Basic Data Protection in Windows - Advanced ACL settings
(Page 3 of 4 )
Clicking the Advanced button will open a dialog that reveals more advanced settings to help you customize your data protection. There are several tabs that contain settings for specific areas of ACL protection.
The first tab allows you to customize the Special Permissions. This set of permissions defines what security settings are inherited from the parent object and which are passed down to child objects. This ensures that settings permissions for a folder will allow settings to propagate to the files and folder it contains.
Special Permissions are used to selectively override permission settings for an object.
The next tab allows you to set the Auditing procedures for the specified object. Auditing is a method of tracking access attempts on the object. It is controlled by Local Policy Settings (Group Policies), Domain Security Policies, or both depending upon the environment. If auditing policies are in place, an event will be written to the event log for each matching access attempt.
Your computer must be a member of a domain or have Local Security Policies enabled in order to utilize the Auditing feature. Auditing must also be enabled globally prior to creating Audit policies in order to prevent errors.
You can enable local auditing from within the Group Policy Editor in the following steps. You may need to install the Group Policy snap-in first.
- Select the Start button and choose Control Panel from the Start menu.
- Select Performance and Maintenance and then select Administrative Tools.
- Double-click Local Security Policy to open the Local Security Settings.
- In the left pane, expand Local Policies and select Audit Policy.
- Double-click items in the right pane to enable Audit events.
Once you have enabled audit objects events you can then select which events to monitor for your files and folders.
Next: More advanced controls >>
More Windows Security Articles
More By Nilpo
