Evaluate Your Configuration Categories

Previous page
Table of content
Next page

To evaluate the security of your workstation configuration, review the configuration categories shown in Table 6. Start by using the categories to evaluate the security configuration of the base operating system. Then apply the same configuration categories to review your IIS, SQL Server, and .NET Framework installation.

Table 6: Configuration: Categories

Configuration Category

Methodology

Patches and updates

Setup Automatic Updates. Use MBSA or Windows Updates to verify that the latest updates are installed

Services

Disable unused services.

Protocols

Check that SMB and NetBIOS over TCP are removed if your workstation is not a member of a domain.

Accounts

Check that all local accounts use strong passwords.

Files and directories

Be sure your workstation uses only NTFS partitions.

Shares

Enumerate shares, remove unnecessary ones, and secure the remaining ones with restricted permissions.

Ports

Ensure that unused ports are closed by disabling the service that has the port open . To verify which ports are listening use the netstat n a command.

Registry

Disable null sessions.

Auditing and logging

Audit failed Windows attempts to log on and log failed actions across the file system.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Project Management JumpStart
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Competency-Based Human Resource Management
The Java Tutorial: A Short Course on the Basics, 4th Edition
Java Concurrency in Practice
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy