Activity: Evaluating a Security Template
You've been asked to review a proposed security template to determine if it meets the organization's security needs. You've reviewed all security settings with the exception of the password policy, shown in Figure 8.4.
Figure 8.4 The proposed password policy
This activity reviews the password policy settings against the following requirements:
- Users must not be able to reuse a password for two years
- Passwords must be at least five characters long
- Passwords must be stored using only the securest format within Active Directory
- Passwords must contain a combination of lowercase letters, uppercase letters, numbers, or symbols to prevent easy determination of passwords
Taking into account these requirements and the proposed security template settings, answer the following questions. Answers can be found in the appendix.
- Is it possible for a user to reuse a password within a two–year period?
- What can you do to enforce the password reuse requirement?
- Does the security template meet the minimum password length requirement?
- If you implement the proposed security template, are passwords stored securely in Active Directory?
- Is the requirement for password construction met?
- Assuming that your proposed recommendations are accepted, where must you apply this security template to ensure that all DCs enforce the password policy?
Answers
MCSE Training Kit (Exam 70-220): Designing Microsoft Windows 2000 Network Security: Designing Microsoft(r) Windows(r) 2000 Network Security (IT-Training Kits)
ISBN: 0735611343
EAN: 2147483647
EAN: 2147483647
Year: 2001
Pages: 172
Pages: 172
Authors: Microsoft Corporation
- Avoiding Confusion Between DO_KEY and the Corresponding KEY- Trigger
- Populating a PL/SQL Table from a Block
- Preventing Validation of WHEN-VALIDATE-ITEM for Control Items During Query Time
- Planting and Growing Trees -Dynamically Adding Nodes Along with Data to an Existing Base Tree
- Basing a Block on a Stored Procedure Involving Object Tables