Windows Vista Configuration MCTS 70-620: NTFS Security Features and File Sharing.

Slides:



Advertisements
Similar presentations
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Advertisements

1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
1 File systems security: Shared folders & NTFS permissions, EFS (Week 6, Monday 2/12/2007) © Abdou Illia, Spring 2007.
MIS Chapter 51 Chapter 5 – Managing File Access MIS 431 Created Spring 2006.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
1 Chapter Overview Managing Compression Managing Disk Quotas Increasing Security with EFS Using Disk Defragmenter, Check Disk, and Disk Cleanup.
 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.
STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES Windows Encryption File System (EFS) Tech Briefing July 18 th 2008
Chapter 5 File and Printer Services
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
NTFS. Authentication Is the person who she says she is? If so, access is allowed In Windows, authentication is handled by a password-protected user account.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 6: Windows File and Print Services.
®® Microsoft Windows 7 for Power Users Tutorial 5 Comparing Windows 7 File Systems.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 14 Windows XP Professional 1.
Week 9 Objectives Securing Files and Folders Protecting Shared Files and Folders by Using Shadow Copies Configuring Network Printing.
Microsoft ® Official Course Module 8 Securing Windows 8 Desktops.
© 2010 The McGraw-Hill Companies, Inc. All rights reserved Mike Meyers’ CompTIA A+ ® Guide to Managing and Troubleshooting PCs Third Edition Securing Windows.
Week #7 Objectives: Secure Windows 7 Desktop
With Windows XP, you can share files and documents with other users on your computer and with other users on a network. There is a new user interface.
A+ Guide to Software Managing, Maintaining and Troubleshooting THIRD EDITION Chapter 8 Managing and Supporting Windows XP.
Managing, Organizing and Finding Files, Information, Shared Folders and Offline Folders powered by dj.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.
Troubleshooting Windows Vista Security Chapter 4.
IOS110 Introduction to Operating Systems using Windows Session 8 1.
PC Maintenance: Preparing for A+ Certification Chapter 23: Using a Windows Network.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Module 3 Configuring File Access and Printers on Windows ® 7 Clients.
Configuring Data Protection Chapter 12 powered by dj.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Module 3: Configuring File Access and Printers on Windows 7 Clients
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.
Ch 17 Securing the File System. Three Ways to Protect Files NTFS Permissions Encrypting File Service BitLocker full-disk encryption – BitLocker ToGo.
Page 1 NTFS and Share Permissions Lecture 6 Hassan Shuja 10/26/2004.
Understanding Backup and Recovery Methods Lesson 8.
Module 5: Configuring and Managing File Systems. Overview Working with File Systems Managing Data Compression Securing Data by Using EFS.
Managing Applications, Services, Folders, and Libraries Lesson 4.
1 Introduction to NTFS Permissions Assign NTFS permissions to specify Which users and groups can gain access to folders and files What they can do with.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Understand Encryption LESSON 2.5_A Security Fundamentals.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 14 – Windows Security.
Lesson 18: Configuring Security for Mobile Devices MOAC : Configuring Windows 8.1.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
1 Introduction to Shared Folders Shared folders provide network users access to files. Users connect to the shared folder over the network. Users must.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
11 SUPPORTING WINDOWS XP FILE AND FOLDER ACCESS Chapter 5.
ITMT Windows 7 Configuration Chapter 6 – Sharing Resource ITMT 1371 – Windows 7 Configuration 1.
NTFS. Authentication Is the person who she says she is? If so, access is allowed In Windows, authentication is handled by a password-protected user account.
Introducing, Installing, and Upgrading Windows 7
Module 4: Managing Access to Resources
Network Locations in Windows 7
Presentation transcript:

Windows Vista Configuration MCTS : NTFS Security Features and File Sharing

NTFS Benefits Improved support for much larger hard disks. Can recover from some disk-related errors automatically. Better security because you can use permissions and encryption to restrict access to specific files to approved users.

