Lab 3: Enable Windows Active Directory and User Access Controls

Read Summary
Summary

This article discusses various aspects of access control solutions for information systems using Windows Server 2003 as an example. The three fundamental elements of an effective access control solution are identification, authentication, and authorization. Windows Server 2003 provides two access controls for folders and authentication, namely authentication and access control. If a user can browse a file on a Windows network share but cannot copy or modify it, folder contents access control is probably configured, and the best access control fitting would be security policy. Group policies are used to administer granular policies and permissions on a Windows network using role-based access. Two-factor authentication is an effective access control technique that involves two different types of identification processes such as ID card and pin code. Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data. It is not a good practice to include the account or user name in the password as it is a common starting place for hackers. A user who is not part of the domain cannot access shared drives defined in the Active Directory. Windows Server 2003 requires a user’s logon/password credentials prior to accessing shared drives. When granting access to LAN systems for guests, it is recommended to implement limited account access with read-only rights to specific areas they need to access.

Table of Content

1. What are the three fundamental elements of an effective access control solution for information systems?
Identification, Authentication and Authorization
2. What two access controls can be set up for Windows Server 2003 folder and authentication?
Authentication and Access Control
3. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured? What type of access control would best describe this access control situation?

Folder Contents. The access control best fitting would be security policy. 4. What is the mechanism on a Windows server where you can administer granular policies and permissions on a Windows network using role-based access?

Group Policies.
5. What is two-factor authentication and why is it an effective access control technique?
It is a two different type of identification process. Like an ID card and a pin code. 6. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs departmental folders, and data.

The security details are created in the directory domain.
7. It is a good practice to include the account or user name in the password? Why or why not?
This is definitely not a good or suggested practice because this is a common starting place for hackers to start when attempting to log in to someone’s account or when trying to use another person’s access. 8. Can a user who is defined in the Active Directory access a shared drive if that user is not part of the domain?

No, if a user is not granted specific access to a directory then they are granted access. 9. Does Windows Server 2003 require a user’s logon/password credentials prior to accessing shared drives?

Yes, you have to be logged into the system to accessing a shared drive. 10. When granting access to LAN systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend be implemented to maximize CIA of production systems and data?

The accounts should be set up with limited account access, with read only rights to the specific area’s they need to access.

Lab 3 Screenshots

Cite this page

Lab 3: Enable Windows Active Directory and User Access Controls. (2016, Jul 10). Retrieved from

https://graduateway.com/lab-3-enable-windows-active-directory-and-user-access-controls/

Remember! This essay was written by a student

You can get a custom paper by one of our expert writers

Order custom paper Without paying upfront