Questions On The Trusted Computer System

1. What does DACL stand for and what does it mean? It is a type of access control defined by the Trusted Computer System Evaluation Criteria as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)". 2. Why would you add permissions into a group instead of the individual? What policy definition do you think is required to support this type of access control implementation? User accounts are designed for individuals. Group accounts are designed to make the administration of multiple users easier. While you can log on to user accounts, you can't log on to a group account. Group accounts are usually referred to simply as groups. You use groups to grant permissions to similar types of users and to simplify account administration. If a user is a member of a group that can access a resource, that particular user can access the same resource. Thus, you can give a user access to various work-related resources just by making the user a member of the correct group. Note that while you can log on to a computer with a user account, you can't log on to a computer with a group account Adding permissions in a group is a lot more resourceful and less time consuming via individually. Group Policies …show more content…
Storing passwords using reversible encryption is essentially the same as storing plaintext versions of the passwords. For this reason, this policy should never be enabled unless application requirements outweigh the need to protect password information. This policy is required when using Challenge-Handshake Authentication Protocol (CHAP) authentication through remote access or Internet Authentication Services (IAS). It is also required when using Digest Authentication in Internet Information Services