SECURITY ADMINISTRATION


  1. Configuration of security settings can be managed through the use of the Security Templates and the Security and Analysis MMC snap-ins.

  2. The Security and Analysis MMC snap-in can be used by domain or enterprise admins to review applied security settings by storing the data within a database for comparison to security template settings. This MMC snap-in is able to provide some recommendations based on other related settings to ease troubleshooting.

  3. Security settings can be changed using the Security Templates and Local Security Policy MMC snap-ins, the Security Settings extension to Group Policy, the Group Policy Management Console, and the secedit utility.

  4. The default security templates are stored in the %systemroot%\Security\Templates\ folder and include setup security.inf , DC security.inf , compatws.inf , securews.inf , securedc.inf , highsecws.inf , highsecdc.inf , rootsec.inf , and notssid.inf . Templates can be used to apply standard collections of settings based on the target system's role.

  5. Security policy settings are evaluated at the local computer, site, domain, organizational unit (and then any subordinate OUs in order of succession). Local settings are overridden by any others.

  6. An audit policy enables the tracking of specified events, access types, and actions within the Event Viewer. Common auditing includes account logon events, account management, and object access. Excessive auditing can degrade system performance and generate large event logs.



MCSA.MCSE Managing and Maintaining a Windows Server 2003 Environment Exam Cram 2
MCSA/MCSE Managing and Maintaining a Windows Server 2003 Environment Exam Cram 2 (Exam Cram 70-292)
ISBN: 0789730111
EAN: 2147483647
Year: 2006
Pages: 132

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net