Submitted by: Submitted by yurandys
Views: 167
Words: 355
Pages: 2
Category: Science and Technology
Date Submitted: 04/07/2014 04:23 PM
Assess the Impact on Access Controls for a Regulatory Case Study
Yurandy Solares
IS 3230
J. Hollis
ITT Technical Institute Miami
March 24, 2014
Lab Assessment Questions & Answers
1. What does DACL stand for and what does it mean?
Discretionary access control List (DACL) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)" (4.3 Discretionary Access Control Lists, n.d.).
2. Why would you add permissions into a group instead of the individual? What policy definition do you think is required to support this type of access control implementation?
Adding permissions in a group is a lot more resourceful and less time consuming via individually. Group Policies
3. List the 5 different access control permissions that can be enabled on user folders and data within a Microsoft Windows Server.
Full Control, Modify, Execute, Read, Write (Stanek)
4. What is the lowest level of permission you can enable for a user who must view the contents of a folder and its files? Why is this type of permission necessary?
Read, so the user has access to any file on the system that they are entitled to but not able to make any changes.
5. What are other available Password Policy options that could be enforced within a Microsoft Windows Server to improve security?
Enforce password history, Maximum password age, Minimum password age, Minimum password length, Store passwords using reversible encryption (Ballad, Ballad, & Banks, 2011)
References
4.3 Discretionary Access Control Lists. (n.d.). Retrieved from Microsoft Developer Network: http://msdn.microsoft.com/en-us/library/cc246052.aspx
Ballad, B.,...