Activity: Evaluating a Security Template

You've been asked to review a proposed security template to determine if it meets the organization's security needs. You've reviewed all security settings with the exception of the password policy, shown in Figure 8.4.

click to view at full size.

Figure 8.4 The proposed password policy

This activity reviews the password policy settings against the following requirements:

  • Users must not be able to reuse a password for two years
  • Passwords must be at least five characters long
  • Passwords must be stored using only the securest format within Active Directory
  • Passwords must contain a combination of lowercase letters, uppercase letters, numbers, or symbols to prevent easy determination of passwords

Taking into account these requirements and the proposed security template settings, answer the following questions. Answers can be found in the appendix.

  1. Is it possible for a user to reuse a password within a two–year period?

  2. What can you do to enforce the password reuse requirement?

  3. Does the security template meet the minimum password length requirement?

  4. If you implement the proposed security template, are passwords stored securely in Active Directory?

  5. Is the requirement for password construction met?

  6. Assuming that your proposed recommendations are accepted, where must you apply this security template to ensure that all DCs enforce the password policy?


Microsoft Corporation - MCSE Training Kit (Exam 70-220. Designing Microsoft Windows 2000 Network Security)
MCSE Training Kit (Exam 70-220): Designing Microsoft Windows 2000 Network Security: Designing Microsoft(r) Windows(r) 2000 Network Security (IT-Training Kits)
ISBN: 0735611343
EAN: 2147483647
Year: 2001
Pages: 172 © 2008-2017.
If you may any questions please contact us: