| < Day Day Up > |
|
CA Exchange certificate template, 7-23
callback for dial-up security, 12-21
caller ID, checking, 12-20
CAs (certification authorities), 7-6
certificate enrollment methods, 7-32
enterprise and standalone, 16-29
hierarchies of, 7-9-7-11, 7-13-7-16
managing and configuring, 16-29-16-36
number of, 1-19
obtaining latest CRL, 7-38
root CAs, 7-9, 7-13
SSL and, 11-5
trust lists (CTLs), 11-19
validity periods, 7-7-7-8
centralized authentication, 1-8
CEP Encryption certificate template, 7-23
certificate life cycles, 7-6-7-7, 7-64
Certificate Request Wizard, 7-33
certificate rules (software restriction policy), 4-5
Certificate Services, 7-1, 7-8-7-13
auditing, 7-13
deploying for IPSec, 9-10-9-15
disaster recovery, 7-12, 16-31
installing, managing, and configuring, 16-29-16-34
IPSec certificate authentication, 8-20, 15-46
wireless network infrastructure, 10-20-10-21
certificate templates, 7-19-7-30, 7-64
ACLs and permissions, 7-20
how to use, 7-21-7-24
managing, 7-19-7-30, 7-64
permissions, 7-24-7-25, 7-65
superseding, 7-26-7-29
updating, 7-25-7-27
versions of, 7-21
Certificate Trust List Wizard, 11-19
certificates. See also encryption
archives and recovery, 7-46-7-52, 7-54
authentication troubleshooting (IPSec), 9-42-9-43
backing up, 7-12, 16-31
defined, 7-5
enrollment, 7-6, 7-24, 7-31-7-35, 7-61-7-70, 11-23
IPSec authentication, 8-19-8-20, 8-33-8-34, 15-20, 15-36
managing and configuring, 16-29-16-36
remote access authentication, 12-23-12-24
revoking, 7-8, 7-35-7-38
SSL certificates, 11-5-11-7, 11-10-11-25, 15-50
template management, 7-19-7-30, 7-64, 7-65
trust lists (CTLs), 11-19
wireless network infrastructure, 10-20-10-21
Certificates snap-in, 7-26, 7-32, 7-33, 7-41
certification authorities (CAs), 7-6
certificate enrollment methods, 7-32
enterprise and standalone, 16-29
hierarchies of, 7-9-7-11, 7-13-7-16
managing and configuring, 16-29-16-36
number of, 1-19
obtaining latest CRL, 7-38
root CAs, 7-9, 7-13
SSL and, 11-5
trust lists (CTLs), 11-19
validity periods, 7-7-7-8
Certreq.exe utility, 7-34
Certutil.exe utility, 7-38
CGI (Common Gateway Interface), 4-32
chaining updates (patches), 5-11
Challenge Handshake Authentication Protocol (CHAP), 12-8-12-10, 12-13
Change permission
files and folders, 2-9
shared folders, 2-14
CHAP (Challenge Handshake Authentication Protocol), 12-8-12-10, 12-13
client certificates, SSL, 11-16-11-19
assigning, 11-15
deployment and management, 11-10-11-25, 15-50
firewall configuration, 11-7
obtaining, 11-5-11-6, 11-13-11-14
renewing, 11-16
reviewing, 11-6
client roles, 4-1-4-67
analyzing security configurations, 4-55-4-61
tuning security for, 4-3-4-14
Client (Respond Only) security policy, 8-31, 15-1, 15-9
clients, remote access, 12-30-12-35. See also remote access
authentication protocols, 12-30-12-32
CMAK wizard for, 12-30, 12-32-12-41
clusters, protecting with IPSec, 9-6
CMAK (Connection Manager Administration Kit), 12-30, 12-32-12-41
CmdKey.exe tool, 1-16
Code Signing certificate template, 7-22
Common Files subcomponent (IIS), 4-34
Compatws.inf template, 3-5
computer certificate templates, 7-23
computers
client roles, 4-1-4-67
desktop computer security, 4-7-4-8
integrated installation (slipstreaming), 6-19-6-24
kiosk security, 4-9-4-10
managing, planning for, 4-4-4-5
mobile computer security, 4-8-4-9
securing while on network, 6-15-6-18
software restriction policies, 4-5-4-7
Confidential Bytes Sent/Received parameters, 9-22
confidential data, protecting with SSL, 11-11
Connection Manager Administration Kit (CMAK), 12-30, 12-32-12-41
connections, dial-up, 12-3-12-5
user account properties, 12-19-12-21
connectivity, 1-18
CMAK (Connection Manager Administration Kit), 12-30
CMAK wizard, 12-32-12-41
installing operating system with, 6-15-6-18
IPSec protocol. See IPSec protocol suite
controllers, domain, 4-29-4-31
Active Directory, SSL on, 11-26-11-27, 11-34-11-37
Active Directory database, safeguarding, 4-29-4-30
configuring roles for, 4-29
disabling services, 13-9
Domain Controller Authentication certificate template, 7-23
number of, 1-18
protecting with firewalls, 4-30-4-31
secure authentication for, 1-26-1-27
conventions for updates (patches), 5-3
copying security templates
from existing configurations, 3-9
from predefined templates, 3-7
costs, remote networking, 12-4
Create All Child Objects permission, 2-11
Create Files permission, 2-8
Create Folders permission, 2-8
Creator group, 2-29
Creator Owner group, 2-29
credentials. See user credentials
critical updates, 5-8, 5-44
CRLs (certificate revocation lists), 7-8, 7-36, 7-64
checking, IPSec configuration, 8-33-8-34, 15-36
publishing, 7-36-7-38
troubleshooting publishing of, 7-38
crossover cables, 6-17
Cryptographic Message Syntax Standard, 7-47
Cryptographic Service Providers (CSPs), 7-31
cryptography, 7-3. See also encryption
WEP, 10-4
CSPs (Cryptographic Service Providers), 7-31
CTLs (certificate trust lists), 11-19
| < Day Day Up > |
|