Widget Sales Co.
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Widget Sales Co. as PDF for free.
More details
- Words: 1,290
- Pages: 7
W IDGET S ALES C OMPANY Secure Internal Network
Brendan Timmons, ID: 040313472 12/1/2007
Widget Sales Company: Secure Internal Network
12/1/2007
WIDGET SALES COMPANY Secure Internal Network
Table of Contents User Accounts ................................................................................................................................. 2 User Accounts Table ...................................................................................................................... 2 NTFS File and Folder Permissions ............................................................................................... 3 NTFS Permissions for Files & Folders: ........................................................................................ 4 User Profiles ................................................................................................................................... 5 Local User profile ....................................................................................................................... 5 Roaming profile........................................................................................................................... 5 Mandatory Profile ....................................................................................................................... 5 Auditing Procedures ...................................................................................................................... 5 Printing Requirements .................................................................................................................. 6 Backups........................................................................................................................................... 6
Brendan Timmons
1
Widget Sales Company: Secure Internal Network
12/1/2007
USER ACCOUNTS A user account defines the actions a user can perform in Windows. On a stand-alone computer or a computer that is a member of a workgroup, a user account establishes the privileges assigned to each user. On a computer that is part of a network domain, a user must be a member of at least one group, by default all users are part of the ‘users’ group and cannot be removed from the group. Permissions and user rights are typically assigned to groups instead of individual users. By adding a user to a group, you give the user all the permissions and user rights assigned to that group. The User Accounts applet allows you to add users to your computer/domain and to add those users to a group, it also allows you to define the users password, if it has to be changed upon their first login and a whole other number of variables to do with that account
USER ACCOUNTS TABLE User Name
First Name
Last Name
Group
JJones PSmith01
Jill Phillipa
Jones Smith
JJones01 AHall01 SHoward AHall GNG01 SGill PSmith FMoney GNg JWeb
Jim Alex Sally Allen Gerry Sue Phillip Fred Gary Jim
Jones Hall Howard Hall NG Gill Smith Money NG Web
CEO Accounting Manager Sales Manager HR Manager IT Manager Accounting Accounting Sales Sales HR IT IT
Brendan Timmons
2
Widget Sales Company: Secure Internal Network
12/1/2007
NTFS FILE AND FOLDER PERMISSIONS Use NTFS permissions to specify which users and groups can gain access to files and folders, and what they can do with the contents of the file or folder. The permissions you assign for folders are different from the permissions you assign for files. You assign folder permissions to control the access that users have to folders and to the files and subfolders that are contained within the folder. The table below lists the standard NTFS folder and file permissions that you can assign and the type of access that each provides.
NTFS Folder Permission Full Control Modify
Read & Execute List Folder Contents Read Write
NTFS File Permission Full Control Modify Read & Execute Read Write
Brendan Timmons
Allows the User To Change permissions, take ownership, and delete subfolders and files, plus perform actions permitted by all other NTFS folder permissions Delete the folder plus perform actions permitted by the Write permission and the Read & Execute permission Move through folders to reach other files and folders, even if the users do not have permission for those folders, and perform actions permitted by the Read permission and the List Folder Contents permission See the names of files and subfolders in the folder See files and subfolders in the folder and view folder ownership, permissions, and attributes (such as Read-only, Hidden, Archive, and System) Create new files and subfolders within the folder, change folder attributes, and view folder ownership and permissions
Allows the User To Change permissions and take ownership, plus perform the actions permitted by all other NTFS file permissions Modify and delete the file plus perform the actions permitted by the Write permission and the Read & Execute permission Run applications plus perform the actions permitted by the Read permission Read the file, and view file attributes, ownership, and permissions Overwrite the file, change file attributes, and view file ownership and permissions
3
Widget Sales Company: Secure Internal Network
12/1/2007
NTFS PERMISSIONS FOR FILES & FOLDERS: Path
User Account or Group
NTFS Permissions
Block Inheritance
Shared?
