Windows Server 2012 ushers in a new type of resource access control mechanism, Dynamic Access Control, that complements the existing NTFS ACL functionality. This presentation will briefly describe the new functionality from a system administration perspective and then will dive into the nuts and bolts that make it work. Knowledge about how this new functionality works will be valuable for security architects, compliance personnel, and penetration testers.