Security+

File Systems

File Systems: Several filesystems are involved in the operating systems, and from a network perspective, they have a high level of interoperability among them.

Throughout the years, different vendors have implemented their own sets of file standards. Some of the more common filesystems in Windows are listed here:

Microsoft FAT: Microsoft’s earliest filesystem was referred to as the File Allocation Table (FAT).

FAT was designed for relatively small disk drives. It was upgraded first to FAT-16 and finally to FAT-32. FAT-32 allows large disk systems to be used on Windows system.

FAT allow only two types of protection: share-level and user-level access privileges. If a user has Write or Change Access permission to a drive or directory, they have a access to any file in that directory. This is very unsecure in an Internet environment.

NOTE: It is rare to find FAT used in the corporate world these days (other than on some USB drives), but you should still know about it for the exam.

Microsoft NTFS: The New Technology Filesystem (NTFS) was introduced with Windows NT to address security problems.

Before NT was released, it had become apparent to Microsoft that a new filing system was required to handle growth disk sizes, security concerns, and the need for more file stability. NTFS was created to address these issues.

Although FAT was relatively stable if the systems that were controlling it kept running. It didn’t do so well when the power went out or when the system crashed unexpectedly.

One of the benefits of NTFS was a transaction-tracking system, which made it possible for Windows NT to back out of any disk operations that were in progress when Windows NT crashed or lost power.

With NTFS, files, directories, and volumes can each have their own security. NTFS’s security is flexible and built in.

Not only does NTFS track security in access control lists (ACLs), which can hold permission for local users and groups, but each entry in the ACL can specify what type of access is given, such as Read-Only, Change, or Full Control.

This allows a great deal of flexibility in setting up a network. In addition, special file-encryption programs were developed to encrypt data while it was stored on the hard disk drive (HDD).

Microsoft strongly recommends that all network shares be established using NTFS. As Microsoft has continued to refine NTFS, the version has incremented, with 3.1 being the most common used as of this writing.

To see the version installed on a particular workstation, at the command prompt with administrative privileges type fsutil fsinfo ntfsinfo C:, and the second line shown will be the NTFS version.

NOTE: Window systems often have hidden administrative shares with names that ends with a dollar sign character (C$, admin$, and so on).

These are created for use in managing the computer on the network, and they can be permanently disabled only through Registry edits. You can temporarily disable them with the Computer Management console, but they will return on reboot unless you permanently disable them with Group Policy.

For the purpose of Security+ Exam, simply know that they exist and are needed for full network functionality.

Make sure that you periodically review the manufactures’ support website and other support resources, which are available to apply current updates and security patches to your systems. Doing so on a regular basis will lower your exposure to security risks.

NOTE: Although Windows is the focus here, know the other operating systems have their own filesystem.

In linux, for example, common choices include ext3, ext4, and XFS.

Macs used HFS (Hierarchical File System) and later replaced with HFS Plus (also known as HFS Extended).

Related Articles

Leave a Reply

Back to top button