1 / 18

NTFS Security

NTFS Security. NTFS Security. Understanding the structure of NTFS security • Control access to files and folders by using Permissions • Optimize access to files and folders by using NTFS best practices • Audit NTFS security • Troubleshoot access to files and folders. NTFS Security.

shawn
Download Presentation

NTFS Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. NTFS Security

  2. NTFS Security Understanding the structure of NTFS security • Control access to files and folders by using Permissions • Optimize access to files and folders by using NTFS best practices • Audit NTFS security • Troubleshoot access to files and folders

  3. NTFS Security

  4. NTFS Security

  5. NTFS Security USERS AND GROUPS • Built-in security groups • Assigned (by administrator) groups • Special groups • CREATOR OWNER group • INTERACTIVE group • NETWORK group • Everyone group • Authenticated Users group

  6. NTFS Security

  7. NTFS Security

  8. NTFS Security PERMISSION INHERITANCE • Subfolders and files inherit permissions • Inheritance can be blocked • Blocking required for new permissions

  9. NTFS Security

  10. NTFS Security PLANNING NTFS PERMISSIONS • Consolidate data • Assign permissions to folders • Assign most restrictive permissions possible • Use groups for permission assignment • Avoid excessively blocking inheritance • Avoid the Deny ACE

  11. NTFS Security STANDARD PERMISSIONS

  12. NTFS Security SPECIAL PERMISSIONS

  13. NTFS Security ADDING USER/GROUP PERMISSIONS

  14. NTFS Security HOW DOES IT WORK? • User logs on – access token is created • Access token contains user SID and group SIDs • User/Application accesses the resource • User access token is compared to ACEs in object’s DACL • If a SID in user’s access token matches the SID listed in an ACE access is granted or denied • If there is no match access is denied

  15. NTFS Security MULTIPLE NTFS PERMISSIONS • Sum of all ACEs for user or group • Most lenient permission is the effective permission • Deny overrides all

  16. NTFS Security VIEWING EFFECTIVE PERMISSIONS

  17. NTFS Security AUDITING NTFS ACCESS

  18. NTFS Security BEST PRACTICES • Assign most restrictive • Assign at folder level • Assign to groups • Avoid changing default NTFS permissions • Do not deny Everyone – add administrators first • Assign Read & Execute to users • Full Control to CREATOR OWNER in public folder • Do not assign permissions when there is no need

More Related