| < Day Day Up > |
|
packet filtering, 4-17-4-18
logging dropped packets, 9-26-9-28, 9-36
IPSec and, 8-14-8-15
troubleshooting (IPSec), 9-43
Packets Not Authenticated parameter, 9-22
Packets Not Decrypted parameter, 9-22
Packets With Replay Detection parameter, 9-22
PAP (Password Authentication Protocol), 12-8-12-10, 12-14
parent/child trusts, 1-43
/passive update parameter, 6-28
passport authentication, 1-33
Password Authentication Protocol (PAP), 12-8-12-10, 12-14
Password Complexity feature, 1-20
passwords, 1-7
encryption, 7-3
LM authentication, 1-11-1-12
password policies, 1-19-1-21, 3-10, 3-27, 13-25
remote access, server configuration, 12-19-12-23
patches (updates), defined, 5-3
patches, managing, 5-1-5-44, 14-1
assessing current status, 5-15-5-16, 14-15-14-26
assessing patch levels, 6-3-6-14
chaining updates, 5-11
deploying updates on existing clients, 6-27-6-53
deploying updates on new clients, 6-15-6-26
deployment, 14-27-14-33
deployment planning, 14-4-14-13
deployment process, 5-28-5-36
infrastructure for, 5-14-5-27
product lifecycles, 5-10-5-11
types of patches, 5-4-5-10
uninstalling service packs (example), 14-33
path rules (software restriction policy), 4-6
PEAP (Protected EAP) authentication, 10-9-10-10, 12-12
certificates, 10-20
peer authentication, IPSec, 8-18-8-21
Kerberos authentication, 8-19, 9-41-9-42, 15-20
preshared keys, 8-20, 15-20
public key certificates, 8-19-8-20, 15-20
Pending Key Operations parameter, 9-22
Perfect Forward Secrecy (PFS), 8-28
performance
Active Directory permissions, 2-11
bandwidth vs. latency, 1-19
dialup vs. VPNs, 12-4
distribution vs. security groups, 2-20
management of, permissions, 2-25
SSL accelerators, 11-11
updates (patches), preparing for, 5-16
Performance Console, 9-29-9-30
Performance Log Users group, 2-25
Performance Logs And Alerts (Performance Console), 9-29
Performance Monitor Users group, 2-25
perimeter networks, 4-19-4-21
permissions, 2-4-2-14, 16-21-16-28
analyzing, 3-36
authorization, 1-6, 2-3-2-23, 2-38-2-55, 3-12, 4-21-4-23, 4-48-4-49, 10-19, 16-21-16-28
certificate templates, 7-20, 7-24-7-25, 7-65
files and folders, 3-12
groups, 2-19-2-37, 2-41-2-44, 16-13-16-20
inheriting, 2-5-2-6
least privilege, 2-38
nesting groups, 2-20, 2-44
registry, 2-12, 3-12
services, 2-12
SQL Server, 4-48-4-49
standard and special, 2-7-2-14
Web site permissions, IIS, 4-38
wireless networks, 10-19
Personal Information Exchange Syntax Standard, 7-47
PFS (Perfect Forward Secrecy), 8-28
Phase 1, IKE negotiation, 8-11-8-12, 9-19-9-21
Phase 2, IKE negotiation, 8-12-8-13, 9-21-9-23
Phases 1 and 2, PEAP authentication, 10-9
physical security of wireless networks, 10-3, 10-6, 10-18
ping utility, 9-32
PKCS export formats, 7-47
PKI (public key infrastructure)
archiving keys, 7-49-7-50, 7-54
exporting keys, 7-47-7-49, 7-52
fundamentals, 7-3-7-18
IPSec authentication, 7-8, 8-19-8-20, 15-20
key recovery, 7-46-7-47
L2TP/IPSec authentication, 12-7
recovering keys, 7-50-7-52
planning
authentication strategy, 1-18-1-31, 3-10, 16-6-16-12
groups, structure of, 16-13-16-20
IPSec infrastructure, 8-17-8-20, 15-20
managed client computers, 4-4-4-5
security templates, 3-6-3-7, 13-8-13-14,13-19
update (patch) deployment, 14-4-14-13
Point-to-Point Protocol (PPP), 12-5
.POL files, 3-13
troubleshooting System Policy, 3-43-3-44
Poledit.exe utility, 3-13
