Windows Permissions Architecture Quiz
20 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the correct role of Access Control List (ACL) in Windows Permissions Architecture?

  • It maintains records of permissions granted to security principals. (correct)
  • It replaces all permission settings with default values.
  • It grants permissions to all users without restrictions.
  • It determines the folder path for the share.
  • Which statement accurately describes Advanced Permissions?

  • They are used to grant permissions to entire groups only.
  • They provide a more granular level of control compared to Basic Permissions. (correct)
  • They are the primary form of permission used for all users.
  • They cannot be modified once assigned.
  • What happens to Deny permissions when applied in a system environment?

  • They enhance Allow permissions.
  • They always override Allow permissions. (correct)
  • They have no impact if Allow permissions are present.
  • They do not affect inherited permissions.
  • What is the preferred method of assigning permissions according to the guidelines?

    <p>Starting with Allow permissions to grant access first.</p> Signup and view all the answers

    What is meant by Effective Access in the context of Windows permissions?

    <p>It is the resultant permissions a security principal receives after evaluating both Allow and Deny permissions.</p> Signup and view all the answers

    Which permission allows a user to delete a folder and perform all actions associated with it?

    <p>Modify</p> Signup and view all the answers

    What can a user do with Read permission on a file?

    <p>View ownership and attributes</p> Signup and view all the answers

    Which permission is necessary to create new files and subfolders inside an NTFS folder?

    <p>Write</p> Signup and view all the answers

    What is a key characteristic of resource ownership on an NTFS drive?

    <p>The owner can modify permissions regardless of current settings.</p> Signup and view all the answers

    In the context of NTFS permissions, which action is NOT associated with the List Folder Contents permission?

    <p>Performing all actions of the folder</p> Signup and view all the answers

    Which step is NOT essential when creating a folder share?

    <p>Configuring NTFS quotas for the shares</p> Signup and view all the answers

    What protocol primarily serves as the file-sharing standard for Windows?

    <p>Server Message Blocks (SMB)</p> Signup and view all the answers

    Which interface can be used for greater control when sharing folders?

    <p>The Sharing tab of the folder’s Properties sheet</p> Signup and view all the answers

    What must be done before using the Network File System (NFS) protocol for file sharing?

    <p>Install the NFS role service on the server</p> Signup and view all the answers

    When creating a folder share, what is a critical aspect to consider for the designated users?

    <p>The permissions granted to those users</p> Signup and view all the answers

    Which permission allows a user to modify the folder permissions and take ownership of the folder?

    <p>Full Control</p> Signup and view all the answers

    What is required for a user to access a file or folder according to the NTFS system?

    <p>Matching security identifiers (SIDs)</p> Signup and view all the answers

    Which of the following actions is specifically allowed by the Share permission 'Read'?

    <p>Execute program files</p> Signup and view all the answers

    In NTFS permissions, who are considered security principals?

    <p>Users and groups</p> Signup and view all the answers

    Which of the following is NOT a capability of the 'Change' permission in Share Permissions?

    <p>Take ownership of files</p> Signup and view all the answers

    Study Notes

    Chapter 7: Configuring File and Share Access

    • Chapter objectives include configuring file and share access, designing a file sharing strategy, creating folder shares, assigning permissions, and configuring NTFS quotas.

    • Shares are required for network users to access server disks.

    • To create folder shares, determine which folders to share, their names, permissions for users, and offline files settings.

    • Folder shares can be created by right-clicking and selecting "Share with Specific People" for a simplified interface or using the "Sharing" tab of the folder's Properties sheet for more control.

    • The File Sharing dialog box allows you to select users and assign permission levels (Owner, Read/Write, Read).

    • The Advanced Sharing dialog box allows adjustments like limiting simultaneous users.

    • Server Message Block (SMB) is the standard file-sharing protocol used by all Windows versions, requiring the File Server role service.

    • Network File System (NFS) is the standard file-sharing protocol for most UNIX and Linux distributions requiring the server to have the NFS role service installed.

    • The Shares homepage in Server Manager displays all shares, allowing for creating new shares using the New Share Wizard.

    • The New Share Wizard page "Select the profile for this share" demonstrates different share profiles (SMB-Quick, SMB-Advanced, etc.) with details about their usage.

    • Next, "Select the server and path for this share" allows you to specify the server, volume of the file share.

    • The "Specify share name" page is for customizing share name and description and selecting the local or remote path to the share.

    • The "Configure share settings" page offers settings like enabling access-based enumeration, caching, BranchCache, and encryption for data access.

    • The "Specify permissions" page enables controlling access via a combination of folder, share, and optional central access policy permissions.

    • The "Confirm selections" page verifies chosen settings before creation, showing the server, cluster role, local path, and other share properties.

    • A created share appears on the Shares homepage in Server Manager, displaying volume information and quota.

    • ACL (Access Control List) and ACES (Access Control Entries) together configure folder permission architecture.

    • Security principal examples: Sales (Read permissions), Managers (Full Control permissions), JSmith (Deny permissions).

    • The Security tab in a Properties sheet lets changing permissions for users and groups on the file share using edit, deny and allow options.

    • Basic and Advanced Permissions grant specific degrees of access.

    • Basic permissions are preconfigured combinations, whereas advanced permissions offer granular, individually applied access.

    • Additive method: start with no permissions and allow them.

    • Subtractive method: grant Allow, then Deny permissions.

    • Permissions run "downward" through a hierarchy - an inherited permission structure.

    • Explicit permissions have precedence over inherited permissions.

    • Effective Access tab displays the actual permissions granted to a user/group on a specific file or folder, considering cumulative and overriding permissions.

    • The Share Permissions tab (for a folder) lets managing individual permissions (Allow/Deny) for groups.

    • Permissions (Full Control, Change, Read) grant different access levels (changing permissions, taking ownership, reading data).

    • NTFS Authorization: NTFS and ReFS use ACLs with ACEs (having security principals and permissions) to manage permissions.

    • Security identifiers (SIDs) determine appropriate user's access during authorization.

    • NTFS basic permissions (Full Control, Modify, Read & Execute, List Folder Contents, Read, Write) dictate different actions.

    • Sharing permissions are distinguished from NTFS permissions, as they operate independently to offer network access to folder resources.

    • When a shared folder has both share and NTFS permissions, local (NTFS) permissions have precedence.

    • The two basic rules involve the local permission being the NTFS permission and the remote permission as the more restrictive set of permissions.

    • Volume Shadow Copies allow maintaining previous versions of files. This feature is for complete volumes only, not individual folders/shares.

    • NTFS quotas enable storage limit control on volumes for users to prevent exceeding a defined limit via disk space or warnings.

    • Access-based enumeration applies filters based on individual user's permissions to view contents.

    • Users unable to access particular resources on a network won't see them.

    • Offline Files maintain copies of files locally, accessing files from server shares.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge on Windows Permissions Architecture with this quiz. Explore topics such as Access Control Lists, Advanced Permissions, and Effective Access. This quiz is essential for understanding how to manage and assign permissions in a Windows environment.

    More Like This

    Windows Server Network Permissions Quiz
    25 questions
    Use Quizgecko on...
    Browser
    Browser