Week 2 - Permissions Flashcards

1
Q

What does ACL stand for? What is it?

A

Access Control Lists are comprised of Access Control Entries (ACE)

It controls the level of permission/file access given to each user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does DACLs stand for? What is it?

A

DACLs are Discretionary Access Control Lists

They note who can use a file and what they can do with it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does SACLs stand for? What does it ask Windows to do?

A

System Access Control Lists

It asks Windows to use an event log to keep track of the files and folders being accessed by each user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do you navigate to the permissions window in windows?

A

Explorer > Home Directory > Right Click Desktop > Properties > Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What’s the command to see which ACLs are assigned to a file/directory? w

A

icacls filepath

icacls /? for help

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does OI and CI DACLs stand for? What do they mean?

A

OI object inherit
CI container inherit

this means if I create a new object inside the location they’ll INHERIT the DACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Each file and folder will have an ____and one or more ___?

A

Each file and folder will have an owner and one or more DACLs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

If an object’s DACL has no ACE, what happens?

A

It denies all access attempts since there’s no access control entries for the DACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How many permissions are available on windows and what are they?

A
  1. read (see file/directories)
  2. read and execute (read, execute)
  3. list folder contents (read, execute)
  4. write (write, change, create)
  5. modify (read, write, execute)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what are the permissions available on linux? 3

A
  1. read
  2. write
  3. execute
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

on Linux what’s the command to see file permissions?

A

ls -l ~/filename

For me it worked:

ls -l filename.txt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does a dash in the file type (1st in front) permission search mean? Linux

A

it’s a regular file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How are the file permissions details broken up in Linux?

A
  1. file type in front
  2. 1st trio is the permission of the owner of the file
  3. 2nd trio is the permission of the group who owns the file
  4. 3rd trio is the permission of all other users
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do you see ACL assigned to a file/permissions? Windows

A

icacls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What’s the process to change a user’s permissions/access to a folder on windows? (Adding the user to change their permissions)

A

right click file/folder target > properties > security > edit file permissions > add > enter username of user want to add permission to > OK

then check the boxes of permissions for them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What happens when you deny a user that is in a group that has access?

A

the user is still denied if the group has access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

When does icacls need single quotes and why?

A

icacls was designed for Command Prompt and its parameters with special characters (parenthesis) confuse PS

We surround icacl’s parameters with single quotes to tell it not to interpret certain parameters as code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are guest users?

A

can use a computer without entering a password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is an authenticated users group? windows

A

a group that doesn’t include guest users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

How do you modify a file/folder permission in the CLI?
Windows

A

icacls ‘filepath’ /grant ‘Everyone:(OI)(CI)(R)’

permission parameters will vary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How do you only let non-guest users see a file or folder and any future modifications? w

A

icacls ‘filepath’ /grant ‘Authenticated Users: (OI)(CI)(R)’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How do you remove file permissions for a group? w

A

icacls ‘filepath’ /remove Everyone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What are the 3 file permission sets on Linux and their letter?

A
  1. owner (u)
  2. group (g)
  3. other users (o)
24
Q

How do you modify file access permissions on Linux when adding executable permissions to the owner? (symbolic)

A

chmod u+x filename

25
Q

How do you remove executable file permissions for a group on Linux?

A

chmod g-x filename

26
Q

How do you add multiple permissions to a file for a group? Read and Exec Linux

Symbolically

A

chmod g+rx filename

27
Q

How do you add multiple permission sets to be able to read to a file? linux

symbolic

A

chmod ugo+r filename

28
Q

What is the numerical equivalent of RWX in Linux?

A

r = 4
w = 2
x = 1

29
Q

How do you set numerical permissions for 3 permission sets for a file in Linux? What would the command look like for:

owner = rwx
group = r
other users = rw

A

chmod 746 filename

combination of adding up permissions: r,w,x = 4,2,1

30
Q

Which is better when writing permissions for Linux user sets? Numerical or symbolic?

A

Numerical because it’s faster, simpler, and don’t have to repeat lines if there are different permissions for each permission group

ie
chmod u+rwx filename
chmod g+rw filename
chmod o+r filename

31
Q

How do you change the owner of a file? Linux

A

sudo chown username filename

32
Q

How do you change the group a sudo file belongs to? Linux

A

sudo chgrp groupname filename

33
Q

What are simple permissions?

A

Simple permissions are a set of special or specific permissions

34
Q

What does WD/AD/S mean in special permissions Windows?

A

WD = Write data/Create files
AD = Append data/Create folders
S = Synchronize

35
Q

What’s the solution to not wanting to let users have modify access to a folder but want everyone to be able to create files?

A

use special permissions so they’re not able to delete files

36
Q

What is a creator owner? What applies to them?

A

the special user/owner of the file the DACL applies to

37
Q

To view special permissions for a file in the CLI
w

A

icacls filelocation

38
Q

What does setuid do in linux?

A

the owner of the file gives us permission to run the file

39
Q

To enable setuid in Linux, you can do it which two ways? What do those two ways look like?

A

To enable setuid, you can:
1) set it symbolically: sudo chmode u+s filename
2) set it numerically: sudo chmode 4547 filename

40
Q

How do you allow a file to be run as a group member of that file? Numerically and Symbolically

Linux

A

sudo chmode 2251 filename
or
sudo chmode g+s filename

41
Q

What number does setgid use?

A

2

42
Q

What number does setuid use?

A

4

43
Q

What does setgid do?

A

allows the file to be run as a member of a group

44
Q

The issue: want to let a user be able to do something that requires root privileges but not give them the actual privileges. what do you do?

A

set up setuid special permission for the file so that anyone could acesss it as if they were the owner (root)

45
Q

What is a sticky bit and what permissions does it have? L

A

a sticky bit locks down a file/folder in sticky place

anyone can write to a file/folder but they can’t delete anything (only owner and root user can)

46
Q

How would you look at the permissions for the temp directory, and how to make it display just the directory not the contents?

Linux

A

ls -ld /tmp

47
Q

What does the special bit t mean when looking at file/folder permissions?

Who can and who can’t?

A

t = means sticky bit, everyone can add and modify files in a directory but only root or the owner can delete the directory

48
Q

What are the symbolic and numerical versions of the special permissions for a sticky bit?

A

symbolic - t
numeric - 1

49
Q

How do you add a sticky bit permission? 2 ways

A

sudo chmod +t filename
sudo chmod 1774 filename

50
Q

What would a ‘d’ in the first character signify?

A

directory

51
Q

What type of user has access to, but limited control over a computer? W

A

standard

52
Q

Which Windows tool can be used to manage group information?

A

Computer Management

53
Q

Which PS command can be used to list the Users within local Groups on a computer?

A

Get-LocalGroupMember

54
Q

On Linux, which file contains information about group memberships?

A

cat /etc/group

55
Q

Why are user groups useful when it comes to permissions?

A

Allow you to change multiple user’s permissions at once

faster than doing it manually (like a computer used by many employees may have a usergroup called “Employees” that new hires are added to which automatically gives them the access they need without having to do it manually

56
Q

What’s the easiest way to make a document public/accessible to everyone?

Windows

A

Add the desired permission (read) to the “Everyone” group

icacls filename /grant “Everyone:(r)”