| |
Windows NT Filing System and Security
Introduction to Windows NT Security
Key Topics
Windows Explorer
Partitioning The Drive
Windows NT FAT Partition
File Systems
File Allocation Table (FAT)
NTFS File System Features
NTFS Searching
NTFS Fault Tolerance
NTFS Logging Of Files
Converting to NTFS
File Compression in Windows NT
Folder and File Permissions
NTFS Security
NTFS Security Permissions
Domains and Workgroups
Windows Workgroups
Domains Centralized Database
SAM Environment
Computer Account
Groups and User Accounts
Users In The Database
What is a Groups
Least Restrictive Permission
Types of Groups
Sharing Permissions
Hidden Folders
Automatically Hidden Folder
Sharing Permissions
Combined Permission
NTFS And Sharing
Levels Of Restriction
User Manager
Windows NT Security Policy
Volume Disk Types
Simple Volume
Spanned Volume
Spanned Volumes Fault Tolerance
Stripe Set with Parity
Striped Set With Parity Performance
Windows and Fault Tolerance
Questions
|
Windows
NT
Filing
System
and Security
-
The advanced features of NTFS
include security, fault
tolerance, advanced searching
, file compression, etc.
-
Windows NT
provides both NTFS
and sharing
permissions
on files
and folders
for all users and groups
within its SAM
.
-
You can create volumes on disks
within windows NT4 that allow you to generate simple volumes, spanned
volumes, mirrored volumes, and stripped set with parity.
-
The Main tool that could be
used to view and manipulate files
and folders
is Windows Explorer
. The main function of Windows Explorer is to manipulate files and folders
by copying, deleting moving, viewing, renaming the files and folders on
the hard drive
.
-
Lets run windows explorer and
view some of its menu options and features. You will also notice the tool
bar and the alternate mouse
click options.
-
A Hard drive, which contains
partitions, is a basic disk
. FDISK.EXE
is a DOS
or Windows 9x utility that can
be used to partition your hard drive
.
-
There are two main partitions
in a basic disk
, the primary partition
and extended partition that
contain logical drives.
-
Basis disks are ideal for dual
booting drives booting in more then one operating system
.
-
Windows NT
supports partitions and
installs itself on the partition with a FAT filing system if the
partitions exist prior to the installation
of Windows NT.
-
Windows NT
can also be installed on a
unused region of the disk and convert
that region to a FAT or NTFS
region before installation
can proceed
-
Windows NT
supports only FAT16
, and NTFS
filing systems.
-
Some of the filing features of
Windows NT
can only be attained on the
NTFS
filing system.
-
FAT is the simplest way of
organizing the storage space on the hard drive
when dealing with files
and folders
.
-
FAT contains a table of content
listing the cluster location of all files
recorded on the storage medium
.
-
FAT 16 was developed for DOS
version 3 and above supporting
partition sizes of 2GB and a hard drive
size of 4GB
NTFS
File
System Features
-
NTFS
stands for New Technology File
System.
-
NTFS
supports File, Folder and
Volume compression
-
If something goes wrong during
compression, individual files
are effected rather regions on
the disk since NTFS
compression is based on
individual file compressions.
-
NTFS
can support partition sizes up
to 16 exabytes
(264 ) which uses
uniform cluster sizes of 4KB .
-
The backup of the boot sector
performed on NTFS
is kept at the end of the
volume.
-
NTFS
ensures file recovery
and volume consistency using a
new transaction logging and recovery technique.
NTFS
Searching
-
Can set individual user and
group
permissions
on files
, folders
and shares on the volume.
-
NTFS
uses a B-Tree
directory
structure, which improves
search performance
since it is the directory
structure used in most databases
.
NTFS
Fault
Tolerance
-
NTFS
has a hot fix feature, which
means that on every write
process Windows NT
verifies the file correctness
by reading the file again.
-
If the file has become
corrupted Windows NT
will mark that region on the
disk as bad and rewrites the data in another data block.
NTFS
Logging
Of Files
-
Since NTFS
logs all filing system
changes, if a power loss occurs while changes are being made and a read
or write
task is not completed, the
task will be completed once power is restored.
-
NTFS
reduces the need for
defragmentation because it always attempts to write
data in contiguous
blocks.
-
Windows NT
provides a disk management
utility to convert
FAT to NTFS
, which can ultimately results in the data on those partitions being lost
during the conversion from FAT to NTFS or vise versa.
-
You can convert
FAT to NTFS
without reformatting and loss
of data on the partition by using the following command in command prompt
.
-
Convert x: /FS: NTFS
/v , x=drive, v=verbose
mode displaying messaging during the conversion.
-
The conversion from FAT to NTFS
is one way, and the filing
system cannot be reconverted back to FAT without data loss.
-
Windows NT
supports the compression of
files
and folders
on NTFS
partitions only.
-
Any compression causes
performance
degradation, because the
compression filter
needs to be activated on the
files
of interest every time the
file is required before the file can be used.
-
The filter is also activated
when copying files
in to compressed
folders
or copying files from a
compressed folder.
-
NTFS
has security built-in as part
of the filing system. When you format
your hard drive
with NTFS, its permissions
can be assigned to the users
and groups defined on the SAM
, which are list
, read
, write
, read and execute
, modify
, full control
.
-
Folders need to be shared if
they are to be accessed from the network
. Sharing
permissions
can also be applied to users
and groups defined on the SAM
which are Read
, Change
and Full control
.
-
It is recommended that you
implement the most restrictive permission
for NTFS
and least restrictive
permission for sharing
within the Windows NT
environment.
