IV Windows NT Security
(Page 2 of 2)
Security Reference Monitor
The reference monitor checks to see if the user has permission to access a particular object. If this access is granted, the requested user action is performed. This module performs audit messages if enabled.
The NTFS (New Technology File System) available on Windows NT and its successors such as Windows 2000/XP, but not on Windows 9.x, supports the use of user-level network security by specifying at the OS level which users can and cannot access resources such as specific files and printers. Each resource has an associated DACL that specifies allow and deny access permissions for the resource, based on the users identity and security group memberships.
These OS-level permissions apply to both local accesses (to users sitting at the servers console) and network accesses (by users connecting over the network). Simply giving network users Write permission to a network share does NOT mean that they can write to all files available at that share. The files DACLs must also allow that user to write.
Windows NT includes logging for security-related events in its Security log, accessed via the Event Viewer utility.
Home - Table Of Contents - Contact Us
CertiGuide for Network+ (http://www.CertiGuide.com/netplus/) on CertiGuide.com
Version 1.0 - Version Date: November 7, 2004
Adapted with permission from a work created by Tcat Houser and Helen O’Boyle.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.