Shared F older Permissions
Apps Apps\WordDocs Apps\Spreadsheets Apps\Database DepartmentData DepartmentData\Accounting
Administrators Users Acc, Man, CEO Acc, Man, CEO Users Accountants CEO HRStaff CEO SallyHoward ITStaff SalesStaff CEO Users CEO Users Users Administrators AllenHall GerryNg Administrators AlexHall JillJones JimJones PhillipaSmith SallyHoward Users AlexHall AllenHall FredMoney GaryNg GerryNg JillJones JimJones JimWeb PhillipaSmith PhillipSmith SallyHoward SueGill
R/W R R R R/W R/W R R/W R R/W R R/W R R/W R/W R R/W FC FC FC FC FC FC FC FC FC R/W FC FC FC FC FC FC FC FC FC FC FC FC
Y N N N Y Y
Y
RC
Y
RC
Y
RC
Y
RC
Y
RC
DepartmentData\HR DepartmentData\IT DepartmentData\Sales Public Public\Manuals Public\Policy Profiles Profiles\Accountants Accountants\AHall Accountants\GNg Profiles\Managers Managers\AHall01 Managers\JJones Managers\JJones01 Managers\PSmith Managers\SHoward Users Users\AHall01 Users\AHall Users\FMoney Users\GNG01 Users\GNG Users\JJones Users\JJones01 Users\JWeb Users\PSmith Users\PSmith01 Users\SHoward Users\SGill
Brendan Timmons
Y Y Y N Y Y N Y Y Y Y Y Y Y Y Y N Y Y Y Y Y Y Y Y Y Y Y Y
4
Widget Sales Company: Secure Internal Network
12/1/2007
USER PROFILES A user profile defines customized desktop environments, such as individual display, and network and printer connections settings. You can define your desktop environment for user profiles. Types of user profiles include:
Local User profile A local user profile is created the first time you log on to a computer and is stored on the computer's Hard Drive. Any changes made to the local user profile are specific to the computer on which the changes are made.
Roaming profile Roaming profiles are created by your system administrator and are stored on the Server or Domain. Having Roaming Profiles allow your profile is available every time you log on to any computer on the network. Any changes made to your roaming user profile will be updated on the server.
Mandatory Profile Mandatory user profiles, are just a roaming profile that has been modified so that it can be used to specify particular settings for individuals or an entire group of users. Only system administrators can make changes to mandatory user profiles.
AUDITING PROCEDURES The auditing procedures implemented on the windows 2003 server are as follows. Name Account logon events Account management
Success N/A
Failure X
X
X
Directory service access Logon events Object Access
N/A X X
N/A X X
Policy Change Privilege use
N/A N/A
N/A X
Process Tracking System Events
N/A X
N/A X
Brendan Timmons
Reason for choice For security purposes to track unauthorized account access attempts. For security purposes to track unauthorized account changes. To track account activity. Track what object users are attempting to use. For security purposes to track unauthorized access attempts to files on the domain. To track any changes to the security
5
Widget Sales Company: Secure Internal Network
12/1/2007 log and user actions such as shutting down or starting up a computer.
PRINTING REQUIREMENTS Widget Sales Co. has two printers: a HP DeskJet 500 and a HP laser jet 4m. The Manager and the CEO require use of the HP Laser Jet 4m. All other staff must use the HP DeskJet 500 printer. The CEO has requested that her work be given priority over all other jobs to ensure priorities are given, the CEO has been assigned the printer priority of 99.
BACKUPS Two types of backup procedures have been implemented into Widget Sales Co.’s Server. A Normal and Incremental. The Normal backup will backup all selected files and folders and clears the archive attribute on these files and folders. And will run every Monday at 19:00 The Incremental backup will backup only those files that have changed since the last normal backup or Incremental backup. And will take place from Tuesday – Friday at 19:00.
