[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X] [Z]
SA (Security Association) and IPSec drivers
safe mode passwords
protected by Syskey
SAM (Security Accounts Manager)
disallowing anonymous enumeration of SAM accounts
storing passwords using one-way hashes 2nd 3rd
SANS Security Policy Project
SCA (Security Configuration and Analysis) toolset
analyzing security settings
creating SCA console
creating security databases
importing security templates
SCEP (Simple Certification Enrollment Protocol)
Schema Admins group
schema context (Active Directory forest) 2nd
Secedit.exe tool
secure code
dangers of unsigned code
enforcing use of
how to tell
identifying
secure configurations, deploying with security templates
Secure Domain Controller Security template
secure dynamic updates (DNS)
enabling
secure email
digitally signed messages, sending
downsides to using
encrypted messages, sending
HushMail online service
implementing
non-Microsoft products
PGP (Pretty Good Privacy) product
two forms of
secure file shares, setting up
Secure Server (Require Security) default configuration
Secure Sockets Layer (SSL)
public key encryption and
Secure Workstation Security template
securedc.inf template
securews.inf template
security
Active Directory features
awareness and education programs
basics of
checklist, example of
concerns with DNS
default settings
for upgrades
through GPOs
determining status of, using MBSA
DHCP server authorization
enforcement mechanisms
administration-based
technology-based
enforcing with Group Policy
for files, provided by NTFS
importance of
lack of, in DHCP
layered
for networks
physical [See physical security]
problems with web servers
providing for
Active Directory objects
domain controllers
domains
forests
remote access and its risks
smart cards and
for wireless networks
Security Accounts Manager [See SAM]
Security Association (SA) and IPSec drivers
security breaches, reducing likelihood of
Security Configuration and Analysis (SCA) toolset
analyzing security settings
creating SCA console
creating security databases
importing security templates
security databases
analyzing security settings
creating
creating templates from
importing security templates
security design in Windows Server 2003
security enhancements in Windows Server 2003
Enterprise Server Edition
Standard Server Edition
and Windows XP 2nd
security features in Windows Server 2003
security identifiers (SIDs)
Security Log
verifying IPSec operation with IKE logging
security policies 2nd
attributes of
benefits of
common characteristics of
components of
creating
keeping passwords secret
monitoring
political aspects of
security procedures
benefits of
creating
monitoring
security settings
analyzing
audit policy, controlling
built-in security templates and
controlling
identifying security needs
password policy, controlling
Security Showdown
EFS data recovery strategies
Group Policy philosophy
two-tier vs. three- tier PKI
security templates
built-in
creating your own
deploying secure configurations with
deploying, using Group Policy
effective use of
Group Policy and
how they work
importing
not available on older systems
upgrading domain controllers and
use with caution
vs. Group Policy
security tokens on client computers
selective authentication
self-signed certificates
senior management
creating security policies
obtaining approval of defined procedures
server certificates
Server Side Includes, security risks with
servers
as risk factors
DHCP interactions with clients
restricting to highly secure communication
securing 2nd
security auditing for
storing shared encrypted files on
service accounts
avoid using Administrator accounts as
for DHCP servers, creating
protecting
service tickets, maximum life for
services needed
for domain controller replication
for IPSec traffic across firewalls
session key perfect forward secrecy (PFS)
Setup Security template
setupsecurity.inf template
shared computers, local file security for
shared encrypted files, storing on file servers
shared files, setting permissions for
shared secret key cryptography
supported by Windows Server 2003 for IPSec communication
shoulder surfing
sid2user tool
SIDs (security identifiers)
disallowing SID/ name translation
object security and ACLs
SID filtering
signed code
dangers of unsigned code
device drivers and
how it works
Simple Certification Enrollment Protocol (SCEP)
sites (Active Directory)
skew time
smart card readers
smart cards 2nd
Active Directory security and
authenticators and
biometric technology and
blank, purchasing
cryptography, ideal for
deploying PKI first
distributing
enrolling users of
how they work
implementing
issuing
logon process
lost/damaged
preparing to issue
private keys and 2nd
reauthenticating
removal from reader, setting policy for
requirements for using
simplifying security for users
vs. passwords 2nd
in Windows Server 2003
improvements to
SMB file sharing
SMB signing vs. IPSec
SMTP (Simple Mail Transport Protocol)
software patches for security vulnerabilities
software publishing certificates
Software Restriction Policy [See SRP]
Software Update Services (SUS)
configuring clients
installing/configuring server
integrating with MBSA
splitf.exe file
spoofing attacks
on DHCP servers
on DNS servers 2nd
SRP (Software Restriction Policy) 2nd
best practices for
configuring
Group Policy and
SSL (Secure Sockets Layer)
IIS (Internet Information Services) and
public key encryption and
vs. IP Security
stale accounts, cleaning up
standalone CA (certification authority)
standard DNS zones
restricting zone transfers
Standard Server Edition of Windows Server 2003, security enhancements in
standards vs. policies/procedures
stolen computers, reality of
strong passwords
choosing 2nd
forcing users with weak passwords to change
laptops and
for Syskey
structural components of Active Directory
subnets and sites
SUS (Software Update Services)
configuring clients
installing/configuring server
integrating with MBSA
suspicious activities, report to security
symmetric algorithms
symmetric keys
synchronization schedules, configuring
Syskey utility
mode 2, configuring for laptops
modes of protection
system information, protecting with Syskey
System Monitor tool
| |
