A records (Address records) access control entries (ACEs) access control lists (ACLs) accessing resources on client computers Active Directory objects and object security and setting up secure file shares access tokens account lockout policies configuring controlling with Group Policy default security through GPOs account logon events, auditing account management functions, auditing Account Policies default security through GPOs for domain users at OU level ACEs (access control entries) Ack message (DHCP) ACLs [See access control lists] ACRS (Automatic Certificate Request Settings) Active Directory auditing management of authorizing DHCP servers benefits of benefits provided by Kerberos database for, stored in domain controllers delegation and deploying software with GPOs domains forests Group Policy and locating domain controllers in OUs (organizational units) delegating administrative tasks deploying GPOs providing security for objects security benefits of sites structural components of trees trusts Active Directory Services Interface (ADSI) Active Directory-integrated DNS zones enabling secure dynamic updates restricting zone transfers setting permissions on administration-based security mechanisms administrative groups Administrator account avoid using for routine tasks administrator accounts, created for IT staff Administrator group AES (Advanced Encryption Standard) algorithm configuring EFS with Group Policy AH (Authenticated Header) protocol 2nd Allow Anonymous SID/ Name Translation setting, disabling analyzing DHCP logs security settings anonymous SAM enumeration, disallowing anonymous share enumeration, disallowing APIPA (Automatic Private IP Addressing) Application Directory Partition archived private keys, restoring archiving certificates and private keys 2nd <Emphasis>The Art of Deception<Default Para Font> ASP (Active Server Pages) security risks with supported by IIS ASP.NET, supported by IIS .asp/.aspx files, preprocessed by DLL files assets, protecting asymmetric algorithms asymmetric keys attachments in email refrain from opening use caution when opening attacks brute force bucket brigade denial-of-service [See denial-of-service attacks] dictionary LM passwords and forensic evidence of, provided by log files made via medical office update software man in the middle 2nd network footprinting 2nd opportunities for, in DHCP spoofing 2nd 3rd on wireless networks auditing access/configuration account management functions Active Directory management configuring for CA (certificate authority) for domain controllers Event Log and audit failure behavior with Group Policy DHCP activity DNS activity honey pots, setting up how it works implementing policies issued certificates overriding settings Authenticated Header (AH) protocol 2nd authentication 2nd and accounting using biometrics for dial-in users, setting up remote access forestwide by Kerberos, for Active Directory pass-through performed by IIS proxy 2nd selective supported by IIS of users by domain controllers authentication protocols for Windows Server 2003 2nd authenticators and smart cards authorization autoenrollment , configuring for Windows XP 2nd Automatic Certificate Request Settings (ACRS) Automatic Private IP Addressing (APIPA) automatic trusts (Active Directory) Automatic Update policy settings for automatically issuing certificates