Download presentation
Presentation is loading. Please wait.
Published byBethanie Norman Modified over 8 years ago
1
Windows Vista Configuration MCTS 70-620: NTFS Security Features and File Sharing
2
NTFS Benefits Improved support for much larger hard disks. Can recover from some disk-related errors automatically. Better security because you can use permissions and encryption to restrict access to specific files to approved users.
3
NTFS File Permissions
5
When you are managing NTFS permissions, remember the following: You can set only file and folder permissions on drives formatted to use NTFS. Performing this procedure might require you to elevate permissions through the User Account Control. To change permissions, you must be the owner or have been granted permission to do so by the owner. Groups or users that are granted full control for a folder can delete files and subfolders within that folder. If the check boxes under Permissions for User or Group are shaded or if the Remove button is unavailable, the file or folder has inherited permissions from the parent folder. When adding a new user or group, by default, this user or group will have read and execute, list folder contents, and read permissions.
6
Sharing Files and Folders A shared folder makes the folder available for others to use on the network. File sharing is based NetBIOS and SMB. After a connection is established, data can be exchanged in the form of NetBIOS requests or in the form of SMBs. SMB 2.0 compounds multiple actions into a single request. SMB protocol uses the Uniform Naming Convention (UNC): \\servername\sharedname
7
Network Discovery Allows this computer On Turns on Network to see other network computers and devices and is visible to other network computers. File sharing Files and printers that you have shared from this computer can be accessed by people on the network. Public folder sharing People on the network can access files in the public folder. Printer sharing Allows users to access shared printers. Password-protected sharing Gives access to shared folder, including the Public Folder, to users who don't have a username and password that corresponds to a user account on the computer with the shared folder.
8
Sample Network Map
9
Subfolders of the Public Folder Public Documents Public Downloads Public Music Public Pictures Public Videos Recorded TV
10
Share and NTFS Permissions for the Public Folder
11
Share Permissions Owner/co-owner Have read and change permissions capabilities to change file and folder permissions and take ownership of files and folders Contributor Have read permissions Capability to create files and subfolders, modify files, change attributes on files and subfolders, and delete files and subfolders Reader Can view file and subfolder names, access the subfolders of the share, read file data and attributes, and run program files.
12
Shared Folder Model 1. Share the folder so that it can be accessed. 2. Set the share permissions. 3. Check and modify the NTFS file system permissions.
13
Setting Permissions on a Shared Resource Use the File Sharing Wizard to set permissions of a file or folder. The wizard enables you to select the user and group that can share the file or folder, and allows you to set permissions on the file or folder for each user or group. Use Windows Explorer to set permissions on a resource. You can use Windows Explorer to set permissions through the Share option or through the Properties page on a resource.
14
The Show Me All Files and Folders Option
15
Accessing a Shared Folder Users can connect to a shared file or folder as a network resource or map to it by using a driver letter on their machines. A network drive can be mapped to a shared file or folder using the Map Network Drive button. A network drive can be disconnected by: Right-clicking its icon and choosing Disconnect Or by typing in a UNC in the Run box or the address bar in Windows Explorer
16
File Encryption
17
Encryption File System Allows users to encrypt and decrypt files. Used to encrypt data and files in folders with a key. Smart cards are now supported for storing user EFS keys and administrative recovery keys. Client-side cached copies of network files can also be encrypted. The encryption certificate should be backed up the first time you encrypt a file or folder. The encrypted file can be shared by exporting the EFS certificate, then importing the EFS certificate, and then adding EFS certificate to the shared file.
18
BitLocker Drive Encryption Protects computers from attackers who have physical access to the computer. Without it, the attacker can… Start the computer with a boot disk and reset the administrator password. Access the hard disk directly using a different operating system to bypass the file permissions.
19
BitLocker can be used in three ways: TPM-only Transparent to the user and the login experience is unchanged. TPM with startup key Part of the encryption key is stored on a USB flash drive. TPM with PIN Requires a personal identification number (PIN) to be entered by the user.
20
BitLock Drive Encryption Modes TPM-only Only the TPM is used for validation. Without needing the startup key, user experience is unchanged. If the TPM is missing, a recovery key or password will be needed to gain access. Startup key Both TPM and startup key are used for validation. Without the correct startup key, BitLocker will enter Recovery mode.
21
System Requirements of BitLocker A computer with TPM or a removable USB memory device, such as a USB flash drive. Your computer must have at least two partitions, one that includes the drive Windows is installed on. Your computer must have a BIOS that is compatible with TPM and supports USB devices during computer startup.
22
NTFS Compression Selectively compress the contents of individual files, entire directories, or entire drives on an NTFS volume. Uses file compression that works by substitution. PC will run slower because it has to process the compression and decompression of files. Only use compression on files that are rarely used or when disk space is critical.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.