Chapter 12. Configuring, Managing, and Troubleshooting Security


Objectives

This chapter helps you to prepare for the exam by covering the following Microsoft objectives for the Configuring, Managing, and Troubleshooting section of the Installing, Configuring, and Administering Microsoft Windows XP Professional exam:

Configure, manage, and troubleshoot Encrypting File System (EFS).

  • Using EFS, users can encrypt files on their local computers. Administrators need to be prepared to help users establish encryption, use it, and troubleshoot problems with the encrypted files.

Configure, manage, and troubleshoot a security configuration and local security policy.

  • When Windows XP Professional participates in an Active Directory domain, its security configuration is provided through Group Policy. When users log on locally to the computer, which most often occurs when it is a member of a workgroup, the security configuration is found in Local Security Policy. Administrators must understand the difference between these two, plus be able to discern the source of a security error and how to repair it.

Configure, manage, and troubleshoot Internet Explorer security settings.

  • Users who access web resources through Internet Explorer can inadvertently expose their computer to security problems. Ranging from hackers to malware, the exposure on the Internet can cause serious problems to a computer. Not only does an administrator need to protect the computer, but there are privacy concerns regarding the user's personal information.

Outline

 

Introduction

508

Configuring, Managing, and Troubleshooting Encrypting File System (EFS)

508

Encrypting File System Basics

508

Preparing a Disk for EFS

511

Establishing an EFS Policy

513

Using EFS with a Certification Authority (CA)

514

Storing Certificates in Windows XP

515

Allowing EFS to Self-Sign Certificates

516

Encrypting Files

517

Decrypting Files

519

Troubleshooting EFS

519

Configuring, Managing, and Troubleshooting a Security Configuration and Local Security Policy

523

Account Policies

525

Local Policies

526

Public Key Policies

528

Software Restriction Policies

528

IP Security Policies on a Local Computer

529

How Local Security Policy Works When Joined to a Domain

530

File System, Registry, and System Services

531

Configuring, Managing, and Troubleshooting Internet Explorer Security Settings

535

Managing Security After Installing SP2

535

Chapter Summary

537

Apply Your Knowledge

537


Study Strategies

  • To test how EFS works, you should have at least one computer that has two partitions, one formatted with FAT and the other formatted with NTFS. Encrypt a file on the NTFS drive. Move the file to the FAT partition. Test how EFS works when you log on to the computer as a different user. Try to take control of the file as an administrator.

  • Studying security policies can be done with hands-on testing of applied policiesboth group policies and Local Security Policy. With an Active Directory domain controller and a client PC, open Group Policy and change the Enforce Password History policy to one password that is remembered for the domain. Force a Group Policy refresh. Open Local Security Policy on the client, view the password policy, and make certain it says 0 passwords remembered. Log on to the computer with a domain account and attempt to change the user's password to the same password used previously. Log on to the computer with a local user account and attempt to change the user's password to the same password used previously.

  • Internet Explorer security options affect how the computer treats a web resource. Use a Windows XP Professional computer connected to the Internet. Connect to any website. Add the website to the Restricted Sites category. Close the browser, open again, and attempt to connect to the website.



Exam Prep 2. Windows XP Professional
MCSA/MCSE 70-270 Exam Prep 2: Windows XP Professional
ISBN: 0789733633
EAN: 2147483647
Year: 2004
Pages: 193

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net