File System Security
To ensure that significant system and application program and data resources are protected from unauthorized access and modifications.
1. Review the file system directory trees to ensure that only operating system file systems are used on servers within the audit scope (since any other file system type, DOS or other, cannot be controlled by operating system security with the exception of operating system share security).
2. Using the File Manager directory tree utility, list out the Security Permissions for all system directories and significant application programs
and directories; perform the following:
a. Determine that the owner of all operating system directories is the Administrator account.
b. Determine that application program and data directories are owned by a restricted application owner account of the operating system
Administrator account .
c. Review and assess permissions assigned to groups and individual accounts, noting that Full Control (all permissions) and Change (Read, Write, Execute, and Delete) permissions are restricted to authorized users (cross-reference groups to earlier step, identifying users with the groups they belong to).
d. Determine that Change permissions and Take Ownership permissions are restricted to Administrative accounts and groups.
e. Using the File Manager directory, identify all shared directories (directories made available to users of the network). Review and assess share permissions assigned to these directories on a group or user basis.