Lab 1 Essay Example
LAB #1 - Assessment Worksheet
1) What does DACL stands for and what does it mean?
DACL is a list of Access control entries; it defines access control for users and groups.
2) Why would you add permissions to a group instead of the individual? What policy definition do you think is required to support this type of access control implementation?
When adding permissions to a group it makes it easier for a large organization and just set up the access for the departments, or job roles. Creating GPO is best use for this job.
3) List the 5 different access control permissions that can be enabled on user folders and data within a Microsoft Windows Server.
Full Control, Modify, Read & Execute, Read, Write, Special permissions.
4) What is the lowest level of permission you can enable for a user who must view the contents of a folder and its files? Why is this type of permission necessary?
Read permission, this permission is necessary to allow the user of a group to get information of another department in the business.
5) What are other available Password Policy options that could be enforced within a Microsoft Windows Server to improve security?
Under account options you can have the user either change and make their own password upon next logon, make it so they cannot change the password unless allowed to by admin, make the password expire or not, and enable reversible encryption.
6) Is using the option to Store passwords using reversible encryption a good security practice? Why or why not? When should you enable the option to Store passwords using reversible encryption?
It is known as not a normal practice, it is used for applications or programs to read the users password for permission to use. It stores the password as plain text, and used in last resort situations where there is no need to protect the password or other options are outweighed for risk.
7) What’s the difference between a Local Group Policy and a Domain Group Policy?
Local Group Policy;
1) What does DACL stands for and what does it mean?
DACL is a list of Access control entries; it defines access control for users and groups.
2) Why would you add permissions to a group instead of the individual? What policy definition do you think is required to support this type of access control implementation?
When adding permissions to a group it makes it easier for a large organization and just set up the access for the departments, or job roles. Creating GPO is best use for this job.
3) List the 5 different access control permissions that can be enabled on user folders and data within a Microsoft Windows Server.
Full Control, Modify, Read & Execute, Read, Write, Special permissions.
4) What is the lowest level of permission you can enable for a user who must view the contents of a folder and its files? Why is this type of permission necessary?
Read permission, this permission is necessary to allow the user of a group to get information of another department in the business.
5) What are other available Password Policy options that could be enforced within a Microsoft Windows Server to improve security?
Under account options you can have the user either change and make their own password upon next logon, make it so they cannot change the password unless allowed to by admin, make the password expire or not, and enable reversible encryption.
6) Is using the option to Store passwords using reversible encryption a good security practice? Why or why not? When should you enable the option to Store passwords using reversible encryption?
It is known as not a normal practice, it is used for applications or programs to read the users password for permission to use. It stores the password as plain text, and used in last resort situations where there is no need to protect the password or other options are outweighed for risk.
7) What’s the difference between a Local Group Policy and a Domain Group Policy?
Local Group Policy;