IS451M Exam2Slide

  1. Standard NTFS Permissions
    • • Read
    • • Read&Execute
    • • List Folder Contents
    • • Write
    • • Modify
    • • Full Control
  2. Distributed File Services
    • • A way to combine multiple shared folders on different servers into one hierarchy (under 1 root)
    • • Stand-alone- only exists on 1 server
    • • Domain-based – allows fault-tolerance and load balancing, as well as using AD for copying a folder to multiple targets
  3. 2 Categories of permissions
    • standard
    • special
  4. Standard
    are pre-set, frequently used permissions for objects
  5. Special
    provide finer granularity to file/folder security
  6. New, Moved and Copied files and folders permissions
    • • When a file or folder is moved or copied, it will inherit the destination folder permissions.
    • • The only exception is when a file/folder is moved within the same NTFS volume - then it will retain its original permissions.
  7. Effective permissions
    • • User and Group NTFS permissions combine for the least restrictive combination, except where Deny overrides Allow. Files may have different permissions that parent folder permissions.
    • • When combining share and NTFS permissions always chose the MOST restrictive combination
  8. Effective NTFS permissions
    • 1. Determine effective shared by choosing the least restrictive of all shared. The exception is Denied permission overrides Allow.
    • 2. Determine effective NTFS by choosing the least restrictive of all shared. The exception is Denied permission overrides Allow.  
    • 3. Combine the results of steps 1 and 2 and choose the MOST restrictive permission out of share and NTFS. IF there is no overlap - no permissions are effective.
  9. Troubleshooting Permissions Problems
    • • When permissions are granted through group membership, a user needs to log off and log back on
    • • Watch out for “Deny” Permissions
    • • Watch out for individual folder permissions
    • • Watch out for a conflicting combination of NTFS/Shared permissions
    • • File permissions change after being moved/copied
  10. Shared Folder Permissions
    • • Share permissions are different from NTFS (NTFS and share permissions are cumulative)
    • • Deny permissions take precedence’
    • • Shared folders can be cached
    • • Shared Folders can be published in AD
    • • Reader (former Read)
    • • Contributor (former Change)
    • • Co-owner (former Full Control)
    • • Owner
  11. Folder and File Auditing
    • • Auditing tracks access to folders and files
    • • Audited events are recorded in the Windows Server 2008 Security Log in Event Viewer
    • • Folder and File ownership
    • • An owner is the person who creates a folder/file.
    • • Owner can change permissions
    • • Ownership can be transferred to a user with Full Control or Take Ownership permissions
    • • Administrators can always take ownership
  12. NTFS permissions
    • • NTFS permissions are specified in the object’s ACL and are used to control access to the object
    • • 2 Categories of permissions: Standard and Special
    • • Standard are pre-set, frequently used permissions for objects
    • • Special provide finer granularity to file/folder security
    • • NTFS permissions can be assigned by an owner, a user with Full Control, or a user with Change Permissions. Also, a user with Take Ownership permission can take ownership of the file/folder and then change permissions.
  13. Folder and File Attributes
    • • Read-only
    • • Hidden
    • • Extended attributes: Archive, Index (not Windows Search Service), Compress, Encrypt
  14. ACL
    -Access Control List (ACL) – list of privileges given to a user account or a group
  15. DACL
    – discretionary ACL – configured by an admin or owner
  16. SACL
    – system control ACL – contains information for auditing access
  17. Network printing process components
    • ○ Local print device
    • ○ Network print device
    • ○ Print client
    • ○ Print server
    • ○ Print job
    • ○ Printer driver
  18. Spooling
    ○ Frees the server CPU to handle other processing requests in addition to print requests
  19. Printing process steps
    • ○ Application client generates a print file
    • ○ Application communicates with the Windows graphics device interface (GDI)
    • ○ When the GDI is finished, the print file is formatted with control codes
    • ○ The remote print provider at the client makes a remote procedure call to the network print server
    • ○ The network print server uses four processes to receive and process a print file: router, print provider, print processor, and print monitor
    • ○ The Server service calls its router, the Print Spooler service
    • ○ While the file is spooled, the print provider works with the print processor to ensure that the file is formatted to use the right data type
    • ○ The print monitor pulls it from the spooler’s disk storage and sends it off to the printer
  20. XPS
    • XML Paper Specification (XPS)
    • An advanced way of printing documents for multiple purposes, including viewing electronic pages and printing pages in a polished format
  21. Print Services role
    • ○ Enables you to use the Print Management tool to manage shared printers
    • ○ Also enables you to track printing events through a log you can view using the Event Viewer
  22. Services within the print services role:
    • ○ Print Server
    • ○ Internet Printing
    • ○ LPD Service
  23. Printer Pooling
    • Involves configuring two or more identical printers connected to one print server
    • • All of the printers in a pool must be identical so that they use the same printer driver and handle print files in the same way
    • • The Add Port button enables you to add a new port
    • • The Delete Port button is used to remove a port option from the list of ports
  24. Disk storage types
    • Basic
    • Dynamic
  25. Basic storage
    – uses static partitions (physical disk divisions) that can’t span physical drives. Use industry-standard partitioning and formatting and can contain up to 4 primary and 1 extended partitions, as well as logical drives
  26. Dynamic storage
    – uses volumes that can span physical drives. Supports advanced options, including fault-tolerance. Unlimited number of volumes. No other O/S can access dynamic storage; not supported on laptops.
