CSU Global Campus
ZXY has recently located to a new building, which has been wired and set up for a local area network. The company has decided to implement a client/server-based network in which all printers, files, and other resources are share without any access limitations on specific users. Additionally, all devices and settings are currently set up with default security settings. Before ZXY Corporation can safely utilize their new network, security software and settings must be fully implemented and tested.
First, user accounts must be created, all of which will be assigned to their corresponding group. For instance, engineers and software testing users may be grouped as Development users, while salespeople and promoters may be placed in a group called Marketing. Dividing users into groups allows for network administrators to easily grant rights for entire departments or make widespread permission changes to select users. This is known as access control.
Access control methods are integral to any network with multiple users. By logging in, a user forces the operating system to create an access token for the user. This token contains authorization information strictly for that user. When the user attempts to gain access to an object, the operating system checks the access control entries (ACEs) for the object in the access control list (ACL), including read, write, execute, and modify. If the operating system determines that the generated access token lacks the necessary ACEs to perform a specific task, the user is told that permission has been denied (Access Control Overview, n.d.).
From a security standpoint, access c