Mac OS X 10.8 (File Systems)

Ace your homework & exams now with Quizwiz!

What does it mean when you choose the option to "ignore volume ownership" in the Finder? What are the security ramifications of ignoring volume ownership?

You can choose to ignore ownership on any nonsystem volume. This ignores any ownership rules and grants any logged-on user unlimited access to the contents of the volume. It's a potential security risk because it allows any local user account to have full access to the volume even if that user didn't originally mount the volume.

How can you unlock a FileVault 2 protected system when all user accounts have lost their passwords?

A FileVault 2 protected system can be unlocked using the recovery key that was generated during the FileVault 2 setup process. This key can be entered during system startup, and allows you to reset the user's account password.

How can you reset a user's home folder permissions?

A user's home folder permissions can be reset from the Reset Password application on OS X Recovery.

How do you identify the ownership and permissions of a file or folder in the Finder?

An item's ownership and permissions can be identified using the Get Info or Inspector windows in the Finder.

Which users are allowed to unlock a FileVault 2 protected system?

Any user that is FileVault enabled is allowed to unlock a FileVault 2 protected system. This includes any local or cached network user account that was enabled when FileVault 2 was set up or created after FileVault 2 was enabled. Further, administrators may return to the Security & Privacy preference pane to enable additional accounts.

Which two built-in OS X applications can be used to gather information about storage devices?

Disk Utility and System Information can both be used to gather information about storage devices.

What is the difference between disks, partitions, and volumes?

Disks are the actual storage hardware; partitions are logical divisions of a disk used to define the storage space; and volumes, contained inside partitions, are used to define how the individual files and folders are saved to the storage.

How does the default organization of the file system allow users to safely share local files and folders?

Every home folder contains a Public folder that other users can read, and a Drop Box folder that other users can write to. All other subfolders in a user's home folder (except the optional Sites folder) have default permissions that don't allow access to other users. The Shared folder is also set for all users to share items.

How does file system journaling work?

File system journaling records what file operations are in progress at any given moment. This way, if a power failure or system crash occurs, the system can quickly verify the integrity of the volume by "replaying" the journal after restart.

How does FileVault 2 protect a user's data?

FileVault 2 protects the entire system volume and all its data by using strong XTS-AES 128 encryption. During system startup, FileVault-enabled users must enter their password to decrypt the system volume.

How can you ensure that previously deleted items are securely erased?

From the Erase tab in Disk Utility, you can choose to securely erase the free space of a disk or volume. This securely erases any previously deleted files on the selected disk or volume.

How can you encrypt a disk without erasing its contents?

From the Finder, you can encrypt a disk without erasing its contents by right-clicking or Control-clicking the disk and then choosing Encrypt from the shortcut menu.

What are the two primary partition schemes for Mac formatted disks? What are their differences?

GUID Partition Table is the default partition scheme on Intelbased Mac computers, and Apple Partition Map is the default partition scheme on PowerPC-based Mac computers.

What is the potential side effect of improperly unmounting or ejecting a disk or volume?

Improperly unmounting or ejecting a disk or volume may cause data corruption. The system automatically verifies and repairs an improperly unmounted or ejected volume the next time it becomes available to the Mac.

How does the Secure Empty Trash feature work in the Finder?

Secure Empty Trash performs a 7-pass erase on the contents of the Trash folder.

How do ACLs differ from standard UNIX file system permissions?

Standard UNIX file system permissions allow only for permissions to be set for one owner, one group, and all others. ACLs, on the other hand, allow for an essentially unlimited list of permissions entries.

What is Target Disk Mode and how is it engaged?

Target Disk Mode is a Mac-specific hardware feature that, when engaged, shares the Mac computer's internal disk through the FireWire ports. Target Disk Mode can be engaged from the Startup Disk preference or by holding down the T key as you turn on the Mac.

What permissions are modified by the Disk Utility Repair Permissions feature?

The Disk Utility Repair Permissions feature repairs only the ownership and permissions for items installed by Apple. However, this may resolve issues with third-party products.

What does the Disk Utility Verify and Repair feature do?

The Disk Utility Verify and Repair feature is used to verify or repair the partition scheme and directory structure of a volume. These elements contain the information used to locate files and folders on the volume.

What is unique about the permissions of the /Users/Shared folder?

The Shared folder is set up to allow all users to read and write files, but only the user who owns an item can delete it from the Shared folder. This is accomplished using the sticky bit permissions setting.

What are the four erase options available in Disk Utility? What are the differences between them?

The four erase options in Disk Utility are: • Fastest, which simply replaces the volume's directory structure • A second choice, which provides good security by writing zeros on top of all the previous disk data • A third choice, which provides even better security by writing three separate passes of information on top of the previous disk data • Most Secure, which provides the best security by writing seven separate passes of information on top of the previous disk data

What four methods can be used to eject a volume or disk from the Finder?

The four methods used to eject a volume or disk from the Finder are: • Drag the disk icon to the Trash in the Dock. • Press and hold the Eject key for a few moments to unmount and eject optical media. • Select the volume you want to eject and choose Eject from the File menu. • In the Finder sidebar, click the small Eject button next to the volume you want to unmount and eject.

What is the locked file flag?

The locked file flag prevents anyone, including the item's owner, from editing an item. Only the item's owner can unlock the item to then allow modification.

Why is the root, or beginning, level of a user's home folder visible to other users?

The root level of a user's home folder is visible to other users so they can navigate to the Public shared folder.

What two volume formats are supported for an OS X system volume?

The two volume formats supported as system volumes for OS X are Mac OS Extended (Journaled) and Mac OS Extended (Journaled, Encrypted).

What are the system requirements for using FileVault 2?

To enable FileVault 2, OS X systems must have the hidden OS X Recovery HD volume on the system disk. Further, any Legacy FileVault accounts must be decrypted and returned to normal accounts.


Related study sets

Chapter 2: Construction Contracting Methods

View Set

LIFE ONLY_Chapter 9- Wisconsin Life Insurance Law

View Set

BIO 166 Exam #1 (ch.2,3,4,5,6) Review Questions

View Set

Principles of Management: Chapter 18 (Wesson)

View Set

Acquired Conditions and Congenital Abnormalities in the Newborn

View Set