| < Day Day Up > |
|
EAP (Extensible Authentication Protocol), 10-7
remote access authentication, 12-8—12-10, 12-11—12-12
EAP-TLS authentication, 10-10, 12-12
certificates, 10-20
eavesdropping, 10-3
editing Group Policy inheritance, 3-23—3-24
troubleshooting, 3-36—3-37
editing security templates, 3-4—3-17, 7-25—7-27
available settings, 3-9—3-12
configuring for earlier Windows versions, 3-13—3-14
from existing configuration, 3-9
planning, 3-6—3-7, 13-8—13-14, 13-19
practice example, 3-14—3-16
predefined, 3-5—3-7, 3-28
from scratch, 3-7—3-8
troubleshooting, 3-31—3-45, 3-48—3-55, 13-24
writing descriptions, 3-15
EFS (Encrypting File System), 4-9
EFS Recovery Agent certificate template, 7-22
e-mail distribution groups, 2-20
Enable Strong Private Key Protection option, 8-20, 9-11, 9-43
enabling and disabling
LM passwords, 1-12
services for domain controllers, 13-9
SID filtering, 1-47
SSID broadcasts, 10-14
encapsulation, L2TP/IPSec, 12-7
Encrypting File System (EFS), 4-9
Encrypting Security Payload (ESP) protocol, 8-5, 8-13
encryption, 7-1, 7-3
asymmetric key encryption, 7-4
certificate archives and recovery, 7-46—7-52, 7-54
certificate management, 7-6, 7-24, 7-31—7-38, 7-61—7-70, 11-23, 16-29—16-36
Certificate Services, 7-8—7-13, 8-20, 9-10—9-15, 10-20—10-21, 15-46, 16-29—16-36
certificate template management, 7-19—7-30, 7-64, 7-65
cryptography, 7-3, 7-31, 7-47, 10-4
IPSec vs. SSL, 11-4
LDAP queries, 11-26—11-27, 11-34—11-37
LLTP protocol, 12-6
mail servers, 11-31—11-33
Microsoft Outlook, 11-33—11-34
passwords, 1-19, 7-3. See also passwords
port numbers for protocols, 11-7
PPTP protocol, 12-6
private keys, exporting, 7-48
public key infrastructure (PKI), 7-3—7-18, 7-46—7-47, 8-19—8-20, 12-7, 15-20
SQL Server, 11-27—11-31
SSL with IIS, 4-37—4-38, 11-10—11-25, 15-50
TSL network encryption, Exchange Server, 4-44—4-45
WEP (Wired Equivalent Privacy), 10-4—10-11, 10-20, 12-12, 15-42
WPA, options for, 10-12
enforcing policy inheritance, 3-21
enhanced certificate key usage, 7-21, 7-64
Enroll permission (certificate templates), 7-24
enrolling and installing certificates, 7-6, 7-31—7-35, 11-23
automatic, 7-24, 7-32, 7-34—7-35
manual, 7-33—7-34
permissions for, 7-24
troubleshooting, 7-61—7-70
Enrollment Agent certificate template, 7-22
enterprise CAs, 7-9, 7-20, 16-29
certificate enrollment methods, 7-32
environment, evaluating, 1-18—1-19
errors and troubleshooting
auditing, 2-50—2-54, 3-10, 4-45, 4-49—4-50, 5-35—5-36, 6-3—6-14, 7-13, 9-23—9-25
authentication, tools for, 1-16
authorization, 2-47—2-55, 2-57
CRLs, publishing, 7-38
IPSec protocol, 9-40—9-46, 15-32—15-39
security templates, 3-31—3-45, 3-48—3-55, 13-24
SSL-encrypted connections, 11-19—11-20
update testing (patches), 5-24—5-25, 5-33
ESP (Encrypting Security Payload) protocol, 8-5, 8-13
evaluating updates, 5-30—5-32
event analysis, 2-52—2-54
security templates, troubleshooting, 3-37
event logs and logging
Active Directory, 4-29, 4-30
analyzing events, 2-52—2-54
DHCP servers, 4-25—4-26
DNS service, 4-28
dropped packets, IPSec (exercise), 9-26—9-28, 9-36
Exchange Server, 4-45
IAS servers, 4-42
IIS, 4-35—4-37
IKE tracing log, 9-28—9-29
policies, 3-11
SQL Server security, 4-49—4-50
Event Viewer, 2-52—2-54
monitoring IPSec, 9-23—9-28, 9-36
Everyone group, 2-30
Exchange Enrollment Agent certificate template, 7-22
Exchange Server, 4-43—4-46
logging considerations, 4-45
ports used by, 4-46
protecting with firewalls, 4-45—4-46
TSL network encryption, 4-44—4-45
Exchange Signature Only certificate template, 7-22
Exchange User certificate template, 7-22
Execute File permission, 2-8
Execute permission (Web sites), 4-38
expiration, CAs, 7-7—7-8
expiration, certificates, 7-6—7-7, 7-64
explicit permissions, 2-5
exploits, 5-3, 5-44
exporting certificate keys, 7-47—7-49, 7-52
express installation of service packs, 5-32
extended certificate key usage, 7-21, 7-64
Extensible Authentication Protocol (EAP), 10-7
remote access authentication, 12-8—12-10, 12-11—12-12
external trusts, 1-43
external users, authenticating, 1-32—1-40
anonymous access, 1-25—1-26, 1-32—1-33, 1-36—1-39, 2-29
delegated authentication, 1-34—1-35
Web authentication, 1-33
/extract update parameter, 6-29
| < Day Day Up > |
|