Study Guides (390,000)
CA (150,000)
Ryerson (10,000)
ITM (400)

ITM 315 Study Guide - Midterm Guide: Microsoft Management Console, Ntfs, File System Permissions

Information Technology Management
Course Code
ITM 315
Frank Prychidny
Study Guide

This preview shows pages 1-3. to view the full 14 pages of the document.
Chapter 5
Shared folder
A data resource made available over a network to authorized network clients
Specific permissions required for creating, reading, modifying
Groups that can create shared folders:
Server Operators
2 Ways to create shared folders:
Computer management console A predefined Microsoft management console
application that allows you to perform a variety of administrative tasks, such as sharing
and monitoring folders for both local and remote computers. My computer, manage,
right click shares folder - > new share
Windows explorer interface In start, accessories -> Windows Explorer -> make folder -
> right click and pick sharing and security -> check share this folder
Net Share Command
Hidden folders in My Network Place is done by placing a $ at the end of the name
Administrators have full access, everyone has read access
A shared folder has a discretionary access control list (DACL)
Contains a list of user or group references that have been allowed or denied permissions
Each reference is an access control entry (ACE); Each user or group listed in DACL is this
Accessed from Permissions button on Sharing tab of folder’s properties
Permissions only apply to network users, not those logged on directly to local machine

Only pages 1-3 are available for preview. Some parts have been intentionally blurred.

Deny always overrides any permissions that are allowed
i.e. if you deny a shared folder permission to a user, the user will not have that
permission, even if you allow the permission for a group of which the user is a member
Share permissions apply to folders not files
Permissions on a shared folder are inherited by subfolders
Shared folders permissions provide a way to secure file resources on FAT and NTFS partitions.
(They are the ONLY way to secure file resources on FAT volumes)
Default permissions on a shared folder give Everyone group read access
Should be addressed immediately when a share is created
NTFS Permissions
Permissions: Privileges to access and manipulate resource objects, such as folders and printers
NTFS permissions are applied whenever a folder or file is accessed the user may be logged on
to the computer where the file is located or may access the file across a network connection.
NTFS permissions are configured vie the Security tab which is accessed by right-clicking any file
or folder and clicking Properties.
Access denial always overrides permitted access
NTFS folder permissions are inherited unless otherwise specified
NTFS permissions can be set at file or folder level
Permissions are Cumulative
NTFS file permissions take priority over NTFS folder permissions.

Only pages 1-3 are available for preview. Some parts have been intentionally blurred.

e.g. if a user is assigned the Write permission to a folder and the Modify permission to a
file in that folder, the user can both write to and modify the file
e.g. if a user has no permissions to a folder but has Change permission for a file in that
folder, will the user be able to open the file? How?
(If a user has no permissions for a folder that contains a file for which the user
has Change permission, the user can open the file form the file’s appropriate
application by typing the full UNC or path to the file.)
When a user or group is added to an NTFS file or folder, the default permissions are:
Read and Execute
List Folder Contents
Windows Server 2003 has set of standard permissions plus special permissions
14 Special permissions; advanced button in security tab
Effective Permissions
Permissions that actually apply to a user can be the result of membership in multiple groups
Prior to Windows Server 2003, determining effective permissions was done manually
In Windows Server 2003, there is an Effective Permissions tab in Advanced Security Settings
dialog box for resource
Shows specific permissions for a user or group
Guidelines for Setting Permissions
Protect the Windows folder that contains operating system files by allowing limited access, such
as Read & Execute, List Folder Contents
Protect server utility folders (containing backup software and network mgt), with access only for
Administrators, Server Operators, Backup Operators
Protect software application folders with Read & Execute
Set up publicly used folders with Modify for broad user access
Give users Full Control of their own home folders
Remove general access groups such as Everyone and Users from confidential folders
You're Reading a Preview

Unlock to view full version