Brendan Timmons
6
Brendan Timmons, ID: 040313472 12/1/2007
Widget Sales Company: Secure Internal Network
12/1/2007
WIDGET SALES COMPANY Secure Internal Network
Table of Contents User Accounts ................................................................................................................................. 2 User Accounts Table ...................................................................................................................... 2 NTFS File and Folder Permissions ............................................................................................... 3 NTFS Permissions for Files & Folders: ........................................................................................ 4 User Profiles ................................................................................................................................... 5 Local User profile ....................................................................................................................... 5 Roaming profile........................................................................................................................... 5 Mandatory Profile ....................................................................................................................... 5 Auditing Procedures ...................................................................................................................... 5 Printing Requirements .................................................................................................................. 6 Backups........................................................................................................................................... 6
Brendan Timmons
1
Widget Sales Company: Secure Internal Network
12/1/2007
USER ACCOUNTS A user account defines the actions a user can perform in Windows. On a stand-alone computer or a computer that is a member of a workgroup, a user account establishes the privileges assigned to each user. On a computer that is part of a network domain, a user must be a member of at least one group, by default all users are part of the ‘users’ group and cannot be removed from the group. Permissions and user rights are typically assigned to groups instead of individual users. By adding a user to a group, you give the user all the permissions and user rights assigned to that group. The User Accounts applet allows you to add users to your computer/domain and to add those users to a group, it also allows you to define the users password, if it has to be changed upon their first login and a whole other number of variables to do with that account
USER ACCOUNTS TABLE User Name
First Name
Last Name
Group
JJones PSmith01
Jill Phillipa
Jones Smith
JJones01 AHall01 SHoward AHall GNG01 SGill PSmith FMoney GNg JWeb
Jim Alex Sally Allen Gerry Sue Phillip Fred Gary Jim
Jones Hall Howard Hall NG Gill Smith Money NG Web
CEO Accounting Manager Sales Manager HR Manager IT Manager Accounting Accounting Sales Sales HR IT IT
Brendan Timmons
2
Widget Sales Company: Secure Internal Network
12/1/2007
NTFS FILE AND FOLDER PERMISSIONS Use NTFS permissions to specify which users and groups can gain access to files and folders, and what they can do with the contents of the file or folder. The permissions you assign for folders are different from the permissions you assign for files. You assign folder permissions to control the access that users have to folders and to the files and subfolders that are contained within the folder. The table below lists the standard NTFS folder and file permissions that you can assign and the type of access that each provides.
NTFS Folder Permission Full Control Modify
Read & Execute List Folder Contents Read Write
NTFS File Permission Full Control Modify Read & Execute Read Write
Brendan Timmons
Allows the User To Change permissions, take ownership, and delete subfolders and files, plus perform actions permitted by all other NTFS folder permissions Delete the folder plus perform actions permitted by the Write permission and the Read & Execute permission Move through folders to reach other files and folders, even if the users do not have permission for those folders, and perform actions permitted by the Read permission and the List Folder Contents permission See the names of files and subfolders in the folder See files and subfolders in the folder and view folder ownership, permissions, and attributes (such as Read-only, Hidden, Archive, and System) Create new files and subfolders within the folder, change folder attributes, and view folder ownership and permissions
Allows the User To Change permissions and take ownership, plus perform the actions permitted by all other NTFS file permissions Modify and delete the file plus perform the actions permitted by the Write permission and the Read & Execute permission Run applications plus perform the actions permitted by the Read permission Read the file, and view file attributes, ownership, and permissions Overwrite the file, change file attributes, and view file ownership and permissions
3
Widget Sales Company: Secure Internal Network
12/1/2007
NTFS PERMISSIONS FOR FILES & FOLDERS: Path
User Account or Group
NTFS Permissions
Block Inheritance
Shared?
