Certified Cybersecurity Technician Data Security PDF Exam 212-82

Summary

This document provides information on data security controls, with focus on the explaination of the use of various security controls to secure the data.

Full Transcript

Certified Cybersecurity Technician Exam 212-82 Data Security Module Flow 01 4 03 Understand Data Security 7" Discuss Data Backup, and its Importance 02 Discuss Various Data Security Controls Retention, and Destruction 04 ,§ Discuss Data Loss Prevention Concepts Discuss Various Data Security Controls The objective of this section is to explain the use of various security controls to secure the data. Module 15 Page 1761 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security ACL: Setting Access Controls and Permissions to Files and Folders in Windows Access controls can authorize users, groups, and computers to access files and folders in a computer When a user or an application requests for an access to the operating system resources, they need to submit their credentials to the operating system Credentials are access tokens created every time a user or an application tries to log in 0OS compares the details contained in the access tokens with the Access Control Entries (ACEs) for verification The ACEs can block or permit the services depending on object type ACL: Setting Access Controls and Permissions to Files and Folders in Windows (Cont’d) Aopiying NTFSpermisions o sies QO Typical file permissions allowed on the NTFS file system are: = = Q Full Control Modify = Read and Execute = Read = Write Each of these permissions includes a logical group of special permissions | [ P I Special Permissions associated with each NTFS ::"‘m‘:m Rescws Resd Attnbutes W v 7 v ¥ ¥ NN Create Filew/Write s e | wieawese | Vil Y Lol | g 7 LNE | NS :;,m ; :::::Md«n O :‘_"““’" P v File Permission: v v v v v v M v v v N ; ¥ ¥ & ¥ ¥ ¥ ¥ v ¥ ¥ https://docs. microsoft com Module 15 Page 1762 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security. Access Controls ACL:. Setting ° ° 3 e1 General ° Securty Shaing e and Permissions to Files and x i Customize Previous Versions o s nomes Group Folders in Windows (Cont’d) & Matn (martin@CND com) & Administrator £2 Admnstrators (CND\Administrators) '. v Full control permission. Aow _ Pemissionsfor SYSTEM Go to the specific file or folder on which you want to set a special. — To change pomiesions, cick Ed1 QO To set, view, edit, or remove special permissions: Moddy v Read 8 execute V4 Read the Security tab v e cioknancs @ Click Add to set special permissions for a new group or user in Permission Entry Window v v Write @ " ! PP Right-click on the file or folder, click Properties, and then click Deny All Rights Reserved. —_ ey,. e Reproduction Is Strictly Prohibited ACL: Setting Access Controls and Permissions to Files and Folders in Windows (Cont’d) Applying NTFS permissions to folders | [Liruol ] Il Nl K Q Typical folder permissions allowed on the NTFS file system are N Excimohic Resd Dots v ¥ v v 4 v 4 ¥ % Modify :::”: s : : : : ¢+ Read and Execute s el vimearibstes o7 \ 4 ¥ v ¥ ¥ v «¢ Full Control «* List Folder Contents % Read < Q Traverse folder/ R —_—y Write A Oelete ¥ ::‘r::‘unn V Files Each of these permissions include a logical group of special permissions Special Permissions associated with each NTFS Folder Permission Scbteidarsand eitemin _ _ > | Theowmenns Syachvonise of W7 ¥ v " : > o ¥ v v ¥ ¥ A4 < ¥ 4 https//docs microsoft.com Copyright © by EC All Rights Reserved, ReproductionIs Strictly Prohibited ACL: Setting Access Controls and Permissions to Files and Folders in Windows Access controls can authorize users, groups, and computers to access files and folders in a computer. When a user or an application requests for an access to the operating system resources, they need to submit their credentials to the operating system. Credentials are access tokens created every time a user or an application tries to log in. The operating system verifies whether the access token is created as a permission to access the objects before allowing the user or application to access them. Here, the OS compares the details contained in the access Module 15 Page 1763 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Exam 212-82 tokens with the access control entries (ACEs) for verification. The ACEs can block or permit the services depending on object type. For example, the ACEs for a Printer are print, manage printing, and manage documents. The ACLs contain a combination of an object’s ACEs. = ACEs: An ACL can (generic types). * have zero or more ACEs, wherein each ACE has the access to an object. Overall, there are six types of ACEs, out of which securable objects support three types), and the other three are directory service objects (object-specified The three generic types of ACEs are: o Access denied ACE: Used in a discretionary ACL to prevent access to any user. o Access allowed ACE: Used in a discretionary ACL to allow access to any user. o System audit ACE: Used in a system ACL to create an audit log for each attempt by a user while accessing the objects. = The three object-specified types of ACEs are: o Access denied, object-specific ACEs: Used in the discretionary access control list to block access to a property or property set. It can even stop the inheritance level of a specified type of child object. o Access allowed, object-specific ACEs: Used in a discretionary ACL to permit access to a property or property set. It can even stop the inheritance level of a specified type of child object. o System audit, object-specific ACEs: Used in a system when a user attempts to access the child object. ACL to create an audit log The object-specific types and generic types differ only in the design of the