Bookmark and Share

Front Back
An individual permission assignment in an access control list, consisting of a security principal and the specific permissions assigned to that security principal.
access control entry
An attribute of a Windows operating system element, such as a file, a printer, or a registry entry, which consists of a collection of individual permission assignments.
access control list

Which consists of a collection of individual permission assignments, in the form of access control entries (ACEs).
The combination of permissions affecting a security principal’s access to a protected resource.
effective permissions

Whether derived from explicit permission assignments, permission inheritance, or group memberships.
A system by which administrators control access to the files and folders stored on disk volumes formatted with the NTFS file system.
NTFS permissions

To access a file, whether on the local system or over a network, a user must have the appropriate NTFS permissions.
A type of hardware device, connected to a computer or a network, which produces hard copy documents on paper or other print media.
print device
The software interface through which a computer communicates with a print device.

Windows 7 supports numerous interfaces, including parallel (LPT), serial (COM), USB, IEEE 1394, Infrared Data Access (IrDA), Bluetooth, and TCP/IP ports, as well as network printing services such as lpr, and Internet Printing Protocol (IPP).
A communications protocol that computers and print devices use to exchange information about print jobs and device status.
printer control language

Each printer is associated with a printer driver that takes the commands generated by an application and converts them into the printer’s PCL.
A device driver that converts the print jobs generated by applications into an appropriate string of commands for a specific print device.
printer driver

Printer drivers are designed for specific print device and provide applications with access to all of the print device’s features.
A computer (or standalone device) that receives print jobs from clients and sends them to print devices that are either locally attached or connected to the network.
print server
The name of the user, group, or computer being granted permissions.
security principal
As a technical specialist, you should be familiar with the operation of the following four permission systems:
NTFS permissions: controls access to files and folders
Share permissions: controls access to folders over a network; used in combination with NTFS permissions
Registry permissions: controls access to specific parts of the Windows registry
Active Directory permissions: controls access to specific parts of the Active Directory hierarchy
To store permissions, each of these elements has a/an ___, which is a collection of individual permissions, in the form of ___, which consists of a/an ___ and the specific permissions assigned to it.
access control list

accerss control entries

security principal
Permissions are stored as part of what?
the element being protected
How many standard permissions are there in the NTFS permission system?

Standard permissions can be considered ___ of special permissions.

preset combinations
How many special permissions are there in the NTFS permission system?
There are two basic types of ACEs: Allow and Deny. This makes it possible to approach permission management tasks from the following directions:
Additive: Best to start with no permissions and grant just enough allow permissions to provide needed access

Subtractive: ­Can also use deny permissions to take away access, but this approach is seldom used in a well designed system and can become confusing
The tendency of permissions to flow downward through a file system or other hierarchy is called ___.
permission inheritance

Permission inheritance means that parent elements pass their permissions down to their subordinate elements.
What happens to the permissions when you copy a file from one folder to another folder on the same drive?
The new copy inherits permissions from its parent folder at the new location.
What happens to the permissions when you copy a file from one folder to another folder on a different drive?
The new copy inherits permissions from its parent folder at the new location.
What happens to the permissions when you move a file from one folder to another folder on the same drive?
The file’s existing permissions move with them.
What happens to the permissions when you move a file from one folder to another folder on a different drive?
They leave their existing permissions behind and inherit permissions from the parent folder at the new location.
It is possible to move NTFS files or folders to a different volume while retaining their existing permissions.
By using the Robocopy.exe command-line utility included with Windows 7.
Because a security principal can receive permissions from so many sources, it is not unusual for those permissions to conflict, so there are rules defining how the permissions combine to form the effective permissions. These rules are as follows:
Allow permissions are cumulative

Deny permissions override Allow permissions

Explicit permissions take precedence over inherited permissions
Permissions can be received by:
Explicit assignment


Group Membership
True or False, FAT supports permissions.

One of the main advantages of NTFS is that it supports permissions, which FAT does not.
In the NTFS permission system, the security principals involved are users and groups, which Windows refer to as ___.
security identifiers
When a user attempts to acces an NTFS file or folder, the system reads the user's ___, which contains the SIDs for the user's account and all of the groups to which the user belongs. The system then compares these SIDs to those stored in the file or folder's ACEs to determine what access the user should have. This process is called ___.
security access token

Which Windows 7 editions support NTFS permissions?


What are the NTFS Standard Permissions?
Full Control


Read & Execute

List Folder Contents


What are the NTFS Special Permissions?
-Traverse Folder/Excute File
-List Folder/Read Data
-Read Attributes
-Read Extended Attributes
-Create Files/Write Data
-Create Folders/Append Data
-Write Attributes
-Write Extended Attributes
-Delete Subfolders and Files
-Read Permissions
-Change Permissions
-Take Ownership
If a user has the Deny Full Control permission for the root of the D: drive and the Allow Full Control permission for D:\Documents, then the user’s effective permissions for D:\Documents will be ___ Full Control.
A user calls the help desk and asks you why she cannot send print jobs to a shared printer that is using Windows 7 as a print server. You determine that the problem is related to the printer permissions. The user cannot send jobs to the printer because she only has the ___ permission for the printer.
Manage Documents
To share a printer with network users, you must first open the Network and Sharing Center and turn on ___ and ___.
Network Discovery

File and Printer Sharing
In the Windows printing architecture, the two hardware components are called the ___ and ___.
Print device

Print server
Jack has the Allow Print, Allow Manage Documents, and Allow Manage Printers permissions to a printer with a priority of 1. Jill has the Allow Print permission to a printer with a priority of 10, connected to the same print device. If Jack and Jill both submit a print job at exactly the same time, ___'s print job will be processed first.
The primary function of a printer driver is to take printer commands generated by applications and convert them into ___ commands.
printer control language
In the NTFS permission system, ___ permissions are actually combinations of ___ permissions.

When no users have NTFS permissions to access a particular file, the only person who can regain access to it is the ___.
To share a printer, you must be a member of the ___ group.
To create a share called DOCS and hide it from network users, you must assign it the name ___.
True or False, granting users the Manage Documents permissions enables them to submit jobs to the printer.
True or False, all permissions are stored in the access control list of the element being protected.
True or False, a security principal is the person granting permissions to network users.
True or False, NTFS permissions always take precedence over share permissions.
True or False, to create a printer pool, you must create a separate printer for each print device.
True or False, granting someone the Allow Manage Printers permission enables them to submit jobs to the printer.
True or False, to assign different printer priorities to two different groups, you must create two printers.
True or False, when you move an NTFS file to a location on the same volume, the file’s existing permissions move with it.
True or False, when you install a printer for a print device connected to a Windows 7 computer’s USB port, you must specify the print device’s manufacturer and model.
True or False, when you open a print queue window and cancel the document that is currently printing, the print device stops immediately.
x of y cards Next >|