Index_D

Previous page
Table of content
Next page


D

DACL (discretionary access control list), 783, 784

data

backup, 600

confidentiality, 717

drive arrangement of, 566–568

encryption level, 512–513

integrity, 496, 716

security of server cluster, 669

storage/retrieval, 21–23

transit security, 714

Data Encryption Standard (DES), 715, 761–762

Data Link layer, OSI model

function of, 237

illustrated, 239

Layer 2 switches operate at, 244

data modification attacks, 405

data points, Event Viewer, 587

data source name (DSN), 128

Data Sources (ODBC) applet, 128

data stream, 257–258

database compaction, 448

Database description packet, 230

database servers, 68, 127–128

Day-and-Time-Restrictions attribute, 523

DC (domain component), 73

DC security template, 95

DCOM (Distributed Component Object Model), 683–684

DCPROMO (Active Directory Installation Wizard), 59, 363

DCs. See domain controllers (DCs)

DDNS. See Dynamic DNS (DDNS)

debug logging, 414–415

decentralization, 13–14

default cluster group, 667

default gateway, 222

default host, 678–679

default route, 217

default security settings, 109–112

default security.inf file, 828

default settings, wireless network devices, 813–815

default static route, 250–251

deliberate threats, 91

Delta Certificate Revocation Lists (Delta CRLs)

CDPs and, 886–887

PKI, 868

Server 2003 and, 887

demand-dial connection, 304–306

demand-dial interface

adding, 261–262

configuring, 304–306

in NAT installation, 293

Demand-Dial Interface Wizard, 261–262

demand-dial routing, 260, 261–262

demilitarized zone (DMZ), 258

Denial of Service (DoS) attacks

on DNS server, 406–407

on WINS, 449–450

on WINS server, 126

as wireless security threat, 813

Department of Defense (DOD) networking model, 452–453

deployment

of IPSec, 711, 726–728

testing and, 29–30

DES (Data Encryption Standard), 715, 761–762

design, network, 36–38, 39

destination address, 212, 217

DFS (Distributed File Service), 22, 63

DHCP. See Dynamic Host Configuration Protocol (DHCP)

DHCPACK, 182

DHCPOFFER, 182

DHCPREQUEST, 182

dial-in access design, 489–495

incoming port needs, 491–492

IP addresses, allocating, 490–491

list of, 489

remote access by policy, 494–495

remote access by user, 493–494

summary of, 530

dial-in connection

advantages of modems, 488

callback security for, 513

controlling IP address, 528

restricting access by connection type, 522–523

summary of, 529

Dialed Number Identification Service (DNIS), 317

dictionary attack, 807

differential backup, 598–599

Diffie-Hellman groups, 713, 762–763

Diffie-Hellman key-exchange algorithm, 724

Diffie, Whitfield, 864

digital certificates, 868–870

digital signatures

CAs and, 907

RSA and, 865–866

security and, 910–911

Dijkstra algorithm, 231

direct memory access (DMA), 569

directory, 58

Directory Service log, 585

disabled filtering mode, 679

discretionary access control list (DACL), 783, 784

disjointed DNS namespace

DNS configurations for, 361–362

features that support, 365–366

disk controller

to drive ratio, 568

technologies, 564–565

Disk Defragmenter, 566–568

disk partitions, 120

disk quotas

described, 22

e-mail and, 46

for mail servers, 129

disk resource security, 669

diskette drives, 616

disks

controller/drive ratio, 568

controller technology of, 564–565

data access on, 568

data arrangement on, 566–568

drive life expectancy, 565–566

fault tolerance solutions for, 620–624

hot spare drives, 624

requirements for Windows OSs, 80

for server cluster, 661

shared cluster, 659–665

distance-vector routing protocol, 225, 226–229

distinguished name, 73

Distributed Component Object Model (DCOM), 683–684

Distributed File Service (DFS), 22, 63

distribution groups, 86–87

distribution of certificates, 887–897

DLLS (dynamic link libraries), 233–235

DMA (direct memory access), 569

DMZ (demilitarized zone), 258

DNIS (Dialed Number Identification Service), 317

DNS. See Domain Name Service (DNS)

DNS Console Monitoring tab, 413

Dnscmd utility, 417

DNSLint utility, 417, 454

DnsUpdateProxy group, 390–391, 472

DOD (Department of Defense) networking model, 452–453

#DOM tag, 420

domain

of Active Directory, 361–362

applying security template to, 109–110

authentication, 31

computer account security and, 797–798

defined, 58

functional level, upgrading, 32

zone vs., 461–462, 472

Domain Admins group, 519–520

domain component (DC), 73

domain controllers (DCs)

