The documentation for System.Security.AccessControl.FileSystemRights enumeration lists NTFS file/folder permission rights that can be applied to an ACE, that will be added to an ACL, with a snippet like the following specifying the rights:
$fileOrFolderRights = [System.Security.AccessControl.FileSystemRights]"Read, Write"
When instructed to do this manually in the Permission Entry Dialog, my boss told me to check the Full Control checkbox, and then uncheck it.
I want to say that all I need to do to duplicate this is to include all of the members listed in the FileSystemRights documentation less the FullControl one; but I don't think this is the case, since there are special permissions too
The easiest way to work this out is probably to replicate the procedure in the gui then use powershell to see what the reported rights are using get-acl. My results are below.
PS D:\test> (get-acl test.txt).Access
FileSystemRights : Modify, Synchronize
AccessControlType : Allow
IdentityReference : Everyone
IsInherited : False
InheritanceFlags : None
PropagationFlags : None