CPT 499C lecture 12 Security

CPT 499C lecture 12 Security - DEPARTMENT OF COMPUTER &...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Security Slide 1 Security SIDs, RIDs and Groups Lions & Tigers & Bears
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security Slide 2 Learning Objectives Identify registry keys used to define users and groups Associate a SID with a user Determine group membership Define “rights” and “permissions “ Describe the contents of a Security Descriptor Identify the owner of an object Determine permissions associated objects
Background image of page 2
Security Slide 3 User Accounts
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security Slide 4 User Accounts Allow users to logon to a system Each account has a unique username and Security Identifier Default accounts on all systems Administrator has full control Guest has limited access Custom user accounts can be added
Background image of page 4
Security Slide 5 Security Identifier (SID) Number to uniquely identify entities that perform actions on a system Each computer is assigned a unique SID during Operating System installation Custom group and local account SIDs are based on the source computer’s SID and include a Relative Identifier (RID) Each SID is used only once But accounts can be renamed or deleted
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security Slide 6 Security Identifier (SID) Begins with prefix “S” Second value is Revision Number Third value is Identifier Authority Revision number Identifier Authority
Background image of page 6
Security Slide 7 Relative Identifier (RID) The portion of a SID that uniquely identifies a user or custom group 500 is Administrator 501 is Guest Users and custom groups begin with 1000 and increment by 1 RID
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security Slide 8 Security Accounts Manager Local user database is stored in the Security Accounts Manager (SAM) file Located in % systemroot %\system32\config SAM file is encrypted Original encryption was weak and easily broken SAM file may be doubly encrypted with Syskey Syskey included with NT 4 SP3 Syskey applied by default in Windows 2000/XP
Background image of page 8
Security Slide 9 User Accounts After Logon, home directory is created % systemroot% \profiles\ username NT 4.0 default storage Documents and Settings\ username Windows 2000/XP default storage unless upgraded from NT 4.0 NTUSER.DAT created in home directory Stores information specific to the user
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security Slide 10 Associate a SID with a User Back to the registry…
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 55

CPT 499C lecture 12 Security - DEPARTMENT OF COMPUTER &...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online