U

Previous page
Table of content
Next page

S

SACE (System Access Control Entry), 141, 142-143

designator, 174

flags, 174-176, 177-179

rights, 179

trustee, 180

type, 176-177

SACL (System Access Control List), 141, 142

salt, 215

Save Filter to Custom View dialog box, 37

Save the recovery password dialog box, 203

sc.exe, 244

getname, 245

qsidtype, 254

restricted SID commands, 254

showsid, 254

sidtype… restricted, 252

syntax, 244-245

Schneier, Bruce, Secrets and Lies: Digital Security in a Networked World, 31

SCM (Service Control Manager), 244

screen, grayed out screen with Consent UI, 106

.SDB (System Database) file extensions, 101

SDDL. See Security

Descriptor Definition Language (SDDL)

sealing the key, to TPM, 188

SeBackupPrivilege, 71

SeChangeNotifyPrivilege, 5, 70

SeCreateGlobalPrivilege, 6, 7

SeCreateTokenPrivilege, 70

Secrets and Lies: Digital Security in a Networked World (Schneier), 31

sector, 189

sector key, 193

securable objects, 137-138

Secure Desktop, 106-109

disabling, 107

enabling applications with, 108-109

manifests and access, 108

Secure Hashing Algorithm (SHA), 31

"secure locations," 109

secure startup, 186

security

early need for, 134

option changes, 25-31

LAN Manager deemphasized, 28-30

named pipe access, 26-27

share and Registry access, 27

unsigned driver warnings, 30-31

Security Descriptor Definition Language (SDDL), 140, 146, 173

label syntax, 174-180

SACE flags, 177-179

SACE rights, 179

SACE trustee, 180

SACE type, 176-177

SACL designator, 174

SACL flags, 174-176

strings for setting integrity levels, 180

displaying, 180

security ID (SID), in token, 67-68

Security Zone in Internet Explorer 7, 236

SeDebugPrivilege, 71

SeImpersonatePrivilege, 71

SeIncreaseWorkingSet Privilege, 70

SeLoadDriverPrivilege, 71

SeProfileSingleProcessPrivilege, 6, 7

SeRelabelPrivilege, 71, 147-148, 151

SeRestorePrivilege, 71

service accounts, 241-242

Service Control Manager (SCM), 244

service host, 242

services, 241

basics, 241-244

displaying during boot process, 15

isolation, 251-254

how it works, 251-252

multiple with different privileges, 249-250

and process speed, 52

random location assignment, 229-230

reducing privileges, 247-250

by admins, 248-249

by developers, 248

restricting network ports, 255

session separation, 246-247

SID for, 251

displaying, 254

granting write permissions, 252-253

restricting, 252

sc.exe commands, 254

starting, 52

troubleshooting, 234

Vista toughening, 245-246

services.exe, 244

services.msc, 244

SeShutdownPrivilege, 6, 70

sessions, separation, 246-247

SeTakeOwnershipPrivilege, 71

SeTcbPrivilege, 70

SeTimeZonePrivilege, 70

SeUndockPrivilege, 6

SeUnl, 70

SHA (Secure Hashing Algorithm), 31

shares, XP anonymous access, 27

shields

in Control Panel, 86

program icons with, 85

"shim," 101

short-term patch, virtualization as, 125

shortcuts

adding to Programs folder, 77

Advanced Properties dialog box for, 78

shrink command, 202

shutting down system, user privilege allowing, 70

SID for service, 251

displaying, 254

granting write permissions, 252-253

restricting, 252

sc.exe commands, 254

simple volume, 189

SMTP server, configuring to accept alert e-mails, 40

sos option in BCD, 15

source computer for subscription, 43

authentication between collector and, 53-55

setup, 44-46

split token, 64

SPOOLSS named pipe, 27

spyware, 112

SQL\QUERY named pipe, 27

SQL Server, database location, 115

SRK (Storage Root Key), 188

standard user token, 65, 66

creating from administrator account, 74

and integrity rules, 154

Windows creation of, 66-74

standard users, 4

file and Registry virtualization for, 123-125

privileges, 70

Start menu

Administrative Tools, Event Viewer, 33

All Programs, Accessories, command prompt, 3

Command Prompt context menu, Run as administrator, 75

Computer, 117

Computer context menu, Properties, 21

context menu, Properties, 7

Control Panel, 19

Network and Internet Connections, 19, 20

Security, BitLock Drive Encryption, 203

Explore, 77

"Run…," restoring, 7-8

starting, Event Viewer, 33

startup key, 197, 198, 207

without TPM, 204

Storage Root Key (SRK), 188

store for BCD, 10

subinacl tool, 68

Subscription Properties dialog box, 47, 47, 50, 50, 57

subscriptions

collector setup, 44

creating, 44-50

on collector, 46-50

names for, 47

overview, 43-44

setup, 56-57

sources setup, 44

troubleshooting delays, 50-52

svchost.exe, 242, 242, 250

services running in, 243

tokens for, 243, 243-244

Sysinternals, Process Explorer, 242

sysmain.sdb, 101

System Access Control Entry (SACE), 141, 142-143

designator, 174

flags, 174-176, 177-179

rights, 179

trustee, 180

type, 176-177

viewing, 142

System Access Control List (SACL), 141, 142

system BCD store, 10. See also store for BCD

"The system cannot find the file specified" message, 117

"System error 5 has occurred." message, 3

system files, modifying, 170-173

System integrity level, 140, 141

beta testers and, 170

potential for malware manipulation, 168

system partition, 189

System Properties dialog box, Remote tab, 21, 21

System Recovery Options dialog box, 201-202

System Restore for XP, 24

system time, right to modify, 6



Previous page
Table of content
Next page
Administering Windows Vista Security. The Big Surprises
Administering Windows Vista Security: The Big Surprises
ISBN: 0470108320
EAN: 2147483647
Year: 2004
Pages: 101
Authors: Mark Minasi, Byron Hynes
BUY ON AMAZON
Managing Enterprise Systems with the Windows Script Host
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Making Sense of Change Management: A Complete Guide to the Models, Tools and Techniques of Organizational Change
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy