1 / 30

Goals

Goals. Understand File Allocation Table (FAT) Understand NTFS Compress and encrypt data on an NTFS Volume Assign shared folder permissions Set NTFS permissions Set special access permissions Troubleshoot permissions Understand Distributed File System Manage a Dfs Root. (Skill 1).

branxton
Télécharger la présentation

Goals

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Goals • Understand File Allocation Table (FAT) • Understand NTFS • Compress and encrypt data on an NTFS Volume • Assign shared folder permissions • Set NTFS permissions • Set special access permissions • Troubleshoot permissions • Understand Distributed File System • Manage a Dfs Root

  2. (Skill 1) Introducing File Allocation Table (FAT) • An older file system that can be read and accessed by most operating systems such as DOS, Windows 3.x, Windows 9.x, Windows NT, Windows 2000, Windows XP, and Windows Server 2003 • FAT allocates storage space to files by setting up allocation units on a hard disk • An allocation unit, also known as a cluster, is the smallest unit for allocating storage space on a partition or volume • Sectors are the basic units of the physical drive and are the smallest units that can be used to transfer data to and from the disk

  3. (Skill 1) Figure 5-1 FAT file system

  4. (Skill 1) Introducing File Allocation Table (FAT) (2) • Two primary versions • FAT16 file system • Supports partitions of up to 4 GB in size • Only Windows NT, Windows 2000, Windows XP, and Windows Server 2003 support FAT16 partitions larger than 2 GB • Is efficient on small-sized partitions of up to 256 MB • Supports dual booting by all Microsoft operating systems • Provides only folder-level security • FAT32 • Similar to FAT16 • It supports large-sized partitions of up to 2 TB (2047 GB)

  5. (Skill 1) Figure 5-2 The FAT file system

  6. (Skill 2) Introducing NTFS Reliability • NTFS is a recoverable file system • Volumes can be created that do not result in data loss in the event of a server crash or power failure Security • You can secure data by setting up permissions to control user access to files and folders Long file names • NTFS natively allows file names to be up to 256 characters in length Efficiency • NTFS is required in order to use certain features, such as Active Directory, which stores and manages network resources efficiently Faster access • NTFS minimizes the number of disk accesses required to find a file, which increases access speed

  7. (Skill 3) Compressing and Encrypting Data on an NTFS Volume Data compression • Built-in feature that increases available storage on a hard disk • In NTFS volumes, you can compress only specific files and folders or the entire volume • When you add a new file or folder to a compressed folder, it is compressed automatically • You cannot compress an encrypted file Data encryption • A security technique that attempts to ensure the confidentiality of a document by scrambling it using an encryption key • You cannot encrypt a compressed file

  8. (Skill 3) Figure 5-3 Creating a new folder

  9. (Skill 3) Click to open the Advanced Attributes dialog box Figure 5-4 The Properties dialog box

  10. (Skill 3) Figure 5-5 Advanced Attributes dialog box with compression enabled

  11. (Skill 3) Figure 5-6 Confirm Attribute Changes dialog box

  12. (Skill 3) Figure 5-7 Advanced Attributes dialog box with encryption enabled

  13. (Skill 4) Assigning Shared Folder Permissions • Read permissions • View file and folder names • Execute program files • Navigate within the shared folder • Change permissions • Add files to the shared folder • Create new folders within the shared folder • Modify the content and attributes of the files • Delete files and folders • Execute all of the tasks included in the Read permission • Full Control permissions • Modify file permissions • Take file ownership • Perform all of the tasks allowed by the Change permission

  14. (Skill 4) Figure 5-8 Sharing a folder

  15. (Skill 4) Figure 5-9 Adding a user account

  16. (Skill 4) Figure 5-10 Assigning shared folder permissions

  17. (Skill 5) Setting NTFS Permissions • NTFS permissions • Restrict unauthorized access to files and folders • Secure network resources by controlling the level of access for each user • Standard NTFS folder permissions • Read • Write • List Folder Contents • Read & Execute • Modify • Full Control

  18. (Skill 5) Setting NTFS Permissions (2) • Standard NTFS file permissions include: • Read • Write • Read & Execute • Modify • Full Control

  19. (Skill 5) Setting NTFS Permissions (3) • When you apply permissions to a drive or folder, you are also applying those permissions to all files and folders underneath it, by default • Guidelines for assigning NTFS permissions • Create folders to organize data into categories • Assign users the lowest level of permissions required for them to perform their jobs • Assign the Read and Write permissions to the Users group • Avoid assigning the Full Control Permission for a folder • Deny permissions sparingly • Assign permissions to groups rather than to individual user accounts

  20. (Skill 5) Figure 5-11 Advanced Security Settings dialog box

  21. (Skill 5) Setting NTFS Permissions (4) • Other important factors • NTFS permissions can be inherited • Assign multiple NTFS permissions • NTFS file permissions override NTFS folder permissions • A denied permission overrides an allowed permission

  22. (Skill 5) The Read & Execute, List Folder Contents, and Read NTFS permissions are assigned to user accounts by default Figure 5-12 Assigning the Write Permission

  23. (Skill 6) Setting Special Access Permissions • Standard NTFS permissions should suffice in most cases • Special level of permissions are available • Set and view special permissions in the Advanced Security Settings for <file_name /folder_name > dialog box from within the file properties • This dialog box gives you access to all possible permissions available for a file or folder • Do not configure special permissions unless absolutely necessary because setting them may make it difficult to determine the level of access assigned to a user

  24. (Skill 6) Figure 5-13 The Security tab in the Properties dialog box for a file or folder

  25. (Skill 6) Figure 5-14 Jennifer Johnson’s special permissions

  26. (Skill 6) Figure 5-15 The entry for Jennifer Johnson

  27. (Skill 6) Figure 5-16 Giving Jennifer the Change Permissions permission

  28. (Skill 7) Troubleshooting Permissions • Steps to follow if a user cannot access files and folders • Verify that permissions have been assigned to the user account and check to see if there any permission denials that are overriding the assigned permissions • Check for permissions and denials assigned to groups to which the user is a member • If the resource is remote, check both shared folder and NTFS permissions • Make sure the access token has been updated • Use the Effective Permissions tab on the Advanced Security Settings for <file_name/folder_name > dialog box • Query the file system and group memberships for a user to determine the effective permissions the user has • Take all of the user’s group memberships into account

  29. (Skill 7) Figure 5-17 The Effective Permissions tab

  30. (Skill 7) Figure 5-18 Jennifer Johnson’s effective permissions

More Related