Active Directory and, 58–59

AD-integrated zone replication scope and, 379–380

AD-integrated zones and, 375–377

auditing, 819–820

created from backups, 83

defined, 57

defining subtype on, 808–809

DNS service and, 363

DnsUpdateProxy group and, 390

functional levels and, 83–90

functions of, 58

IPSec and, 712

operation master roles, 59–62

password requirements for, 119

physically securing, 790

root CAs and, 885

securing, 121–122

security templates and, 95–96, 97

tracks function level, 507

domain functional levels

described, 83–87

raising, 90

remote access security and, 505–508

domain local group scope, 792

domain name

installing DNS service and, 353–354

supporting multiple namespaces, 363–369

domain name master, 60

Domain Name Service (DNS)

cache, 340–341, 455–456

client suffix search list, 403–404

databases, backup of, 602

domain namespace, 344–345

domains vs. zones, 345–348

forwarding, 383–387

function of, 341

installing DNS service/configuring reverse lookup zones, 353–357

monitoring DNS servers, 412–417

name resolution process, 348–352

namespace, designing, 357–369

new features of, 472

query, 455

resource records and, 342–344

reverse lookup zones, 352–353

security issues, 404–412

server deployment, 369–377

settings, 32

summary of, 461–464

troubleshooting host name resolution, 453–457

updates with DHCP, 387–392

Windows Server 2003 DNS interoperability, 392–404

zone replication, 377–383

Domain Name Service (DNS) client

in DNS name resolution process, 348–352

troubleshooting host name resolution, 454–455

Domain Name Service (DNS) namespace

security and, 410, 411

split DNS configuration, 398–399

summary of, 461–462

Domain Name Service (DNS) namespace, designing

considerations for, 357–358

DNS and AD, 361–363

host naming conventions/limitations, 359–361

multiple namespaces, supporting, 363–369

parent domain name, choosing, 358–359

Domain Name Service (DNS) records

aging/scavenging of, 391–392

security for, 389–391

updates with DHCP, 387–389

Domain Name Service (DNS) security, 404–412

DoS attacks, 406–407

footprinting, 405

in general, 404

guidelines for, 410–412

redirection, 406

securing DNS deployment, 407–408

security levels, 408–410

Domain Name Service (DNS) server

Active Directory and, 361–363

defined, 57

in DNS name resolution process, 348–352

domains vs. zones, 347–348

forwarding, 383–387

function of, 341

host naming conventions and, 360

installing DNS service/configuring reverse lookup zones, 353–357

monitoring, 412–417

multiple namespaces, 363–369

name resolution with, 64–65

securing, 125, 126

security issues, 404–412

split DNS configuration, 398–399

troubleshooting host name resolution, 453–457

zone replication planning and, 377–383

Domain Name Service (DNS) server deployment, 369–377

number of servers, 369–371

placement, 372

roles, 373–377

server capacity, 371–372

domain namespace

designing DNS namespace, 357–369

domains vs. zones, 345–348

structure of, 344–345

summary of, 461–462

domain naming master, 382

domain rename utility (rendom.exe), 86

domain security ID (SID), 60

domain tree, 361

domain-wide master roles, 60–62

domainlet, 669

domains

cross-domain relationships, 791–792

cross-forest relationships, 793–795

smart cards and, 898

structure of, 31, 32

trust relationships between, 851

zones vs., 345–348

DoS attacks. See Denial of Service (DoS) attacks

drainstop option, 687

drive-by, 813

drive-letter assignments, 661

driver logging, IPSec, 756

drivers, 725–726

drives. See disks

DSN (data source name), 128

duplex setting, 570

duplexing, 622

dynamic access control, 783

dynamic content, 127

Dynamic DNS (DDNS)

DHCP interaction with, 387–392

security for, 389–391

updates, 362–363

Dynamic Host Configuration Protocol (DHCP)

to assign IP address, 290

databases, backup of, 601

DNS server and, 463–464

DNS updates with, 387–392

security for, 389–391

troubleshooting, 182–183

Dynamic Host Configuration Protocol (DHCP) server

defined, 57

described, 154–155

hardware requirements, 194

for IP addressing, 490

role of, 63–64

securing, 125–126

WINS client configuration and, 440–441

dynamic IP address, 63–64

dynamic link libraries (DLLs), 233–235

dynamic mode commands, 749

dynamic mode policy, 749

dynamic records, 423

dynamic registration, 454–455

dynamic routing, 220–222, 245

dynamic updates

BIND support of, 397–398

DNS performance counters for, 416

redirection attack and, 406

troubleshooting, 457



Previous page
Table of content
Next page
MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure. Exam 70-293 Study Guide and DVD Training System
MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure: Exam 70-293 Study Guide and DVD Training System
ISBN: 1931836930
EAN: 2147483647
Year: 2003
Pages: 173
Authors: Syngress, Syngress Publishing, Thomas W. Shinder, Debra Littlejohn Shinder
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
Image Processing with LabVIEW and IMAQ Vision
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
The Java Tutorial: A Short Course on the Basics, 4th Edition
Quantitative Methods in Project Management
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy