MCSE NTFS Security

is based on DAC(discretion access co
ntrol) means each resource is under the control of its creater/owner. Creater can define privilages, these enteries are known as ACE(access control entry). MANY ACE makes ACL(access control list)
Practically implementing NTFS Security:
right click on the folder->prop-Sec
inherited permissions can be controled from root drive
full control gives you full access, so you can add or change permissions for other users(change ACL). but with modifly you can't change someone else permissions