|
|
data
confidentiality of, 268
encrypting (fig.), 202
Database Security window (fig.), 49
data encryption described, 264
Data Encryption Standard (DES), 201, 269, 334
Data Encryption Standard (DES/CBC/Message Digest 5 hash, 466
data file viruses, 659
datagrams, after applying AH in transport mode (fig.), 336
data integrity and secure communications, 372
Data Recovery Agent certificate, exporting, 123
data types, categorizing impact of risk (table), 345
DC security.inf, 22
DDoS attacks, 666, 669-671
DecryptFek function, 301
decrypting
EFS information, 123
files, 279
decryption
described, 201
process described, 300-301
Deffie-Hellman, 336
delegation of authentication
concept explained, 468-469
Windows 2000 and Kerberos, 474-475
denial of service attacks. See DoS attacks
deploying
IP Security, 343-371
security templates, 53-62
security via Group Policy, 57
security via scripting, 60-61
DES, exporting, 254
desktop workstations, securing, 107-108
DFS (Distributed file System), 114
diagnostic logging, 114-116
Diffie-Hellman keys, 222
digest authentication, 498-499
Digital Signature Algorithm (DSA), 222
digital signatures, 203-204, 330, 332
directories
encrypting, 282
root, 14
Directory Access Protocol (DAP), 14
Directory Information Shadowing Protocol (DISP), 14
Directory Information Tree (DIT), 14
Directory Operational Binding Management Protocol (DOP), 14
directory services, introduction to, 7
Directory Services Client. See DSClient
Directory Services (DS) clients, legacy issues, 113-114
Directory System Agent (SSA), 14
Directory System Protocol (DSP), 14
direct-sequence spread-spectrum (DSSS), 391
disabling unwanted services, 700
disks, encryption and, 276
Distributed File System (DFS), 114
DNS names, 10
and IPSec security, 349
Microsoft Kerberos, 478
DNS namespace, 11
documenting security incidents, crime scenes, 675, 680
domain controllers
described, 17
securing, 90-91
Domain Controllers OU (fig.), 89
Domain Controllers properties window (fig.), 493
Domain Name System (DNS), 213, 349, 472
domains
connecting external (fig.), 484
described, 13
importing security templates in, 59-60
Kerberos authentication, 463, 467-468, 482
NT, 7
realms and, 467
securing, 88
trees and forests (fig.), 482
Domain Security Policy console (fig.), 25
DoS attacks, 325, 666-671
download sites
Ethereal, 704
Microsoft L2TP/IPSec VPN Client, 575
Nmap, 703
NTBUGTRAQ, 701
SSH, 706
drivers, EFS, 293, 294, 295
DSClient, 89, 491
Dumpel tool switches (table), 634
Dump Event Log, 633-634
dwell time, 391
dynamic ASP, locking down IIS servers, 103
Dynamic Host Configuration Protocol (DHCP), 349
dynamic/private port numbers, 712
|
|