Equipment: the Windows Server system installed in Week 11, a provided company scenario (5 user accounts, 3 groups, shared folder structure).
(2h) Creating the 5 user accounts and 3 local groups from the scenario, via the GUI (Computer Management) then via PowerShell for the same operations — comparing both approaches.
(3h) Creating the scenario's folder structure, assigning NTFS permissions by group for each folder (one group only has access to its own folders).
(3h) Access testing: logging in with each user account, verifying that granted access works and that non-granted access is denied.
(3h) Configuring a network share for the main folder, testing access from a second machine (or from the same machine via the UNC path).
(3h) Exploring the Security Event log to find traces of successful logins and denied access attempts made during the tests.
Expected NTFS permissions check: use the Security tab in a folder's properties to display a given account's effective permissions — the "effective permission" takes into account inheritance and group membership, not just explicitly visible first-level permissions.
Expected Security log trace: denied access attempts generate an event with a specific ID (to be identified on the version in use) in the Security log — this exercise anchors the importance of logs for security diagnosis and auditing.