-
A secure baseline or build involves installing the operating system, applying service packs and hot fixes, and configuring various operating system settings.
-
Service packs and hot fixes eliminate security issues on an operating system.
-
There are risks associated with installing service packs. They should be tested before being deployed in a production environment.
-
System hardening refers to configuration changes made to make an operating system more secure.
-
Windows Server 2003 does not allow you to create non-complex passwords.
-
The principle of least privilege is based on the idea that a user who is logged on should have only the minimum privileges required to perform a task.
-
The Security Configuration and Analysis tool can be used to compare the existing security settings configured on a server against those settings within a template.
-
A security template holds a number of security settings considered to be appropriate for a server, domain controller, or workstation. Windows Server 2003 ships with predefined templates, or custom templates can be created.
-
Security templates can be deployed locally or through group policy.
-
Security settings are automatically refreshed on a domain controller every 5 minutes. Security settings are automatically refreshed on a server or workstation every 90 minutes.
-
The GPUPDATE command can be used to manually refresh security settings.
-
Software Update Services (SUS) is used to distribute software updates to servers and workstations.
-
The updated version of automatic updates can be installed on Windows 2000, Windows XP, and Windows Server 2003.
-
As part of managing and maintaining network security, administrators can use the IP Security Monitor tool to ensure that communication between hosts is indeed secure.
-
The version of IP Security Monitor included with Windows Server 2003 cannot be used to monitor computers running Windows 2000.
-
Network Monitor is used to capture and analyze network traffic. The information can be used to troubleshoot and optimize network traffic.
-
Network Monitor consists of two components : the network monitor driver and network monitor tools.
-
Capture filters can be defined to specify the type of network traffic that should be captured.
-
netsh is a command-line utility that can be used to view or modify the network configuration of the local computer or a remote computer.