Identification, Authentication, and Authorization
2. What two access controls can be setup for a Windows Server 2003 folders and authentication?
Authentication and Access control.
3. lf you can browse a file on a Windows network share but are not able to copy it or modify it what type of access controls and permissions are probably configured? What type of Access Control would best describe this access control situation?
List Folder Contents – Security Policy based control.
4. What is the mechanism on a Windows Server where you can administer granular policies and permissions on a Windows network using role-based access?
Group Policy Editor
5. What is two-factor authentication and why is it an effective access control technique? Two Factor uses two of the three characteristics in Authentication types (Knowledge, Ownership, Characteristics) 6. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve C-1-A for departmental LANs, departmental folders, and data. creates security principals in the Active Directory domain partition
7. Is it a good practice to include the account or user name in the password? Why or why not? It is not a good idea to have a user name in the password, because it easy for people can try to hack or decode the password.
8. Can a user who is defined in the Active Directory access a shared drive if that user is not part of the domain?
Non domain machines cannot access shared folders.
9. Does Windows Server 2003 require a user’s login/password credentials prior
to accessing shared drives?
Yes – Credentials are required.
I 0. When granting access to LAN systems for GUESTS (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend be implemented in order to maximize CI- A of production systems and data?
Establish a temporary limited account for access to only what is needed; and have them sign user and non-disclosure agreements.