Flashcards in Part 2 User Accounts Lesson 5 - 8 Deck (41)
Name 5 Types of User Accounts.
4) Sharing Only
5) Root Account
Security Risk of Guest Account and what to do about it.
Can install apps and shut down/restart in Recovery mode.
Can also fill shared folders with unwanted files
Must use parental controls to restrict.
Which account is best practice for general usage?
What access does Admin account have? Best Practices?
FULL access to all apps, prefs, users and root account.
Best practice to limit number of Admins to 1 user for system changes.
Standard users can do 2 things but cannot?
Can install apps and system updates.
Cannot change anything that affects other users.
Do shared and guest accounts have a home folder?
Root account access.
Unlimited access to EVERYTHING. Access by admin. Off by default.
Where do you find user account attributes? What 9 items are shown?
Go to: System Prefs
-> User Accounts -> Right Click name
Group (staff by default)
Account 'Short' Name
Account Full Name
Login Shell (terminal path)
Home Directory path
UUID (universally unique identifier)
What 8 options can admin restrict with login window?
1) enable auto login
2) show list of users at start up
3) availability of Restart, Sleep, Shut Down
4) Input menu
5) show password hints
6) Fast user switching
7) Voice over app
8) Configure hosted network directory
Sharing-Only Account advantage
Generally very secure since they cannot access the mac system. Can further secure using file and folder permissions.
Which two password methods are supported by OS X Yosemite for local user accounts?
1) locally saved password
2) Apple ID password
What 4 types of contention issues can occur when fast user switching is enabled?
1) RESOURCE when a user tries to access an item that another user has open in the background.
2) DOCUMENT contention occurs when a user attempts to open a document that another user has already opened.
3) PERIPHERAL contention occurs when a user attempts to access a peripheral that’s already in use by another user’s open application.
4) APPLICATION contention occurs when a second user attempts to access an application that has been designed to run only once on a system.
Which storage-related security risk can occur when fast user switching is enabled?
All users are allowed to see other users’ locally connected disks.
8 Parental control options:
1) Simple FInder
2) Limit applications
3) Safari contents
4) Limit addresses to exchange info with
5) Set time limits
6) Hide profanity
7) Restrict access to camera, passwords, media
8) Maintain safari, messages, usage logs
A user’s home folder contains which 8 default folders? What are some 2 optional folders that can be added to a user’s home folder?
1 ) Desktop
4) Library (hidden)
Optional: Applications and Sites folders.
What 3 options are given when you delete a local user account, along with optional item?
1) archive the home folder content into a compressed disk image,
2) leave the home folder content in the /Users folder,
3) delete the home folder content.
Optionally, perform a secure erase on folder content
3 primary sources can Migration Assistant pull from?
1) other OS X systems
2) other Windows systems
3) other disks, including Time Machine backups.
How do you make OS X associate a new local user account with a manually migrated or restored user’s home folder?
Name the home folder exact same name as new user account
What security issue can be risked when copying a home folder?
Admin who has copied folder now has full permission to access all contents without password
4 steps to restore a deleted user account:
1) Go to macHD -> Users -> Deleted Users.
2) Select the .dmg file and duplicate.
3 ) Rename duplicate and drag to "users" system folder
4) Create New User with EXACT same name as folder
What does the master password do?
Used to reset local account passwords.
When users change their own account password, how is their login keychain affected?
the system keeps their login keychain passwords in sync.
5 types of passwords
1) Local accounts
2) Apple ID (can be used to reset local password)
3) Legacy Fire Vault
4) Keychain (encrypted)
5) Resource passwords (other services)
What 2 options are available when you try to change the password for a user account?
Either change to a separate, locally saved password or to use Apple ID password
Which 5 methods can be used to reset a user’s lost account password?
1) by an administrator in Users and Groups,
2) by the master password at login,
3) by a FileVault recovery key at startup,
4) Reset Password application in OS X Recovery.
5) Apple ID passwords can be reset online
How does resetting the master password affect existing Legacy FileVault user accounts?
Legacy FileVault accounts cannot be reset by the new master password.
How can you limit the use of Location Services?
In Security and Privacy preferences -> Privacy.
Allow or disallow applications’ access to Location Services, Contacts, Calendars, Reminders, and Accessibility
How can you ensure that audio recordings used for Dictation service remain private?
By enabling User Enhanced Dictation feature (Dictation and Speech preferences)
Audio recordings aren’t sent to Apple
How does the Firmware Password Utility help prevent users from making unauthorized password changes?
Prevents users from starting up from another system disk. which prevent use of Recovery System to reset local passwords without authorization.