Back up files and directories
|ID: oval:gov.nist.usgcb.windowsseven:def:15||Date: (C)2012-04-13 (M)2017-10-21|
|Class: COMPLIANCE||Family: windows|
This user right determines which users can bypass file and directory, registry, and other persistent object permissions for the purposes of backing up the system.
Specifically, this user right is similar to granting the following permissions to the user or group in question on all files and folders on the system:
Traverse Folder/Execute File
List Folder/Read Data
Read Extended Attributes
Assigning this user right can be a security risk. Since there is no way to be sure that a user is backing up data, stealing data, or copying data to be distributed, only assign this user right to trusted users.
Default on workstations and servers: Administrators
Default on domain controllers:Administrators
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Back up files and directories
(2) REG: INFO NOT AVAILABLE
|Microsoft Windows 7|