Lock the system in a secure location Set alarms alerting you to when a server

• Lock the system in a secure location. • Set alarms alerting you to when a server is shut down, so an intruder can be caught during a potential attack. NTFS vs FAT NTFS provides extended security features not available with the FAT file system. NTFS is built for speed. It uses a binary tree structure for directories to reduce the access time needed to locate files. NTFS minimizes file fragmentation in large disk volumes. NTFS uses small cluster sizes (512 bytes) to prevent wasted disk space. NTFS provides the ability to selectively compress individual files and directories or actual volumes on disks. Tip: If there is no need to boot DOS, and the system is not an RISC architecture, using FAT file systems are not recommended. Warning: A program called ntfsdos.exe is available to read files protected by Windows NTFS. The program is run after booting a system with a DOS diskette. This is not a security risk if the proper physical security measures are taken or floppy drives are not available on the system.

231 231 Shares The Shared Directory feature in the File Manager allows sharing of files and directories over the network. Shared object permissions can be established for FAT or NTFS file structures. The user must be a member of the Administrator group or Server Operator group to work with shared directory permissions. Users are unable to access files on a system through the network until there is a shared directory available. Once a directory has been shared on the system, users can log on to that system and be able to access the shared directory. To use the directory, the user must assign the share to an unassigned drive letter. When the directory is assigned a drive letter, the share can be accessed just like another hard disk on the system. Directory sharing can be viewed and stopped by an Administrator or Server Operator. 9.9 Object Permissions File and directory permissions are the foundation of most user-controlled security in Windows NT. Permissions are the rules associated with a particular object, which describe which users can access what objects, and how they have access to the objects. Object permissions for files are only available for files stored on NTFS volumes. File and directory permissions are cumulative, but the No Access permission overrides all other permissions. The types of file access permissions are: • No Access • Read • Change • Full Control • Special Access For directory access the following permissions are added: • List • Add • Read Object Ownership Object ownership allows the user to change permissions on the owned object. The user who is the creator of a file or directory is usually the owner. Users can’t give away ownership of their objects, but they can give other users permission to take ownership. This prevents users from creating objects and making them appear to be owned by another user. Ownership of a file or directory can be taken by an Administrator without the owner’s consent, but the Administrator can’t transfer ownership to others. Administrators cannot access private files without leaving some