NTFS File Permissions

When you are managing NTFS permissions, remember the following: You can set only file and folder permissions on drives formatted to use NTFS. Performing this procedure might require you to elevate permissions through the User Account Control. To change permissions, you must be the owner or have been granted permission to do so by the owner. Groups or users that are granted full control for a folder can delete files and subfolders within that folder. If the check boxes under Permissions for User or Group are shaded or if the Remove button is unavailable, the file or folder has inherited permissions from the parent folder. When adding a new user or group, by default, this user or group will have read and execute, list folder contents, and read permissions.

Sharing Files and Folders A shared folder makes the folder available for others to use on the network. File sharing is based NetBIOS and SMB. After a connection is established, data can be exchanged in the form of NetBIOS requests or in the form of SMBs. SMB 2.0 compounds multiple actions into a single request. SMB protocol uses the Uniform Naming Convention (UNC): \\servername\sharedname

Network Discovery Allows this computer On Turns on Network to see other network computers and devices and is visible to other network computers. File sharing Files and printers that you have shared from this computer can be accessed by people on the network. Public folder sharing People on the network can access files in the public folder. Printer sharing Allows users to access shared printers. Password-protected sharing Gives access to shared folder, including the Public Folder, to users who don't have a username and password that corresponds to a user account on the computer with the shared folder.

Sample Network Map

Subfolders of the Public Folder Public Documents Public Downloads Public Music Public Pictures Public Videos Recorded TV

Share and NTFS Permissions for the Public Folder

Share Permissions Owner/co-owner Have read and change permissions capabilities to change file and folder permissions and take ownership of files and folders Contributor Have read permissions Capability to create files and subfolders, modify files, change attributes on files and subfolders, and delete files and subfolders Reader Can view file and subfolder names, access the subfolders of the share, read file data and attributes, and run program files.

Shared Folder Model 1. Share the folder so that it can be accessed. 2. Set the share permissions. 3. Check and modify the NTFS file system permissions.

Setting Permissions on a Shared Resource Use the File Sharing Wizard to set permissions of a file or folder. The wizard enables you to select the user and group that can share the file or folder, and allows you to set permissions on the file or folder for each user or group. Use Windows Explorer to set permissions on a resource. You can use Windows Explorer to set permissions through the Share option or through the Properties page on a resource.

The Show Me All Files and Folders Option

Accessing a Shared Folder Users can connect to a shared file or folder as a network resource or map to it by using a driver letter on their machines. A network drive can be mapped to a shared file or folder using the Map Network Drive button. A network drive can be disconnected by: Right-clicking its icon and choosing Disconnect Or by typing in a UNC in the Run box or the address bar in Windows Explorer

File Encryption

Encryption File System Allows users to encrypt and decrypt files. Used to encrypt data and files in folders with a key. Smart cards are now supported for storing user EFS keys and administrative recovery keys. Client-side cached copies of network files can also be encrypted. The encryption certificate should be backed up the first time you encrypt a file or folder. The encrypted file can be shared by exporting the EFS certificate, then importing the EFS certificate, and then adding EFS certificate to the shared file.

BitLocker Drive Encryption Protects computers from attackers who have physical access to the computer. Without it, the attacker can… Start the computer with a boot disk and reset the administrator password. Access the hard disk directly using a different operating system to bypass the file permissions.

BitLocker can be used in three ways: TPM-only Transparent to the user and the login experience is unchanged. TPM with startup key Part of the encryption key is stored on a USB flash drive. TPM with PIN Requires a personal identification number (PIN) to be entered by the user.

BitLock Drive Encryption Modes TPM-only Only the TPM is used for validation. Without needing the startup key, user experience is unchanged. If the TPM is missing, a recovery key or password will be needed to gain access. Startup key Both TPM and startup key are used for validation. Without the correct startup key, BitLocker will enter Recovery mode.

System Requirements of BitLocker A computer with TPM or a removable USB memory device, such as a USB flash drive. Your computer must have at least two partitions, one that includes the drive Windows is installed on. Your computer must have a BIOS that is compatible with TPM and supports USB devices during computer startup.

NTFS Compression Selectively compress the contents of individual files, entire directories, or entire drives on an NTFS volume. Uses file compression that works by substitution. PC will run slower because it has to process the compression and decompression of files. Only use compression on files that are rarely used or when disk space is critical.