12     Chapter 1 • General Security Concepts: Access Control, Authentication, and Auditing


             Figure 1.1 Viewing the Discretionary Access Control Settings on a Folder






























                      Notice that the administrator account is granted full control permis-
                  sion for this folder. Check the access settings for other users and groups
                  that are defined on your machine. You should notice that the system
                  has full control, but that various other access settings are in place for
                  different types of access permissions. Within the Windows OS, this is the
                  area that allows you to control and modify the DAC settings for your
                  resources.
                      Similar DAC settings are in place for all files and folders stored on NT
                  File System (NTFS) partitions, as well as all objects that exist within
                  Active Directory and all Registry keys.
                      A similar function is available in most other OSes. As mentioned,
                  UNIX and Linux use the chmod process to control access through DAC.
                  NetWare also has a file access system in place that is administered by the
                  administrator (who has “Supervisor” rights).





             Authentication

             Authentication, when looked at in its most basic form, is simply the process used to
             prove the identity of someone or something that wants access.This can involve



          www.syngress.com