Determines which users can bypass file, directory, registry, and other persistent object permissions when they restore backed up files and directories, and it determines which users can set valid security principals as the owner of an object.
Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Restore files and directories
SeRestorePrivilege
Privilege Escalation (TA0004), Defense Evasion (TA0005), Collection (TA0009), Impact (TA0040)