Shared F older Permissions
Apps Apps\WordDocs Apps\Spreadsheets Apps\Database DepartmentData DepartmentData\Accounting
Administrators Users Acc, Man, CEO Acc, Man, CEO Users Accountants CEO HRStaff CEO SallyHoward ITStaff SalesStaff CEO Users CEO Users Users Administrators AllenHall GerryNg Administrators AlexHall JillJones JimJones PhillipaSmith SallyHoward Users AlexHall AllenHall FredMoney GaryNg GerryNg JillJones JimJones JimWeb PhillipaSmith PhillipSmith SallyHoward SueGill
R/W R R R R/W R/W R R/W R R/W R R/W R R/W R/W R R/W FC FC FC FC FC FC FC FC FC R/W FC FC FC FC FC FC FC FC FC FC FC FC
Y N N N Y Y
Y
RC
Y
RC
Y
RC
Y
RC
Y
RC
DepartmentData\HR DepartmentData\IT DepartmentData\Sales Public Public\Manuals Public\Policy Profiles Profiles\Accountants Accountants\AHall Accountants\GNg Profiles\Managers Managers\AHall01 Managers\JJones Managers\JJones01 Managers\PSmith Managers\SHoward Users Users\AHall01 Users\AHall Users\FMoney Users\GNG01 Users\GNG Users\JJones Users\JJones01 Users\JWeb Users\PSmith Users\PSmith01 Users\SHoward Users\SGill
Brendan Timmons
Y Y Y N Y Y N Y Y Y Y Y Y Y Y Y N Y Y Y Y Y Y Y Y Y Y Y Y
4
Widget Sales Company: Secure Internal Network
12/1/2007
USER PROFILES A user profile defines customized desktop environments, such as individual display, and network and printer connections settings. You can define your desktop environment for user profiles. Types of user profiles include:
Local User profile A local user profile is created the first time you log on to a computer and is stored on the computer's Hard Drive. Any changes made to the local user profile are specific to the computer on which the changes are made.
Roaming profile Roaming profiles are created by your system administrator and are stored on the Server or Domain. Having Roaming Profiles allow your profile is available every time you log on to any computer on the network. Any changes made to your roaming user profile will be updated on the server.
Mandatory Profile Mandatory user profiles, are just a roaming profile that has been modified so that it can be used to specify particular settings for individuals or an entire group of users. Only system administrators can make changes to mandatory user profiles.
AUDITING PROCEDURES The auditing procedures implemented on the windows 2003 server are as follows. Name Account logon events Account management
Success N/A
Failure X
X
X
Directory service access Logon events Object Access
N/A X X
N/A X X
Policy Change Privilege use
N/A N/A
N/A X
Process Tracking System Events
N/A X
N/A X
Brendan Timmons
Reason for choice For security purposes to track unauthorized account access attempts. For security purposes to track unauthorized account changes. To track account activity. Track what object users are attempting to use. For security purposes to track unauthorized access attempts to files on the domain. To track any changes to the security
5
Widget Sales Company: Secure Internal Network
12/1/2007 log and user actions such as shutting down or starting up a computer.
PRINTING REQUIREMENTS Widget Sales Co. has two printers: a HP DeskJet 500 and a HP laser jet 4m. The Manager and the CEO require use of the HP Laser Jet 4m. All other staff must use the HP DeskJet 500 printer. The CEO has requested that her work be given priority over all other jobs to ensure priorities are given, the CEO has been assigned the printer priority of 99.
BACKUPS Two types of backup procedures have been implemented into Widget Sales Co.’s Server. A Normal and Incremental. The Normal backup will backup all selected files and folders and clears the archive attribute on these files and folders. And will run every Monday at 19:00 The Incremental backup will backup only those files that have changed since the last normal backup or Incremental backup. And will take place from Tuesday – Friday at 19:00.
Brendan Timmons
6
Related Documents
Widget Sales Co.
October 2019 9
Anand Cv Sales Co-ordinator
May 2020 1
Widget Facotry Press Release
December 2019 6
Widget Creation Tutorial
August 2019 13
Co-co
May 2020 41