LSA 4: Describe File Permissions¶
File permissions control the ability of users to view, modify, execute, or otherwise interact with a file. Permissions are typically set for different levels of access, such as owner, group, and others. In Windows, these permissions can include read, write, execute, and modify, among others.
Authentication is a mechanism by which a system securely identifies a user.
Authorization, however, is a mechanism by which a system determines the level of access an authenticated user has to system resources (e.g., files and directories).
Most modern Windows OSs use Discretionary Access Control Lists (DACL) to assign file and directory permissions.