inheritance level. = ACLs: An ACL is a table that provides a detailed description of the access rights of the users for accessing objects. Every object has an ACL that contains the details of the user rights and privileges for accessing that object. Each OS system has specific ACLs. The ACLs have one or more ACEs that contains the user details. = Permissions: Each container or object has a security descriptor attached to itself. This security descriptor contains a detailed description of the user access rights. The security descriptor is created along with the container or object. An ACE represents the permission to users or user groups, and the entire list or set of permissions is contained in an ACL. There are two types of permissions: o Explicit permissions: Permissions that are set by default upon creation. o Inherited permissions: Permissions inherited from the parent object to the child object. For example, any files and folders in a folder can inherit the permissions applicable to that particular parent folder. Here, the parent folder has an explicit permission, whereas the files and folders have inherited permissions. Module 15 Page 1764 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security = There are two sets of permission entries for accessing a folder on a file server: o Share permission on a folder: Used for files and folders shared across the network or many user accounts. The permissions can be either denied or granted depending on the users or user accounts. The most commonly used shared permissions are full control, change, and read. NTFS permissions on a folder: Control the permissions over a network and local computers. The most commonly used NTFS permissions are full control, modify, read and execute, and read and write. Applying NTFS Permissions to Files and Folders Access controls for files access permissions. NTFS local computer and also sharing of permissions on = and folders can files and folder files stored in a shared folders in specify which users and user groups can have the permissions allow users to access files stored on a shared folder over a network. NTFS also allows the accordance with file and folder permissions. NTFS permissions for files: O Full control: Specifies whether the user has all permissions to access files. Users with full control have the complete access rights to any file even if permission is denied to them. Modify: Allows the user to read, write, execute, and traverse. Read and execute: Allows the user to go through each directory and read all files. Read: Allows permissions. the user to list folders, read files, read attributes, and read Write: Allows the user to create files, write data, create folders, and set attributes. Module 15 Page 1765 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Specnal Full Read and Data Create Folders/ Append Data Write Attributes Write Extended Attributes Delete Subfolders and Files Delete Read Permission Change Permission Take Ownership Synchronise ¢ v v €€« Create Files/Write < Read Extended Attributes L€« Read Attributes € €€ €L List Folder/ Read Data €€ Execute File < Traverse Folder/ CELCLLCLCCLCLC L CCC L m v Table 15.2: Special permissions associated with each NTFS file permission NTFS permissions for folders: o Full control: Specifies whether the user has complete access to folders. o Modify: This allows the user to read, write, execute, and traverse. o Read and execute: This allows the user to list folders, read files, read attributes, and read permissions. o List folder contents: Specifies if the user can access the folders and sub-folders. o Read: This allows permissions. o Write: Allows a user to create files, write data, create folders, and set attributes. Module 15 Page 1766 the user to list folders, read files, read attributes, and read Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Read Extended Attributes Create Files/Write Data Create Folders/ Append Data Write Attributes Write Extended Attributes CEECECEC Delete Subfolders and Files Delete Read Permission Change Permission Take Ownership Synchronise 4 v Read €€« Read Attributes List Folder Y Y List Folder/ Read Data Read and Y &Y € €CCCLL K Traverse Folder/ Execute File Modi CLELCLCLCLC L Full €< Special Exam 212-82 \2 \2 v Table 15.3: Special permissions associated with each NTFS folder permission List folder contents permissions can be set only when they are inherited by folders and not files, whereas read and execute can only be set for files and folders. It is possible to back up and restore data on NTFS files. However, permissions to individual files and folders for FAT files. it is not possible to set To set, view, change, or remove special permissions for files and folders, go to a specific file or folder on which you want to set the special permission. 1. Right-click the file or folder, click Properties, and then click the Security tab 2. Click Advanced 3. Click Add to set special permissions for the user or new group in the Permission Entry window In Linux, ACLs are used to implement access control by setting access permissions to a specific file or folder. Module 15 Page 1767 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Exam 212-82 ~ Demo Properties General Sharing Object name: X Securty Previous Versions Customize C:\Demo Group or user names: SYSTEM 8 Martin ([email protected]) 2 Administrator £2 Administrators (CND\Administrators) To change pemissions, click Edit. Pemissions for SYSTEM Allow Full control v Read & execute List folder contents v v Modfy Deny : v v Read v Write For special pemmissions or advanced settings, click Advanced. | Cose | o Cancel anced Aoply Figure 15.4: Screenshot of Properties window Module 15 Page 1768 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited.