4.8. Task 4.8: Securing Shares
File and folder resources on a network are accessed through a special opening in a system called a share point. These share points are there for good reason, but they are often the doorway that an attacker uses to violate your system security controls. Share points are made possible and managed by the File And Printer Sharing service, otherwise called the Server service.
Only Administrators, members of any of the Operators groups, and Power Users have permissions sufficient to create share points, in an attempt to minimize the potential exposure of vulnerabilities.
Even with this elite and restrictive collection of share point creators, each share point should be carefully configured to implement the principle ...