Today was a productive day. I hiked up Cowles Mountain and made it to the top in 32 minutes. The view was clear, the air was fresh, and I felt energized. After the hike, I went to the San Carlos Library to keep the momentum going.
While there, I continued my Security+ studies through the TestOut Security Pro course. I focused on authorization, and I’m starting to understand the difference between authentication and authorization. Authentication is when you log in—proving who you are. Authorization happens after that. It’s about what you’re allowed to do. This is handled using an Access Control List (ACL), which is basically a list of rules about what users or groups can access certain files or folders.
I also came across something called a DACL, or Discretionary Access Control List. It’s used to specify who is allowed (or denied) access to an object. A SACL, or System Access Control List, is used to specify what access attempts should be logged. Both are part of how Windows handles security.
Security principals—like user accounts, computer accounts, or groups—are all assigned a Security Identifier (SID). The system checks that SID against what’s allowed in the folder or file. I’m curious what else the SID does, and how deep I can go in learning about these access controls.
Every step—whether it’s up a mountain or through a lesson—is getting me closer to my goals.
Think Positive Cyber 
Leave a comment