8-15LESSON 2 ASSIGNING NTFS PERMISSIONS AND SPECIAL PERMISSIONSTHE OWN...

Question

8-15Lesson 2 Assigning NTFS Permissions and Special Permissionsthe owner of the file. The owner of a file can grant another user permission to takeownership of the file. This grants users the ability to read and modify documentsthat other users create (and the ability to read, modify, and delete the files andfolders that they create).■ Do not make denying permissions a part of your permissions plan. Deny permis-sions only when it is essential to deny specific access to a specific user account orgroup.■ Encourage users to assign permissions to the files and folders that they create andteach them how to do so.Real World Managing Permissions StructuresThe availability of so many different permissions often lures administrators intocreating permission structures that are much more complicated than necessary. Inaddition to following the guidelines set out in this chapter (such as applying per-missions to folders instead of files, and assigning permissions to groups instead ofuser accounts), you can make a permissions structure more manageable by doingthe following:■ For most companies, you will want to err on the side of being too secure.Make it a practice to lock everything down with permissions and then grantaccess only to those that need it. Also, grant only the level of permission thatusers need. It is often tempting to grant Full Control to users just to avoidcomplaints from those users about not being able to perform tasks, but avoidthat temptation. On smaller networks, you might want to take an oppositeapproach—one in which you allow access to everything and then secureonly those resources that need to be secured.■ Document your security decisions and encourage users to do so, as well.You should record which folders and files have which permissions, andmake notes on why you made the decision. Although it seems an extra bur-den (and does require more work upfront), this documentation is invaluablewhen the time comes to change or troubleshoot the permissions structure.Practice: Planning and Assigning NTFS PermissionsIn this practice, you will plan NTFS permissions for folders and files based on a busi-ness scenario. Then you will apply NTFS permissions for folders and files on your com-puter running Windows XP Professional in a workgroup environment, based on asecond scenario. Finally, you will test the NTFS permissions that you set up to makesure that they are working properly.Complete the following six exercises, and answer any questions that are asked. Youcan find answers to these questions in the “Questions and Answers” section at the endof this chapter.

8-15LESSON 2 ASSIGNING NTFS PERMISSIONS AND SPECIAL PERMISSIONSTHE OWN...

the owner of the file. The owner of a file can grant another user permission to take

ownership of the file. This grants users the ability to read and modify documents

that other users create (and the ability to read, modify, and delete the files and

folders that they create).

Do not make denying permissions a part of your permissions plan. Deny permis-

sions only when it is essential to deny specific access to a specific user account or

group.

Encourage users to assign permissions to the files and folders that they create and

teach them how to do so.

Real World Managing Permissions Structures

The availability of so many different permissions often lures administrators into

creating permission structures that are much more complicated than necessary. In

addition to following the guidelines set out in this chapter (such as applying per-

missions to folders instead of files, and assigning permissions to groups instead of

user accounts), you can make a permissions structure more manageable by doing

the following:

For most companies, you will want to err on the side of being too secure.

Make it a practice to lock everything down with permissions and then grant

access only to those that need it. Also, grant only the level of permission that

users need. It is often tempting to grant Full Control to users just to avoid

complaints from those users about not being able to perform tasks, but avoid

that temptation. On smaller networks, you might want to take an opposite

approach—one in which you allow access to everything and then secure

only those resources that need to be secured.

Document your security decisions and encourage users to do so, as well.

You should record which folders and files have which permissions, and

make notes on why you made the decision. Although it seems an extra bur-

den (and does require more work upfront), this documentation is invaluable

when the time comes to change or troubleshoot the permissions structure.

Practice: Planning and Assigning NTFS Permissions

In this practice, you will plan NTFS permissions for folders and files based on a busi-

ness scenario. Then you will apply NTFS permissions for folders and files on your com-

puter running Windows XP Professional in a workgroup environment, based on a

second scenario. Finally, you will test the NTFS permissions that you set up to make

sure that they are working properly.

Complete the following six exercises, and answer any questions that are asked. You

can find answers to these questions in the “Questions and Answers” section at the end

of this chapter.

Bạn đang xem 8 - - MICROSOFT WINDOWS XP PROFESSIONAL EXAM 70 270 PHẦN 4 PPT