NTFS
Security
-
NTFS
has security built in as part
of the filing system. When you format
your hard drive
with NTFS, its permissions
can be utilized which are list
, read
, write
, read and execute
, modify
, full control
.
NTFS
Security
Permissions
-
Windows NT4 supports joining a
workgroup
or a domain environment.
-
If you are installing windows
NT4 and are unsure if you can join a domain, you must first either create
a workgroup
or join an existing workgroup
and join the domain later after the installation
has been completed.
-
The domain contains a
centralized
security database called the
Security
accounts Manager (SAM
) inside the Primary Domain
Controller (PDC
) server.
-
A windows NT workgroup
is a logical grouping of
computers within a peer-to-peer network
that share files
and resources
within a small networking
environment.
-
All the computers within the
workgroup
must have there individual
security permissions
configured in the SAM
.
SAM
Environment
-
The computer account must be
created for all the computers joining the domain prior to them attempting
to join by the domain administrator
.
-
Computers can join the domain
during their installation
without having a prior account
on the domain only if the domain administrator
is installing that particular
computer.
-
Users and groups defined within
a workgroup
exist with in each machines
respective local SAM
.
-
Users and groups defined in a
centralized
domain structure exist with in
the PDC
and BDC
SAM
.
-
Windows NT
provides the administrator
with a specialized tool called
User Manager
, which allows users/groups to be added, modified and associated with
other groups.
-
A collection of users,
computers, contacts and other groups can be defined as a group
.
-
When users are added to a group
, all of the permissions
assigned to the group are then
assigned to the user added.
NTFS
And
Sharing
-
It is recommended that you
implement the most restrictive permission
for NTFS
and least restrictive
permission for sharing
.
-
The NTFS
security permissions
have greater variety of
permissions and apply to both local and networked users.
-
The security policy inside
Windows NT
includes account policy, user
rights policy, advanced user rights, Audit policy
, and network
policy.
-
These policies
enforce certain rules defined
by the administrator
applying to all the system
users throughout the network
improving the system and
network security.
-
There are four main types of
Windows NT
volumes, Simple volume
, Spanned Volume
, mirrored sets
, Striped set with parity
-
Simple volumes contain disk
space on a single disk.
-
It can be one or more region on
a single disk, which may be linked together.
-
Simple volumes can be formatted
in FAT, NTFS
.
-
Only simple volumes formatted
in NTFS
can be extended.
-
A single volume extended over
multiple drives is a spanned volume.
-
The spanned volume cannot
include the system or boot volume.
-
Spanned volumes can be as small
as 2 disks and as large as 32 disks.
-
Spanned volumes are not fault
tolerant, which means they cannot be mirrored or striped.
-
If one of the disks in a
spanned volume fails the whole volume is lost.
-
Striped Set With Parity
or Raid Level 5
offer fault tolerance by
duplicating every peace of data and distributing the information
among all the drives in an
organized
pattern.
-
Data is written to the stripped
volumes distributed evenly in 64KB sizes.
-
If a drive fails within the
stripe set, the information
within it can be recovered
from the rest of the drives within the stripe set.
-
Stripped set with parity yields
the best performance
of all storage sets because
all the disks in the set act collectively as a single disk improving read
and write
performance.
-
The performance
of a stripped set with parity
increases with the number of disks used in the set
-
There is the requirement of a
minimum of three hard drives and a maximum of 32 disks within the Stripe
set with parity.
-
Windows NT
and windows 2000 both offer
fault tolerance using RAID level 1
(Mirror Set) and RAID Level 5
(Stripe Set with Parity
).
-
RAID stands for
Redundant Array of Independent Disks
-
Window NT offers fault
tolerance on volumes on a basic disk
.
-
What are the filing systems
supported by Windows NT? (Choose all that apply)
-
Fat16
-
Fat32
-
NTFS
-
NTFS5
-
HPFS
-
What are the features of NTFS
in Windows NT? (Choose all
that apply)
-
Folder compression
-
Supports partitions of up
to16 exabytes
-
Supports disk quotas
-
Backup
the boot sector
-
Supports EFS
-
What are the features of NTFS
in Windows NT? (Choose all
that apply)
-
Uses B-tree directory
structure
-
Use dynamic disk
-
Has built in hot fix feature
-
Logs filing system changes
-
Supported on CDROM
drives
-
What are the NTFS
security permissions
supported by Windows NT?
(Choose all that apply)
-
Read
-
Edit
-
Change
-
Delete
-
Full Control
-
What
are the NTFS
security permissions
supported by Windows NT?
(Choose all that apply)
-
Modify
-
Control
-
Read
and execute
-
Take ownership
-
Write
-
What are the NTFS
sharing
permissions
supported by Windows NT?
(Choose all that apply)
-
Read
-
Edit
-
Change
-
Delete
-
Full Control
-
What are the different types of
groups? (Choose all that apply)
-
Security
groups
-
Distribution groups
-
Special group
-
User group
-
SAM
group
-
What is the difference between
the SAM
on the PDC
and the BDC? (Choose all that
apply)
-
The SAM
on the PCD is changeable
-
The SAM
on the BDC
is changeable
-
The SAM
on the BDC
in non-changeable
-
The SAM
on the PDC
is non-changeable
-
There is no SAM
on the BDC
-
What character is placed in
front of a hidden
folder
-
%
-
#
-
^
-
$
-
*
-
What are the different volumes
supported by Windows NT? (Choose all that apply)
-
Simple volume
-
Square volume
-
Expanded volume
-
Spanned volume
-
Stripped set with parity
Answers
-
A,C
-
A,B,D
-
A,C,D
-
A,E
-
A,C,E
-
A,C,E
-
A,B
-
A,C
-
D
-
A,D,E
|
| |
|