Active Directory and Access Controls
1. What two access controls can be setup for a Windows Server 2003 folders and authentication?
Authentication and Access control.
2. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured?
Folder Contents. Read access only
3. 4. What is the mechanism on a Windows Server where you can administer granular policies and permissions on a Windows network using role-based access?
Group Policy Editor
4. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data. creates security principals in the Active Directory domain partition
5. Would it be a good practice to include the account or user name in the password? why or why not.
No it wouldn’t be good practice to include account or username in the password, it would make it easier to break the password using brute-force dictionary attack
6. Can a user who is defined in the Active Directory access a shared drive if that user is not part of the domain?
Non domain machines cannot access domain shared folders
7. Can a user who is defined in the Active Directory access a shared drive if that user is not part of the domain?
Non domain machines cannot access shared folders
8. Using what you know about access controls, what security controls would you recommend when granting access to LAN systems for guests (i.e., auditors, consultants, third-party individuals, etc.) that will maintain CIA of production systems and data?
Read only permissions with limited access
Authentication and Access control.
2. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured?
Folder Contents. Read access only
3. 4. What is the mechanism on a Windows Server where you can administer granular policies and permissions on a Windows network using role-based access?
Group Policy Editor
4. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data. creates security principals in the Active Directory domain partition
5. Would it be a good practice to include the account or user name in the password? why or why not.
No it wouldn’t be good practice to include account or username in the password, it would make it easier to break the password using brute-force dictionary attack
6. Can a user who is defined in the Active Directory access a shared drive if that user is not part of the domain?
Non domain machines cannot access domain shared folders
7. Can a user who is defined in the Active Directory access a shared drive if that user is not part of the domain?
Non domain machines cannot access shared folders
8. Using what you know about access controls, what security controls would you recommend when granting access to LAN systems for guests (i.e., auditors, consultants, third-party individuals, etc.) that will maintain CIA of production systems and data?
Read only permissions with limited access