panel and select Change User Account Control settings. (Windows 7/8/8.1/10.)

To add a user in Windows 7, open the _______________ applet.

User Accounts

Created automatically by Windows, _______________ give local administrators access to resources whether they log on locally or remotely.

administrative shares

In reference to Windows groups, _______________ privileges grant complete control over a machine.

administrator

In Linux, the _______________ command is used to change permissions.

chmod

Which term refers to a unique combination of a user name and an associated password?

user account

Current versions of Windows refer to groupings of cylinders or transistors on an HDD or SSD as _______________ while earlier versions refer to such groupings as _______________.

volumes, partitions

List four common actions that require administrator privileges.

· Installing and uninstalling applications · Installing a driver for a device (e.g., a digital camera driver) · Installing Windows Updates · Adjusting Windows Firewall settings · Changing a user's account type · Browsing to another user's directory

To create and manage user accounts in Windows, you must be a member of the ____________________ group.

Administrators

What process determines what a legitimate user can and cannot do on a system?

Authorization

How do you enable BitLocker drive encryption in Windows Ultimate or Enterprise?

Double-click the BitLocker Drive Encryption icon in the Classic Control Panel, or select Security in Control Panel Home view and then click Turn on BitLocker.

What process is described as a file or folder automatically getting all the NTFS permissions of the parent folder?

Inheritance

If an administrator wants to access a folder or file they do not have permission to access, they can go through a process called _______________.

Take Control

Which NTFS permission allows an account to seize control of a file or folder owned by another account?

Take Ownership permission

An unpopular, but necessary, security feature introduced in Windows Vista was _______________.

UAC

What basic information does Windows ask you to provide in the New Group dialog box?

You are asked to provide a group name and description.

A strong password is at least _______________ characters long and contains letters, numbers, and punctuation symbols.

eight

When you create a new file or folder on an NTFS partition, you become the ____________________ of that file or folder.

owner

What three letters are used in a Linux terminal to indicated permissions associated with a file or folder?

rwx

What are two ways Groups make Windows administration much easier?

-First, you can assign a certain level of access for a file or folder to a group instead of to just a single user account. You can make a group called Accounting, for example, and put all of the accounting user accounts in that group. If a person quits, you don't need to worry about assigning all of the proper access levels when you create a new account for his or her replacement. After you make an account for the new person, just add her account to the appropriate access group! · Second, Windows provides numerous built-in groups with various access levels already predetermined.

Which string displayed using the ls -l command in a Linux terminal indicates that group permissions are set to read and modify?

-rw-rw-r--

What value can be entered for the "Maximum password age" in the Windows Local Security Policy editor to specify that the password will never expire?

0

What tool is offered by Windows Ultimate and Enterprise editions to encrypt entire hard drives?

BitLocker

What feature do the most recent professional versions of Windows use to encrypt files?

Encrypting File System (EFS)

What techniques provide the only true way to protect your data from access by any other user?

Encryption

If you have the Full Control permission on a folder and only the Read permission on a file within that folder, you will actually get the _______________ permission on the file.

Full Control

You can do anything you want to a file or folder with the NTFS _______________ permission.

Full Control

What type of access is granted if you log on to a computer remotely as administrator with no password?

Guest

Jane's account is changed from administrator to standard user. How does this impact Jane's personal files/folders and her privileges on the computer?

If you change Jane's account from administrator to standard user, you specifically take the Jane account out of the Administrators group and place it into the Users group. Nothing happens with her personal files or folders, but what the Jane account can do on the computer changes rather dramatically.

Briefly compare copying an encrypted file to a non-NTFS formatted drive to copying an encrypted file to a drive with NTFS.

If you copy an encrypted file to a drive formatted as anything but NTFS, you'll get a prompt saying that the copied file will not be encrypted. If you copy to a drive with NTFS, the encryption stays. The encrypted file—even if on a removable disk—will only be readable on your system with your login.

Which NTFS permission for a folder is defined as enabling you to read, write, and delete both files and subfolders?

Modify

By default, who has complete control over a folder or file?

Owner

Provide a brief overview of the concept of permission propagation.

Permission propagation is the process of determining what NTFS permissions are applied to files that are moved or copied into a new folder. Inheritance depends on two issues: whether the data is being copied or moved, and whether the data is coming from the same volume or a different one.

What does BitLocker require on a motherboard to validate on boot that a Windows computer has not been changed?

TPM

What Windows tool locates all of the shared folders on a computer, regardless of where they reside on the drives?

The Computer Management console in the Administrative Tools has a Shared Folders option under System Tools. Under Shared Folders are three options: Shares, Sessions, and Open Files. Select Shares to reveal all of the shared folders

What are the capabilities and limitations of the Power Users group?

The Power Users group is almost as powerful as the Administrators group, but Power Users cannot install new devices or access other users' files or folders unless the files or folders specifically provide them access.

What two sets of data does every folder and file on an NTFS partition list?

User and group access and level of access

What happens if administrative shares are deleted?

You cannot change the default permissions on them. You can delete them, but Windows will re-create them automatically every time you reboot.

What is used to recover from a legitimate BitLocker failure?

You need to have a properly created and accessible recovery key or recovery password.

The only account that can truly perform any task on a Windows system is the _______________.

administrator

UAC requires _______________ privileges to install or uninstall applications.

administrator

In Windows systems, what two mechanisms enable user account security?

authentication and authorization

Which Linux command enables you to change the owner and the group with which a file or folder is associated?

chown

The ls -l command in a Linux terminal displays a detailed list of files and folder, including permissions for three groups: owner, group, and _______________.

everyone

A password _______________ policy forces users to select a new password periodically.

expiration

In a Windows system, a container that holds user accounts and defines the capabilities of its members is called a(n) ____________________.

group

When adding a child's account in Windows 8/8.1/10, what controls are enabled?

parental controls

In a Windows 7 system, the _______________library folders are accessible by all users on the computer.

public

With regard to inheritance, what happens when a file or folder is moved from one NTFS volume to another?

