| < Day Day Up > |
|
CA Administrator role, 225, 225–226
cache pollution on DNS servers, 307–308, 307–308
certificate authentication, 262–264, 263–264
Certificate dialog box, 200, 200
certificates. See PKIs
Certificates dialog box, 199–200, 199
certreq.exe command-line utility, 214
CHAP (Challenge Handshake Authentication Protocol), 83–84
client computer security, 324–366
case study, 362–363
case study answers, 366
case study questions, 364–365
design scenario, 328–329
exam essentials, 355
key terms, 356
OU/Group Policy models
based on computer function, 326, 327
based on computer type, 326, 326
based on operating system, 325–326, 325
design scenario, 328–329
filtering GPO application, 327, 327
overview, 324–325, 328
overview, 324, 354–355
restricting user access to operating systems
design scenario, 338, 341
via administrative templates, 338–341, 339–340
via predefined groups, 336–338
review question answers, 360–361
review questions, 357–359
security template settings
audit policy, 330
event log, 330–331
file system, 331
overview, 329–330, 331–332
Registry, 331
restricted groups, 331
security options, 330
system services, 331
user rights assignment, 330
security update infrastructure
auditing patches, 352–354, 353
design scenario, 354
overview, 341
SUS infrastructure, 342–351, 345–350
update methods, 341–343
security update methods and
choosing, 343
Group Policy, 343
Microsoft Software Update Services, 342–351, 345, 350
Microsoft Systems Management Server, 342
Microsoft Windows Update, 342
overview, 341–342
Security Configuration And Analysis, 342–343
software restriction policies
certificate rules, 335
defined, 332
design scenario, 337
Disallowed setting, 332, 333, 336
enforcement settings, 332–334, 333–335
hash rules, 335, 336
Internet Zone rules, 335
path rules, 336
setting default security levels, 332, 333
Unrestricted setting, 332
warning, 332
Software Update Services
benefits, 343–344
configuring SUS clients, 347–350, 348–350
configuring SUS servers, 344–347, 345–347
defined, 342
design scenario, 351
how it works, 344
installing, 344–345
overview, 343
COM (Component Object Model), 381
COM+ System Application service, 250
command-line tools
certreq.exe, 214
overview, 372, 389
Secure Shell, 390
Telnet, 389, 390
compatibility constraints, 21–22, 124
computer certificates, 374
Computer Management MMC, 171, 171
computer purchasing guidelines, 9
computers, storing certificates on, 217
Configure Automatic Updates setting, 348–349, 348
CPS (certification practice statement), 210
CRLs (certificate revocation lists), 198, 220, 229
cross-certification, 205, 211–212
CSIRP (Computer Security Incident Response Procedure), 45
CSIRT (Computer Security Incident Response Team), 45
| < Day Day Up > |
|