Manage File System Security
Welcome to the "Manage File System Security" Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.
Welcome to the Manage File System Security Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.
In this module, you will complete the following exercises:
- Exercise 1 - Understand Shared Folders and NTFS Permissions
- Exercise 2 - Manage File Permissions
After completing this lab, you will be able to:
- Create shared folders and modify NTFS permissions
- Evaluate effective permissions
- Create mapped network drives
The following exam objectives are covered in this lab:
- Understand file and printer sharing - Configure File System permissions, configure Share permissions, configure effective permissions, create shares, create mapped drives
It will take approximately 45 minutes to complete this lab.
Exercise 1 - Configure Shared Folders and NTFS Permissions
Windows operating system use share permissions to advertise the availability of resources like folders and printers to users in a Windows network. This applies whether a Windows server is in a workgroup or in a domain environment.
In a Windows Active Directory domain, members of the Domain Admins or Server Operators group gives a user the capability to create shared folders. For non-domain joined Windows computers, membership in Administrators or Power Users group, grants a user the ability to create shared folders.
To further secure a server’s file system, administrators must configure NTFS security by assigning groups with the relevant permissions to folders that they must access over a network.
In this exercise, you will use different methods to configure share permissions using Windows Server 2012 R2 and Windows 10 computers.
Exercise 2 - Manage File Permissions
It is essential that shared folder permissions and NTFS security be configured first to secure the server’s file system. From here on, files and folders can be accessed by domain network users from their workstations.
When a user connects to a shared folder, a user’s effective perm also called “effective access.” A user’s effective access is evaluated based on the rule: when shared folder and NTFS permissions combine the most restrictive permission will apply.