  27. Partitioning
    ○ A process that blocks a group of tracks and sectors to be used by a particular file system, such as NTFS
  28. Formatting
    ○ A process that creates a table containing file and folder information for a specific file system in a partition
  29. MBR
    Master Boot Record (MBR)
  30. GPT
    Globally Unique Identifier (GUID) Partition Table
  31. System
    – contains O/S boot files. Can only exists on a primary
  32. Boot
    – contains O/S system files. Can exist on a primary or extended.
  33. Primary
    - from which you can boot an OS, such as MS-DOS or Win2K Server. Can only have 4 per disk.
  34. Extended
    – serves to overcome limit of 4 primary partition, is not bootable. Can only have 1 per disk.
  35. Dynamic disks support 5 volume types:
    • - Simple
    • - Spanned
    • - Striped
    • - Mirrored
    • - Raid-5
  36. RAID
    • Redundant Array of Inexpensive (Independent) Disks
    • ○ A set of standards for lengthening disk life provide better performance and FT
    • • Software or Hardware RAID
    • • RAID levels – 0 through 6
    • • Server 2008 supports RAID levels 0, 1 and 5 through software
  37. Software RAID vs. Hardware RAID
    • • Software RAID implements fault tolerance through the server’s operating system
    • • Hardware RAID is implemented through the server hardware: ○ Independent of the operating system
    • • Advantages over software RAID:
    • -○ Faster read and write response
    • -○ The ability to place boot and system files on different RAID levels
    • -○ The ability to ‘‘hot-swap’’ a failed disk
    • -○ More setup options to retrieve damaged data
  38. Software RAID
    - implements fault tolerance through the server’s operating system
  39. Hardware RAID
    • - is implemented through the server hardware:
    • ○ Independent of the operating system
  40. Simple Volume
    • • A portion of a disk or an entire disk that is setup as a dynamic disk
    • • Can be extended with an unallocated space
    • • Doesn’t provide FT
  41. Spanned Volume
    • • Method of combining free space on 2 to 32 physical disks into a single volume with available space on each of the spanned disks of varying size
    • • Storage is accomplished by filling the space on one disk and moving to each subsequent spanned disk
    • • Not FT
    • • Can be extended (only those formatted with NTFS)
  42. Striped Volume – RAID 0
    • • Similar to spanned in that both permit 2-32 disks combined.
    • • Logically distributes the information simultaneously across all the disks, unlike spanned which sequentially store data. This architecture provides faster I/O
    • • Not FT
    • • Free space areas on each disk need to be of equal size.
  43. RAID-5 Volume
    • • Similar to striped, but is fault-tolerant
    • • Logically distributes the information simultaneously across all 3 or more disks, one of which stores parity
    • • If 1 disk fails, data can be reconstructed, but if more than 1 – it can’t.
    • • Writing is slower than striped, but reading is the same. When 1 disk fails performance degrades
    • • Calculate usable space: parity takes 1/n of the data, where n= number of disks in the volume.
    • • Free space areas on each drive need to be of equal size.
  44. Mirrored Volume – RAID 1
    • • Creating a shadow copy of data on a backup disk
    • • Requires 2 disks
    • • Most guaranteed FT, but less efficient use of disk space
    • • Read performance is the same as on any single disk drive, Write is slower than on single disk, but faster than RAID-5. No performance degradation when 1 disk fails.
    • • Disk Duplexing – 2 drives/2 controllers
  45. Shrinking a volume
    • • Windows Server 2008 comes with the ability to shrink a basic or dynamic disk volume
    • • Shrinking a volume enables you to create a new partition when one is needed and you don’t have extra disks
    • • When you shrink a volume, Windows Server 2008 starts from the end of that volume
    • ○ Works its way back through contiguous space to create unallocated disk space
    • You can specify the amount of space to recover
  46. Mounting a Drive
    • • Windows Server 2008 enables you to mount a drive as an alternative to giving it a drive letter
    • • Mounted drive
    • ○ One that appears as a folder and is accessed through a path like any other folder
    • • You can mount a basic or dynamic disk drive, a CD/DVD drive, or a removable drive
Card Set
IS451M Exam2Slide
review for exam 2 of is451m