Winsec2E Lab02 AW
Assessment Worksheet
Using Access Control Lists to Modify File System Permissions on Windows Systems
IS3340
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
7/31/2015
Lab Due Date: ________________________________________________________________
Overview
In this lab, you used the Windows command-line utility, icacls.exe, to establish file-level permissions following a set of access control requirements. You tested those permissions by remotely accessing the Windows server and attempting to modify files in the secured folders. You used screen captures to document that the access control changes you made in this lab were properly applied.
Lab Assessment Questions & Answers
1. What is the principle of least privilege?
A user has access to the information that they need to compete a task and nothing more. 2. What does ACL stand for and how it is used?
Access Control List.
3. Why would you add permissions to a group instead of the individual?
Its easier to manage a group than an individual.
4. List at least three different types of access control permissions you can enable for a file using icacls.exe.
Read, write, read/write
Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
Student Lab Manual
5. Which access control permissions allow you to change files and/or folders? read/write 6. If you don’t remember the syntax when using icacls.exe, what command do you type to see the options? iCacls.exe 7. Without using the icacls.exe tool, how could you view and modify the privileges of the files or folders of a shared drive?
Cacls.exe
8. Where do permissions modified using the icacls.exe tool appear in the folder
Properties?
Security Tab
Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning
Using Access Control Lists to Modify File System Permissions on Windows Systems
IS3340
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
7/31/2015
Lab Due Date: ________________________________________________________________
Overview
In this lab, you used the Windows command-line utility, icacls.exe, to establish file-level permissions following a set of access control requirements. You tested those permissions by remotely accessing the Windows server and attempting to modify files in the secured folders. You used screen captures to document that the access control changes you made in this lab were properly applied.
Lab Assessment Questions & Answers
1. What is the principle of least privilege?
A user has access to the information that they need to compete a task and nothing more. 2. What does ACL stand for and how it is used?
Access Control List.
3. Why would you add permissions to a group instead of the individual?
Its easier to manage a group than an individual.
4. List at least three different types of access control permissions you can enable for a file using icacls.exe.
Read, write, read/write
Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
Student Lab Manual
5. Which access control permissions allow you to change files and/or folders? read/write 6. If you don’t remember the syntax when using icacls.exe, what command do you type to see the options? iCacls.exe 7. Without using the icacls.exe tool, how could you view and modify the privileges of the files or folders of a shared drive?
Cacls.exe
8. Where do permissions modified using the icacls.exe tool appear in the folder
Properties?
Security Tab
Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning