Summary of Exam Objectives

Previous page
Table of content
Next page

The Security Configuration Tool Set introduces a new and more efficient way to manage security parameters in Windows 2000. Using this new set of configuration and management tools, the administrator can configure and manage the security policies for a single machine or an entire domain or OU. The Tool Set includes the Security Configuration and Analysis snap-in, Security templates, the secedit.exe command-line tool, and the security settings extensions to the Group Policy Editor. You can use these tools together to create and configure security policies for local machines, domains, or OUs.

The Security Configuration and Analysis snap-in allows the administrator to create a database with security configuration entries. These security configuration entries can be used to test against the existing security configuration of a local machine. After the security analysis is complete, the network manager can save the database entries into a text file with the .inf extension. This text file, which is a template consisting of security configuration entries, can be saved or imported in order to define the security definition of another local machine, a domain, or an OU. The security variables in the database can also be applied to the local machine, replacing the current security configuration. The new configuration is applied after the analysis is complete.

Security configuration can be saved as templates, which are text files that contain security configuration information. These templates are imported into the Security Configuration and Analysis snap-in database for analysis and application. The Security Configuration and Analysis snap-in cannot be used to configure or analyze security configurations of a domain or OU. At present, there is no way to export extant domain or OU security configurations. However, you can configure the security of a domain or OU via the security settings Group Policy extensions.

The secedit.exe command-line tool allows the administrator to script security analyses, security configurations, security updates, and export of templates. Its functionality is almost equal to that of the Security Configuration and Analysis snap-in, except that you must use the graphical interface to review the results of a security analysis performed by secedit.exe.

An administrator can use the security settings Group Policy extensions to configure domain or OU security policy. In addition, you can import security templates directly into the domain or OU. You should do this with great caution if you have already customized the security settings for a domain or OU. At present, you cannot export the previous settings into a template that might be restored later. However, if the administrator always reconfigures the security parameters of a domain or OU using templates, such templates can always be restored in the future.


Previous page
Table of content
Next page
MCSE. MCSA Implementing & Administering Security in a Windows 2000 Network Study Guide Exam 70-214
MCSE/MCSA Implementing and Administering Security in a Windows 2000 Network: Study Guide and DVD Training System (Exam 70-214)
ISBN: 1931836841
EAN: 2147483647
Year: 2003
Pages: 162
Authors: Will Schmied, Thomas W. Shinder
BUY ON AMAZON
Lotus Notes and Domino 6 Development (2nd Edition)
Cisco IOS Cookbook (Cookbooks (OReilly))
An Introduction to Design Patterns in C++ with Qt 4
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
Sap Bw: a Step By Step Guide for Bw 2.0
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy