CTEC 305 Module 5
dir /ah
A command that can be used to display hidden files in the command prompt.
What happens when you move a file to a folder on a different volume?
A copy of the file is created on the target folder HOWEVER the original file is removed.
DFS Replication
A feature of DFS that allows you to synchronize folder contents between folders. It must be installed on every server that is intended for replication.
Hidden attribute
A file attribute that is given to a file to indicate it should not be visible in File Explorer.
Passive screening
A file-screening method that monitors and notifies when the unauthorized files are saved but doesn't prevent users from saving unauthorized files on the server.
Universal Naming Convention (UNC)
A naming convention that designates network servers, computers, and shared resources. The format for a UNC name is, for example, \\servername\namespace\folder\file. A naming system used by Windows computers to locate network file shares and network printers. The format is \\servername\sharename.
Full Control
A permission that can be used on files or folders that allow users/groups to read, add, delete, execute, modify files, change permissions and attributes and take ownership of files.
Get-ChildItem -hidden
A powershell cmdlet that allows the administrator to view hidden files.
Distributed File System (DFS)
A system that enables folders shared from multiple computers to appear as though they exist in one centralized hierarchy of folders instead of on many different computers.
soft quota
A type of quota that alerts users when they have exceeded the quota but doesn't prevent them from saving files. (Passively enforced)
Hard quota
A type of quota that prevents users from saving files if their files in the target folder already meet or exceed the quota limit. (Strictly enforced)
What happens when a file or folder is moved or copied from an NTFS or ReFS volume to a folder on a FAT32 or exFAT volume?
All permissions are removed because FAT32 and exFAT DOES NOT support NTFS and ReFS permissions.
Folder and file auditing
Allows you to track activity on a folder or file, such as read or write activity.
Read and Execute
Allows you to traverse(list) folder content. View file contents, attributes, permissions and execute files.
User Quotas
An NTFS feature that can be configured to limit the space that users can consume when creating a file.
Folder Quotas
An NTFS feature that can be configured to limit the space users can consume in folders.
Publishing
An administrator uses active directory to create objects that represent network resources, such as shared folders.
remote differential compression (RDC)
An algorithm used to determine changes that have been made to a file and replicate only those changes. This can cause synchronization problems if a large number of people use it to continually modify the same file and therefore should be disabled.
symmetric encryption
An encryption method whereby the same public key is used to encode and to decode the message.
NTFS offers four advanced attributes for files and folders. What are they?
Archive Index Compress Encrypt
Attributes
Are features of a file or folder that are used by a filesystem. These are essentially the settings for a file or folder.
Write
Can create files, write data to files, append data to files, create and modify folder and file attributes ; cannot delete files.
List folder contents
Can list (traverse) files in the folder or switch to a subfolder, view folder attributes and permissions, and execute files, but cannot view file contents.
Modify
Can read, add, delete, execute and modify files/folders; A user cannot change permissions or take ownership.
Read
Can view file contents, as well as view file and folder attributes, permissions and cannot traverse or execute files.
Metadata
Components that store information about a folder or file. It stores, attributes, permissions, date of creation and the time the file/folder was last accessed.
Compress attribute
Compresses a bigger file into a smaller file for saving space on a storage device. When the file with this attribute is opened the file is automatically decompressed.
Read-Only Attribute
Contents cannot be saved with the same filename. Files with this attribute cannot be deleted from the command prompt. They can however, be deleted from the file explorer utility.
Two sperate roles comprise DFS:
DFS namespaces DFS Replication
Windows Server uses two types of ACLs:
Discretionary Access Control List(DACL) System Access Control List(SACL)
What is a graphical tool used to view audited events?
Event Viewer
True or False You are configuring a DFS replication group to synchronize folder contents between four file servers. To minimize the network bandwidth used by DFS replication, you should choose a Full mesh topology for your replication group.
False
Encrypt Attribute
Files with this attribute use a series of mathematical steps to scramble data.
What protocol allows users to locate a shared folder quickly?
LDAP
DFS Target
Logical links to shared folders throughout the network.
The 2 main filesystems supported by server 2019:
NTFS and ReFS
What network sharing protocol is Unix-based and must be installed on Server Manager?
Network File System(NFS) protocol
How can an administrator view hidden files/folders in file explorer?
Open the file explorer window, navigate to the desired directory. Go to the "view" tab and check off "hidden".
DFS Namespaces
Provides a central location from which users can access the different shared folders within their organization. Enables you to group shared folders into a single logical structure.
You wish to grant a specific user the ability to view the read-only attribute on files within a particular folder on the system, but do not wish to grant any other access. What advanced permission should you assign to this user?
Read attributes
SMB requries that you have a shared folder permission in order to connect to a shared folder. What are the three permissions?
Read- Allows users to read/execute shared files. Read/Write - Allows users to read/execute/delete and modify shared files. Owner- Allows users to read/execute, delete and modify the content of files as well as add and delete subfolders and modify share permissions.
What are the two permissions for SMB?
Read-Only- Allows users to read and execute files. Read-Write- Allows computers to read, execute, delete and modify contents of files, as well as add and delete subfolders.
Which of the following NFS shared folder permissions allows computers to access an NFS shared folder and modify content?
Read-Write
Each filesystem in Server 2019 uses 2 of these basic attributes:
Read-only and Hidden
How can someone view a file/folder's attributes?
Right-click the file/folder. Click on properties and finally navigate to the properties tab.
How can an administrator access advanced attributes and apply them to a folder/file?
Right-click the file/folder. Go to properties. Go to the "general tab". Located near the basic attributes, click advanced to apply the NTFS attributes.
How can an administrator configure a DACL for a folder or file on an NTFS or ReFs filesystem?
Right-click the folder or file within a file explorer window and click "properties" go to the security tab. The administrator can view the permissions for users and groups. You can then edit the permissions for a user or group.
Where are audit "configurations "stored?
SACLs
Where are audited "events" are recorded in the Windows Server 2019 ?
Security Log
To allow users to access the files within a folder on your windows server 2019 system from across a network, you must share the folder. There are 2 protocols that can be used to share folders on a Windows Server 2019 system:
Server Message Block(SMB) Network File System(NFS)
What network file sharing protocol is available on Server 2019 by default?
Server Message Block(SMB) protocol
What happens when a newly created file is created in a folder with already established permissions?
The newly created file inherits the permissions configured on the folder to which it is copied.
security principal
The user, group, or computer to which an administrator assigns permissions with a DACL or SACL.
System Access Control List(SACL)
This ACL contains information used to audit the access to a resource.
Discretionary Access Control List(DACL)
This ACL lists the permissions given to each user and group. It is used to grant or deny access to a resource on the network.
Archive Attribute
This attribute indicates that the folder or file needs to be backed up. This attribute is automatically enabled when a file/folder is created or the contents within have changed.
Get-EventLog security
This cmdlet can be used to access the security log.
Set-Acl
This cmdlet can be used to configure permissions, ownership, or auditing for folders or files on an NTFS and ReFS system.
File Screens
This is an NTFS feature that can be configured to prevent certain types of files from being saved on a filesystem. For example preventing mp3 files from being saved on the cooperation's filesystem.
Active screening
This method prevents users from storing any unauthorized files of a specific type. (Strictly enforced)
True or False System files are not included in a search index because it will take longer to process the search of a filename in a search box.
True
True or False Windows Server 2019 allows you to audit successful and fail attempts to access folders and files using a combination of any or all of the basic or advanced permissions.
True
True or False Windows Server 2019 also supports FAT32 and exFAT but these files systems are only used on local storage and removable media.
True
True or False Only the NTFS filesystem supports all of the basic and advanced attributes for folders and files.
True
True or False A file or folder that is moved or copied to a folder on a DIFFERENT volume inherits the permissions of the folder to which it is moved or copied.
True
True or False You can use soft quotas to provide warnings to users that exceed folder quotas, while not restricting their ability to add content to a folder.
