CIST_2411_Chapter_14_Notes - CIST 2411 CHAPTER 14 NOTES I Security Principle Managing Permissions a Permissions i Privileges granted to users groups and

CIST_2411_Chapter_14_Notes - CIST 2411 CHAPTER 14 NOTES I...

This preview shows page 1 - 2 out of 3 pages.

CIST 2411 C HAPTER 14 N OTES I. Security Principle: Managing Permissions a. Permissions i. Privileges granted to users, groups, and computers allow them to access a resource. ii. Four permission systems: 1. NTFS permissions 2. Share permissions 3. Registry permissions 4. Active Directory permissions b. Understanding the Windows Permission Architecture i. Permissions are stored in an Access Control List (ACL) 1. Collection of individual permissions, in the form of access control entries (ACEs). 2. Manage permissions - Security tab of the element’s Properties dialog box c. Understanding Basic and Advanced Permissions i. Basic Permissions 1. Security tab - permissions you are seeing are called basic permissions. 2. Basic permissions are combinations of advanced permissions, which provide the most granular control over the element. d. Allowing and Denying Permissions i. When you assign permissions to a system element, you are, in effect, creating a new ACE in the element’s ACL. 1. There are two basic types of ACEs: a. Allow b. Deny ii. This makes it possible to approach permission management tasks from two directions: 1. Additive 2. Subtractive e. Inheriting Permissions i. Permissions tend to run downwards through a hierarchy, in other words Crap rolls downhill.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture