lab notes
1. User-based and groups or role-based controls are two types of access controls for Windows Server 2003 for folders and authentication.
2. Disabling of modify permissions would prevent from copying or modifying a file.
3. Group Policy allows for special policies and permissions on a Windows network via role-based access.
Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data?
4. Windows Server 2008 provides improvements from Active Directory of Server 2003. Read-only domain controllers (RODC) is possible to replicate a domain controller. Confidentiality - Maintains access across multiple systems with control over access at a central point. Reducing the number of systems that need an independent user/password combo reduces the chance that any one of them might be discovered.
5. Never include username or any name relating to a user. That is a vulnerability itself. Making it easy for attackers to figure out the password. Nothing that can give any type of hints is good practice. Longer passwords with combination or numbers and symbols do make it more challenging.
6. No, machines not joined to the domain cannot access the shared folders.
7. Yes credentials are required before accessing shared drives. Even if you are on the same domain you are sometimes still required to verify login before passing through.
8. Only the rights to view files and folders the guests need. They cannot modify or delete files. Giving more access to Auditors alone could throw up red flags and get you in trouble for breaking security protocols.
2. Disabling of modify permissions would prevent from copying or modifying a file.
3. Group Policy allows for special policies and permissions on a Windows network via role-based access.
Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data?
4. Windows Server 2008 provides improvements from Active Directory of Server 2003. Read-only domain controllers (RODC) is possible to replicate a domain controller. Confidentiality - Maintains access across multiple systems with control over access at a central point. Reducing the number of systems that need an independent user/password combo reduces the chance that any one of them might be discovered.
5. Never include username or any name relating to a user. That is a vulnerability itself. Making it easy for attackers to figure out the password. Nothing that can give any type of hints is good practice. Longer passwords with combination or numbers and symbols do make it more challenging.
6. No, machines not joined to the domain cannot access the shared folders.
7. Yes credentials are required before accessing shared drives. Even if you are on the same domain you are sometimes still required to verify login before passing through.
8. Only the rights to view files and folders the guests need. They cannot modify or delete files. Giving more access to Auditors alone could throw up red flags and get you in trouble for breaking security protocols.