True
True or false A file or folder that is moved from one folder to another on the SAME volume retains its original permissions.
True
True or false Admins usually ignore the read-only attribute in favor for permissions that can perform the same basic task but more controlled.
True
Both NFS and SMB shared folders can be published to Active Directory. True or False
True.
True or False You can use the Set-ACL cmdlet within Windows PowerShell to configure entries within a DACL or SACL.
True.
True or False Auditing requires additional processor calculations and storage, it is not enabled on Windows Server 2019 by default.
True.
True or False. Windows systems that have the Client for NFS installed can access an NFS shared folder by browsing the network or specifying the shared folder's UNC.
True.
True or false Moving a file to a folder on the same volume does NOT create a copy of the file. It only renames the file to reflect the new path.
True.
asymmetric encryption
Two keys are used. The public key is used to encrypt the data, while the private key is used to decrypt the data.
Index Attribute
When this attribute is enabled, the file or folder is listed in a series of files/folders called an index that allows you to quickly search for them using a search box in file explorer.
What are the 2 services that can be used to obtain a list of folder/files that have the index attribute enabled on them?
Windows Indexing Service(old/legacy) Windows search service(new and faster)
Which of the following features are provided by the File Server Resource Manager server role? (Choose all that apply.)
a. File screens c. Folder quotas
Which of the following basic NTFS/ReFS permissions allows you to delete a file? (Choose all that apply.)
a. Full control b. Modify
You would like to provide a central shared folder that users can access to view all other shared folders within the organization. What must you do? (Choose all that apply.)
a. Install the DFS Namespaces role and configure a DFS namespace c. Add targets to the DFS namespace for each shared folder
Which of the following can be used to set the compress attribute for an NTFS file? (Choose all that apply.)
a. Set-ItemProperty d. compact.exe
Check My Work Which of the following occurs when you encrypt a file using EFS within a domain environment? (Choose all that apply.)
b. A copy of the symmetric encryption key is stored within the file metadata and asymmetrically encrypted with your public key c. A symmetric encryption key is generated and used to encrypt the file contents d. A copy of the symmetric encryption key is stored within the file metadata and asymmetrically encrypted with recovery agent's public key
You have a large number of users that access the same files within a shared folder that is replicated to another shared folder on the network using DFS replication. Users often report problems with missing content in the files that they access within the shared folder, and that changes take a long time to propagate from one shared folder to the other. What two actions can you take to address these issues? (Choose two answers.)
b. Disable remote differential compression (RDC) on the connections within the replication group c. Increase the size limit of the DFS staging folder for each member of the replication group
You would like to share a folder that uses the access-based enumeration feature. What must you do?
b. Share the folder using SMB using Server Manager.
True or False. The View effective access tab within the Advanced Security Settings window for a folder or file can be used to view the groups that have access to a particular folder or file.
b. false
Your organization maintains a shared folder called PrivateHR that only the HumanResources-G and Domain Admins groups have access to. You wish to audit each time a member of the HumanResources-G group successfully modifies or deletes a file within this folder. What must you do? (Choose all that apply.)
c. Configure an audit entry within the SACL of the PrivateHR folder that audits the Modify permission for the HumanResources-G group d. Enable success auditing for the system using an audit policy
You are about to move an EFS-encrypted file called SecureData.xml from a folder on an NTFS volume to a folder on a ReFS volume. Which of the following statements are true regarding the permissions and encryption on the file following the move operation? (Choose all that apply.)
c. SecureData.xml will inherit the permissions from the target folder following the move operation. d. The SecureData.xml will be not be encrypted following the move operation.
You have shared a folder using SMB and assigned members of the Accounting group Full Control shared folder permission. One of the members of the Accounting group complains that they get an access denied message when attempting to access files within the shared folder. What are two possible causes of this issue? (Choose two answers.)
c. The shared folder is on an NTFS or ReFS volume, and the DACL on the files denies access to a group to which the user belongs. d. The shared folder is on an NTFS or ReFS volume, and the DACL on the files does not allow the user access.