NetTech Solutions Security and Security Permissions Lesson Nine.
-
Upload
camron-davis -
Category
Documents
-
view
235 -
download
0
Transcript of NetTech Solutions Security and Security Permissions Lesson Nine.
NetTech Solutions
Security and SecurityPermissions
Lesson Nine
NetTech Solutions
Exam Objectives
• Identify and troubleshoot problems related to security issues
• Answer end-user questions related to application security
• Troubleshoot access to local resources
• Troubleshoot access to network resources
• Troubleshoot insufficient user permissions and rights
NetTech Solutions
Lessons in this Chapter:
• Understanding Security Permissions
• Troubleshooting Group Membership
• Troubleshooting Local Security Settings
• Understanding Group Policy
NetTech Solutions
Understanding Security Permissions
• Windows XP Simple File Sharing is enabled by default for workgroups
NetTech Solutions
What you can do with Simply File Sharing
• users can do the following:– Share folders with everyone on
the network– Allow users who access the
folder to view the files, edit the files, or both
– Make folders in his or her user profile private
NetTech Solutions
What you can’t do with Simply File Sharing
• does not permit users to do the following:– Prevent specific users and
groups from accessing folders– Assign folder permissions to
specific users and groups– View the Security tab of a shared
folder’s Properties dialog box
NetTech Solutions
To enable or disable Simple File Sharing
• Under FolderOptions > Viewtab.
• Check the boxto enable
• Uncheck thebox to disable
NetTech Solutions
Simple File Sharing Disabled
NetTech Solutions
Simple File Sharing Enabled
NetTech Solutions
Exam Tip
• Remember the limitations of Simple File Sharing when you are exploring a situation on the exam.
• Simple File Sharing is really an all-or-none proposition; the object is shared with everyone on the network or not shared at all.
NetTech Solutions
Sharing on the same computer
• Windows creates a shared folder for each user. You can drag files to share into that folder.
NetTech Solutions
Troubleshooting Simple File Sharing
• Table 9-1– Page 9-5,6
NetTech Solutions
Working with Shared Folders
NetTech Solutions
Know the File Sharing Permissions
• Read Allow Deny
• Change Allow Deny • Full Control Allow Deny
NetTech Solutions
Troubleshooting Share Permissions
• Table 9-2– Page 9-8
NetTech Solutions
Working with NTFS Permissions
NetTech Solutions
Know the File Security Permissions
• Read Allow Deny
• Write Allow Deny
• List Folder Contents Allow Deny
• Read and Execute Allow Deny
• Modify Allow Deny
• Full Control Allow Deny
NetTech Solutions
Troubleshooting NTFS Permissions
• Table 9-3– Page 9-12
NetTech Solutions
When Both Share and NTFS Permissions Exist
• Effective folder permission of both is the most restrictive.
• Effective group permission to share or NTFS is the least restrictive.
• Effective permission where Deny is applied will be Deny.
NetTech Solutions
Built-In Local Groups and Their Privileges
• Administrators, • Power Users,• Users, and• Backup Operators• Guest
NetTech Solutions
Administrators
• Take ownership of files and folders• Back up and restore system data• Set local policies• Install service packs and Windows
updates• Perform upgrades• Perform system repairs such as
installing device drivers and system services
• Audit the network and manage logs
NetTech Solutions
Power Users
• Modify computer-wide settings such as date, time, and power options
• Run older and noncertified Microsoft applications
• Install programs that do not modify operating system files or install system services
• Create local user accounts and local groups• Manage local user accounts and local groups• Stop and start system services that are not
started by default• Customize network printers• Take ownership of files• Back up and restore directories• Install device drivers
NetTech Solutions
Users
• Members of the Users group can do the following:– Shut down their own workstations– Lock the workstation– Create local groups– Manage the local groups they have created– Run programs that are certified by Microsoft as
compatible and that have been previously installed by administrators
– Retain ownership of files and folders that they create
• Members of the Users group cannot do the following:– Modify system wide registry settings, operating system
files, or program files– Shut down servers– Manage local groups that they did not create– Run older applications or applications that are not
certified by Microsoft– Share directories– Share printers
NetTech Solutions
Backup Operators
• Can back up and restore files on the computer, regardless of the permissions on those files.
NetTech Solutions
Practice: Configure Security Permissions
• Page 9-16
NetTech Solutions
Troubleshooting Group Membership
• When Users Are Members of More than One Group– Permissions are cumulative
• Changes in Group Membership– You can use the Effective
permission tab to determine effective permissions
NetTech Solutions
Effective Permissions
NetTech Solutions
Practice:
• Add a User to the Backup Operators Group– Page 9-21
NetTech Solutions
Troubleshooting Local Security Settings
• Understanding Local Security Settings– Account policies– Local security policies
NetTech Solutions
Two Kinds Of Account Policies:
• Password policies• Account lockout policies
NetTech Solutions
Three Kinds Of Local Security Policies:
• Audit policies• User rights assignments• Security options
NetTech Solutions
Local Security Policy
• Through Control Panel Administrative Tools:
NetTech Solutions
Account Policies
• Password Policies• Enforce Password History• Maximum Password Age• Minimum Password Age• Minimum Password Length• Password Must Meet Complexity
Requirements• Store Password Using Reversible
Encryption For All Users In The Domain
NetTech Solutions
Account Lockout Policies
• Account Lockout Duration• Account Lockout Threshold• Reset Account Lockout
Counter After
NetTech Solutions
Reset a User’s Password
• Must be logged in as Administrator
NetTech Solutions
Force a User to Change a Password at Next Logon
• User Account Properties
NetTech Solutions
Local Security Policies
• Audit Policies• User Rights Assignment
– Access the computer from the network– Add workstations to a domain– Back up files and directories– Change the system time– Create permanent shared objects– Load and unload device drivers– Log on locally– Manage auditing and the security log– Remove a computer from a docking station– Shut down the system– Take ownership of objects
NetTech Solutions
Local Security Policies
• Security Options– Administrator account status– Guest account status– Renaming the Administrator or Guest account– Shutting down the system if security audits
cannot be logged– Preventing users from installing printer drivers– Unsigned device driver installation behavior– Displaying the last user name– Requiring CTRL+ALT+DEL when logging on– If message text is to appear when users log on– If logoff is forced when users’ logon hours expire– If the virtual memory pagefile should be cleared
when the computer is shut down
NetTech Solutions
Practice:
• Configure Local Security Settings– Page 9-30
NetTech Solutions
Understanding Group Policy
• Understanding Group Policy• Used to customize and standardize
– Which programs can be accessed by users– What is shown on the desktop– What the Start menu and taskbar look like– Which screen saver or wallpaper is used– Where data is saved (which can be on a
network server, not the local computer)– Which Control Panel tools can be accessed
NetTech Solutions
Group Policy Settings in a Workgroup
• You configure Group Policy for computers, users, or both
• To open use gpedit.msc
NetTech Solutions
Group Policy
• Two View: Extended and Standard
NetTech Solutions
To Set a Group Policy
NetTech Solutions
Group Policy Settings in a Domain
• Two Default Policies– Default Domain– Default Domain Controller
NetTech Solutions
Troubleshooting Group Policy
• Problems occur when there is a conflict between Local and Non-Local Group Policies.
• Non-local policies can over ride local policies.
NetTech Solutions
Common Group Policy Restrictions
• Table 9-4– Page 9-37
NetTech Solutions
Practice:
• Configure Group Policy in a Workgroup– Page 9-38
NetTech Solutions
Summary
• Case Scenario– Page 9-39
• Troubleshooting Lab– Page 9-40
• Exam Highlights– Page 9-42