ITF (FC0-U61) Skills Lab: Manage File System Security

Exercise 1: Manage Share and NTFS Permissions

Task 1: Accessing PowerShell (Admin)

1. Connect to Virtual Machine

   • Begin by connecting to the virtual machine hosting your environment.

2. Log In to the VM

   • Once connected, log in to the system.

3. Open PowerShell (Admin)

   • Right-click on the Start Menu and select Windows PowerShell (Admin) from the list.

Task 2: Creating Folders and Sharing in PowerShell

1. Navigate to the C: Drive

   • In the PowerShell window, type the following command to navigate to the C: drive:
     cd\

2. Create New Folders

   • Use the following commands to create the folders:
     md projects
md tickets
md corpdata

3. Share the 'Projects' Folder

   • Run the following command to share the folder with full access for domain users:
     New-SmbShare -Name "projects" -Path "c:\projects" -FullAccess "Domain Users"

4. Close PowerShell

   • After completing the commands, close the PowerShell window.

Task 3: Sharing a Folder Using File Explorer

1. Open File Explorer

   • Navigate to the Local Drive (C:).

2. Locate the 'Tickets' Folder

   • Find the tickets folder.

3. Share the Folder

   • Right-click on the tickets folder and select Give access to > Specific People.

4. Add 'Domain Users' and Set Permissions

   • Add "Domain Users" to the share list and set the permission level to Read/Write.

5. Complete Sharing

   • Click Share and then Done to finalize the process.

Task 4: Sharing a Folder Using Computer Management

1. Open Computer Management

   • Right-click on the Start Menu and select Computer Management.

2. Navigate to Shared Folders

   • Expand Shared Folders and select Shares.

3. Create a New Share

   • Right-click on Shares and select New Share.

4. Use the Create a Shared Folder Wizard

   • Follow the wizard to share the corpdata folder:
     • Specify the folder path.
     • Set the share name and description.
     • Configure custom permissions to give "Domain Users" Full Control.

5. Finalize the Share

   • Complete the wizard and close Computer Management.

Task 5: Modifying NTFS Permissions for Shared Folders

1. Open File Explorer

   • Navigate to the corpdata folder.

2. Access Folder Properties

   • Right-click the folder and select Properties > Security Tab.

3. Edit Permissions

   • Modify the NTFS permissions to:
     • Add groups (e.g., corpusers, globalit, etc.).
     • Assign appropriate permissions (Read, List Folder Contents, Read/Write).

4. Configure Advanced Permissions

   • Open Advanced Security Settings and remove inherited permissions.
   • Add CREATOR OWNER with Full Control.

5. Save and Close

   • Save the changes and close the properties window.

Task 6: Verifying User and Shared Folder Permissions

1. Connect to a Client Machine

   • Log in to another virtual machine with a user account.

2. Map the 'corpdata' Folder

   • Use File Explorer to map the shared folder (e.g., \\servername\corpdata).

3. Test Folder Access

   • Create and delete files to confirm permission settings.

4. Repeat with Another User Account

   • Log in with a different user account and verify the permissions.

5. Document Results

   • Note any discrepancies or errors for review.

Task 7: Terminate Virtual Machines

1. Shut Down All VMs
   • Properly shut down all virtual machines to conclude the lab.