Index_A

Previous page
Table of content
Next page

  < Day Day Up > 


A

access control design for network resources, 158–192,

See also security analysis

access control, defined, 158

access control entries, 159

access control lists, 158–159

Active Directory objects,

See also permissions

access tokens, 159–160

delegation of control, 167–168

design scenarios, 163–164, 165–166

group access, 164–166

overview, 159–160

permissions, 161–164, 166–167

real world scenarios, 162, 165

security descriptors, 159–160

availability statements, 9

case study, 187–189

case study answers, 192

case study questions, 190–191

exam essentials, 182

files and folders

audit policies, 174–177, 178

audit review procedures, 178

backup and recovery, 179–181

design scenarios, 172, 178

file encryption, 173–174, 173

NTFS permissions, 169, 171–172

overview, 19

real world scenario, 176

Share permissions, 169–172, 171

key terms, 182

object ownership and, 158

overview, 19, 158, 181

permission inheritance and, 159

permissions assigned to objects and, 158

review question answers, 186

review questions, 183–185

security descriptors, 158–159

Windows Registry, 174, 175

access to operating systems, restricting,

See also client

design scenario, 338, 341

via administrative templates, 338–341, 339–340

via predefined groups, 336–338

access points, 99

access points, designing open, 105, 105

Account Mappings dialog box, 263, 264

ACEs (access control entries), 159

ACLs (access control lists), 158–159, 244

Active Directory,

See also access control;

authentication design

OU/Group Policy model for clients,

See also client

based on computer function, 326, 327

based on computer type, 326, 326

based on operating system, 325–326, 325

design scenario, 328–329

filtering GPO application, 327, 327

overview, 324–325, 328

storing certificates in, 217

ad hoc mode of communication, 99

administrative accounts, 131, 133

administrative templates, 338–341, 339–340

Advanced Attributes dialog box, 173, 173

AG(G)DLP permission assignments, 134–135

AG(G)UDLP permission assignments, 164

AH (Authenticated Header) headers, 75

anonymous access in IIS, 259

Application Layer Gateway service, 250

Application Management service, 250

Application Server dialog box, 254–255, 254, 256

ASP.NET forms-based authentication, 261–262

ASP.NET service, 254, 257

assets at risk, 2–3

attacks. See security threats

auditing

audit data locations, 177

audit statements, 177

certificate authorities, 218, 221–224, 222

before defining baselines, 289–290

designing audit policies

and audit review procedures, 178

for client security, 330

design scenario, 178

for IIS security, 268–269, 269

for network resource access, 176–177

importance of, 174–175

overview, 18

real world scenario, 176

Registry access, 222

remote management tool use, 375

resources to audit, 177

security update patches, 352–354, 353

authenticating users on websites,

See also IIS

ASP.NET forms-based authentication, 261–262

certificate authentication, 262–264, 263–264

IIS authentication methods

anonymous access, 259

basic authentication, 259

design scenario, 261

digest authentication, 260

integrated Windows authentication, 260

Microsoft .NET Passport authentication, 260

overview, 258

setting, 258, 259

overview, 257–258

RADIUS authentication, 264–265

authentication,

See also network

defined, 120, 158

in demand-dial routing, 94–96

MMC snap-ins and, 381

in remote management, 373–374

in securing VPNs, 89–90

in smart cards, 217

authentication design for Active Directory, 120–156

analyzing account/password requirements

account scope, 134

administrative accounts, 131, 133

design scenarios, 136, 138, 141

external accounts, 131, 133

group membership, 134–135

internal accounts, 131, 133

overview, 131

permissions assignment, 134

Principle of Least Privilege and, 135, 136

setting account password policies, 137, 139–141

user rights assignment, 133, 133

vulnerabilities, 135–137

authentication requirements, 124–126

case study, 148–151

case study answers, 155–156

case study questions, 152–154

client authentication, 128–129

design scenarios, 125, 128–129, 132

exam essentials, 142

forest/domain trust models, 127, 129–131, 130, 132

key terms, 142

overview, 120, 124, 141–142

real world scenarios, 122–124

review question answers, 146–147

review questions, 143–145

selecting authentication protocols, 126–127

vulnerabilities

compatibility, 124

encryption, 124

evaluating cost of, 137, 138

excessive privileges, 136

passwords, 121–124, 122, 135, 137

Authentication Methods dialog box, 258, 259

authentication policy, 9

authentication protocols

in demand-dial routing, 95–96

for local area networks, 126–127

in remote access infrastructures, 83–86

in wireless networks, 103–104, 103–104

authorization, 120, 158

Authorization Manager, 246–247


 < Day Day Up > 


Previous page
Table of content
Next page
MCSE. Windows Server 2003 Network Security Design Study Guide Exam 70-298
MCSE: Windows(r) Server 2003 Network Security Design Study Guide (70-298)
ISBN: 0782143296
EAN: 2147483647
Year: 2004
Pages: 168
Authors: Brian Reisman, Mitch Ruebush, Sybex
BUY ON AMAZON
Agile Project Management: Creating Innovative Products (2nd Edition)
Image Processing with LabVIEW and IMAQ Vision
Microsoft VBScript Professional Projects
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
What is Lean Six Sigma
.NET System Management Services
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy