Objective 1.5: Configure Additional Security Based on Computer Roles

 < Day Day Up > 



The security that can be provided by deploying security templates does not represent the end point of hardening a system. There are many aspects to securing a system that cannot be controlled by the settings located within the security node of a Group Policy object. How these extra options and services are configured is highly dependent on the role that the computer is assigned. Aspects of security configuration that might be appropriate for a particular role may include hiding desktop icons and Start menu items on a computer that is used as an information kiosk device. Other aspects of security configuration could include port blocking with IPSec filters or renaming the Administrator account. For the most part, these changes can be made by deploying Group Policy. Remember that many areas of policy useful for securing a computer cannot be configured by using security templates. This must be done by manually editing Group Policy objects. Some security measures can also involve editing the registry to disable specific options that cannot be configured by Group Policy.



 < Day Day Up > 



MCSA(s)MCSE Self-Paced Training Kit Exam 70-299 (c) Implementing and Administering Security in a M[.  .. ]twork
MCSA/MCSE Self-Paced Training Kit (Exam 70-299): Implementing and Administering Security in a MicrosoftВ® Windows Server(TM) 2003 Network (Pro-Certification)
ISBN: 073562061X
EAN: 2147483647
Year: 2004
Pages: 217

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net