|
|
EAP (Extensible Authentication Protocol), 532-533
EAP-MD5 CHAP, 532
EAP-TLS, 532-533
echo requests, replies, 325
editing built-in IPSec policies, 353
EFS (Encrypting File System), 108, 210
architecture of, 292
callback functions, 294
components of (fig.), 293
encrypting files with, 274
encryption process (fig.), 270
file information, 7, 38-47
File System Runtime Library (FSRTL), 293
functionality of, 269-271
information, decrypting, 123
preventing on servers, 277
recovery agents, 283, 285, 289
role in security system, 265-266
troubleshooting, 302-303
user operations, 271
using, 266
EfsRead callback function, 309
EfsRecvr utility, 291, 305
electromagnetic (EM) field, 389
Trojan payload in (fig.), 660
warning of viruses via, 661
white hat protection for, 697-706
EM fields, 389-390
Encapsulating Security Payload (ESP), 559
Encrypted Data Recovery Policy (EDRP), 267, 283
encrypted files
adding users in Windows XP, 278
copying, 276
moving, renaming, 278
preventing on servers, 277
recovering with EfsRecvr utility, 291
sharing in Windows XP/.NET, 278
Windows 2000 steps for, 308
encrypting
data (fig.), 202
directories, 282
files, folders, 272
Encrypting File System. See EFS (Encrypting File System)
encryption
basic file, 304
compression and, 309
DES, 269
described, 201, 264
enabling (fig.), 272
fundamentals of, 267
process described, 295-297
Secure Shell (SSH) tool, 696, 705-706
verifying your level, 496
Encryption File System. See EFS (Encrypting File System)
Enhanced CryptoPAK, 307
Enterprise Root, Subordinate CAs, 209
enterprise security, configuring (fig.), 88
errors, logging, 114
ESP, protocol described, 336
ESP (Encapsulating Security Payload), 559
Ethereal packet sniffer, 703
EventCombMT, using tool, 635-637
EventCombMT GUI-based utility, 633
event ID 531, appearing frequently, 623
Event Log
account logon events that appear in, 625-626
account management events in (table), 626
analyzing security issues using, 116-117
logon events that appear in (table), 622
normal entry (fig.), 115
policies described, 42-43
security options (table), 43-44
use in Windows 2000, 114-116
Event Log node, configuring, 29
event logging, VPN servers, 555
Event Viewer
auditing and, 619
log size, 629-630
Security Log, 614-617
events
to audit, 621-622
audit system, 616
failed, event IDs, 624
evidence collection, security incidents, 676-679
Exchange 2000 Server, securing, 97
Exchange BackEnd Incremental.inf, 99
Exchange Key Management Server (KMS), 241
Exchange System Manager (fig.), 243
exporting
Administrator File Recovery Certificate and keys (fig.), 109
certificate and private key, 222-225
Data Recovery Agent certificate, 123
DES, 254
security templates, 55-57
Extensible Authentication Protocol (EAP), 532
Extensible Markup Language (XML), 140
extracting Service Pack files (fig.), 157
|
|