Active Directory Case Study
Guests have the least amount of implied privileges.
7. When granting access to LAN systems for GUESTS (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend be implemented in order to maximize C-I-A of production systems and data?
Guest access should be limited to shared folders in order to maintain C-I-A of the LAN, they may also have a protected access to local machines, if it is not their own machine, and protected access to the internet.
8. When granting access for the Shop Floor group to the SFfiles within the SFfiles folder, what must be configured within Active Directory? …show more content…
9. When granting access for the Human Resources group to access the HRfiles within the HRfiles folder, what must be configured within Active Directory?
That groups’ access must be limited to that particular folder, also being a human resource group, access to this groups shares must be very restricted from other groups.
10. Explain how C-I-A can be achieved down to the folder and data file access level for departments and its user’s using Active Directory and Windows Server 2008 R2 access control configurations. Configuring unique access controls for different user types is an example of what kind of access controls?
Data access controls insure that the data itself is restricted to certain users being able to read or write it. These controls are examples of data access administration, and offer unique user access controls on a user by user basis. Any access of this data can be limited and traced to whom is accessing it.
Week 1 Laboratory Part 2
Lab Part 2: Implement Access Control Lists to Secure Folders and Read/Write/Access to Files
Learning Objectives and