policies
account lockout policies, 1-21-1-22, 3-10, 4-41
account policies, 3-9-3-10
analyzing from registry, 3-40-3-42
auditing, 3-10
configuring with security templates, 13-20
event log policies, 3-11
Group Policy inheritance, 3-20-3-24, 3-36-3-37
IPSec protocol, 9-3-9-10
Kerberos ticket policies, 1-22-1-23, 3-10
local policies, 3-10-3-11
password policies, 1-19-1-21, 3-10, 3-27, 13-25
public key encryption (PKI), 7-3-7-18, 7-47-7-52, 7-54, 8-19-8-20, 12-7, 15-2
RAPs (remote access policies), 10-22-10-24 12-10, 12-21-12-23
refreshing, 3-32
restricted groups policies, 3-11-3-12
Restricted Groups policy, 2-32-2-34
services, 3-12
software restriction policies, 4-5-4-7
System Policy, 3-4, 3-11, 3-13, 3-43-3-44, 3-50
user rights assignment, 3-11
wireless access policies, 10-17-10-18
POP3 protocol, encryption with, 4-44, 8-4
encrypting with SSL, 11-31
port numbers for, 11-7
populating groups, 2-35
ports
Active Directory, 4-30
Exchange Server, 4-46
numbers for protocols, 11-7
Power Users group, 2-27
PPP (Point-to-Point Protocol), 12-5
PPTP (Point-to-Point Tunneling Protocol), 12-5-12-6
predefined security templates, 3-5-3-6
applying using Group Policy (example), 3-28
copying, 3-7
preshared key authentication
IPSec protocol, 8-20, 15-20
remote access, 12-8-12-10, 12-14, 12-32
Pre-Windows 2000 Compatible Access group, 2-26
principle of least privilege, 2-38
Print Operators group, 2-26
Print permission, 2-13
printers and printing
management permissions, 2-26
permissions, 2-13
private connectivity, vs. public, 8-9
private data, protecting with SSL, 11-11
private keys, exporting, 7-48
private links (between networks), 8-8
product lifecycles, 5-10-5-11
product management, updates and, 5-14
product policies, 7-21, 7-64
Product Support Services (PSS), 5-8
program management, updates and, 5-14
/promptrestart update parameter, 6-28
Protected EAP (PEAP) authentication, 10-9-10-10, 12-12
certificates, 10-20
protocols, port numbers for, 11-7
protocols, VPN, 12-5-12-8
L2TP protocol, 12-6-12-8, 12-32
PPTP protocol, 12-5-12-6
PSS (Product Support Services), 5-8
PSTN (Public Switched Telephone Network), 12-3
PTR resource record, 4-23
public certificates for SSL, 11-6
public connectivity vs. private, 8-9
public key certificates. See also encryption
archives and recovery, 7-46-7-52, 7-54
authentication troubleshooting (IPSec), 9-42-9-43
backing up, 7-12, 16-31
defined, 7-5
enrollment, 7-6, 7-24, 7-31-7-35, 7-61-7-70, 11-23
IPSec authentication, 8-19-8-20, 8-33-8-34, 15-20, 15-36
managing and configuring, 7-6, 7-8, 7-24, 7-31-7-38, 7-61-7-70, 11-10-11-25, 15-50, 16-29-16-36
remote access authentication, 12-23-12-24
revoking, 7-8, 7-35-7-38
SSL certificates, 11-5-11-7, 11-10-11-25, 15-50
template management, 7-19-7-30, 7-64, 7-65
trust lists (CTLs), 11-19
wireless network infrastructure, 10-20-10-21
public key encryption, defined, 7-3. See also encryption
public key infrastructure (PKI)
archiving keys, 7-49-7-50, 7-54
exporting keys, 7-47-7-49, 7-52
fundamentals, 7-3-7-18
IPSec authentication, 7-8, 8-19-8-20, 15-20
key recovery, 7-46-7-47
L2TP/IPSec authentication, 12-7
recovering keys, 7-50-7-52
Public Switched Telephone Network (PSTN), 12-3
public Web sites, 4-36
public workstation security, 4-9-4-10
publishing CRLs, 7-36-7-38
troubleshooting, 7-38
| < Day Day Up > |
|