The latest revision of the NT File System (NTFS) is used in Windows Server to provide for file-level security in the operating system. Each object referenced in NTFS, which includes files and folders, is marked by an access control list (ACL) that physically limits who can and cannot access a resource. NTFS permissions utilize this concept to strictly control read, write, and other types of access on files.
Although SharePoint servers are not often file servers, they can still grant or deny file access in the same way and should have the file-level permissions audited to determine whether there are any holes in the NTFS permission set.
Take care when applying security settings. Propagating incorrect security settings can lock out all subfolders on a server. When modifying security, a full understanding of the directory structure is required.