Moving from one NTFS volume to another creates one copy of the object. The object in the new location inherits the permissions from that new location. The newly moved file can have different permissions than the original.

Authorization for Windows' files and folders is controlled by the _______________ file system, which assigns permissions to users and groups.

NTFS

Through the combination of user accounts and groups and _______________ permissions, Windows provides incredibly powerful file and folder security.

NTFS

What is the primary tool Windows uses for providing authorization?

NTFS

If a standard user attempts to do something that requires administrator privileges, what kind of prompt is displayed?

A UAC dialog box that prompts for the administrator password.

In terms of Windows administration, what is a group?

A group is a container that holds user accounts and defines the capabilities of its members.

Prior to Vista, what was the functionality of the Power Users group?

Before Vista, Microsoft created the Power Users group to give users almost all of the power of an administrator account without actually giving users the full power of the account.

What modern encryption technology is especially useful for protecting data stored on laptops?

BitLocker encrypts the whole drive, including every user's files, so it's not dependent on any one account. The beauty of BitLocker is that if your hard drive is stolen, such as in the case of a stolen portable computer, all of the data on the hard drive is safe. The thief can't get access, even if you have a user on that system who failed to secure his or her data through EFS.

Briefly describe BitLocker to Go.

BitLocker to Go enables you to apply BitLocker encryption to removable drives, like USB-based flash drives. Although it shares a name, BitLocker to Go applies encryption and password protection, but doesn't require a TPM chip.

Why are blank passwords or passwords that are easily visible on a sticky note an issue?

Blank passwords or passwords that are easily visible on a sticky note provide no security. Always insist on nonblank passwords, and do not let anyone leave a password sitting out in the open.

Windows administration allows a certain level of access for a file or folder to be assigned to a(n) ____________________ rather than just a single user account.

group

In Windows systems, the _______________ account might be used to provide casual Internet access to users at a library terminal.

guest

The process of determining the default NTFS permissions on any newly introduced files or subfolders contained in a folder receive is called ________________.

inheritance

When copied from one NTFS volume to another, the copy of the object in the new location _______________ the permissions from that new location.

inherits

If an object is _______________ within an NTFS-based volume, that object retains its permissions.

moved

What unique key is known only by the system and the person with whom the key is associated?

password

A(n) ____________________ disk should be created and used at a later time to help users if they forget a password.

password reset

In defining exactly what any particular account can or cannot do to a file or folder, it is considered best practice to assign _______________ to groups and then add user accounts to groups.

permissions

In a Windows system, ____________________ are almost as powerful as administrators, but they cannot install new devices or access other users' files unless access is provided.

power users

In a Windows system, ____________________ have rights almost equal to that of the administrator, except that they cannot install new devices or access other users' files or folders unless the files or folders specifically provide them access.

power users

Strong passwords should include letters, numbers, and _______________ symbols.

punctuation

Opening a command line and running _______________ provides access to a utility called Local Security Policy.

secpol.msc

In a Windows system, members of the Users group are called _______________ users.

standard

Selecting _______________while adding a new user in Windows makes that user a member of the local Users group.

standard user

Both Linux and macOS have been using one UAC function for a long time—it is called _______________.

sudo

How can NTFS inheritance for a specific folder or file be turned off in the rare situations in which this is desired?

Instead of shutting down inheritance completely, use the Deny checkbox. Clicking the Deny checkbox for a particular NTFS permission tells Windows to overrule inheritance and stop that particular NTFS permission.

Starting with Windows 8, Microsoft shifted the focus of user accounts from local accounts to _______________-wide Microsoft accounts.

Internet

On every Windows system, each record in an encrypted database of user names and passwords is called a(n) _______________.

Local user account

Briefly describe considerations of working on a Windows system administered by someone else.

Make sure she understands what you are doing and how long you think it will take. Have the administrator create a new account for you that is a member of the Administrators group. Never ask for the password to a permanent administrator account! That way, you won't be blamed if anything goes wrong on that system. When you have fixed the system, make sure the administrator deletes the account you used.

Describe how to manage an administrator password.

The default administrator account is Administrator. You should use this default only if no other administrators can log on. Best practice is to make a complex password for Administrator; write it down and put it in a safe for emergency use. Change the default admin user account/ password to reflect one or more of the user accounts added to the Administrators group.

What happens to a file or folder permission if it is copied within an NTFS partition?

The original retains permissions, and the copy inherits permissions from the new location.

In terms of NTFS permissions, distinguish between Ownership permission and Take Ownership permission.

When you create a new file or folder on an NTFS partition, you become the owner of that file or folder. Owners can do anything they want to the files or folders they own, including changing the permissions to prevent anybody, even administrators, from accessing them. With the Take Ownership permission, anyone with the permission can seize control of a file or folder. Administrator accounts have Take Ownership permission for everything. Note the difference between owning a file and accessing a file. If you own a file, you can prevent anyone from accessing that file. An administrator whom you have blocked, however, can take that ownership away from you and then access that file!


Set pelajaran terkait

Chapter 1 Psychology quiz ANSWERS

View Set

Stimulus Control & Prompt Fading

View Set

Computer Forensics Chp. 4-6 Review Questions

View Set

Geometry FLVS 07.02 Inscribed and Circumscribed Circles

View Set

Flow Designer Micro Certification

View Set