Flylib.com
List of Figures
Previous page
Table of content
Next page
< Day Day Up >
Chapter 1: Planning and Configuring an Authentication Strategy
Figure 1.1: The Default Domain Controllers Security Settings console
Figure 1.2: Security policy settings
Figure 1.3: Account lockout warning
Figure 1.4: Typical delegated authentication architecture
Figure 1.5: Computer account properties dialog box
Figure 1.6: Authentication Methods dialog box
Figure 1.7: Internet Explorer prompt for credentials
Figure 1.8: A forest
Figure 1.9: Raising the domain functional level
Figure 1.10: The Trust Name page of the New Trust Wizard
Figure 1.11: The Direction Of Trust page of the New Trust Wizard
Figure 1.12: The User Name And Password page of the New Trust Wizard
Figure 1.13: Dialog box notifying you that SID filtering is enabled by default
Figure 1.14: Verifying an incoming trust
Figure 1.15: Enabling earlier applications to connect anonymously to shares
Chapter 2: Planning and Configuring an Authorization Strategy
Figure 2.1: Windows Server 2003 represents ACLs by listing the permissions assigned to users and groups
Figure 2.2: Permissions are inherited by default, but this behavior can be manually overridden
Figure 2.3: The ACEs assigned to Mary’s account, and her group memberships, will determine the effective permissions
Figure 2.4: Deny ACEs override all ACEs that grant permissions
Figure 2.5: Some group types can be nested within other group types
Figure 2.6: You can assign permissions to special groups that apply to users based on how they connect to the network
Figure 2.7: Use Restricted Groups to control group membership on domain members
Figure 2.8: Windows Server 2003 allows you to view the effective permissions for most object types
Figure 2.9: Use auditing to troubleshoot complex authorization problems
Figure 2.10: Auditing must be enabled for the system before it can be enabled for individual resources
Figure 2.11: Failure auditing causes events to be added to the event log when a user is denied access to a resource
Figure 2.12: Event Viewer reveals the object that the user lacked sufficient permissions to access
Chapter 3: Deploying and Troubleshooting Security Templates
Figure 3.1: The Security Templates snap-in
Figure 3.2: System Policy Editor on Windows NT 4.0
Figure 3.3: Modifying Group Policy precedence
Figure 3.4: Denying a security group access to a Group Policy object
Figure 3.5: Managing WMI filters
Figure 3.6: Troubleshooting problems relating to failed Group Policy
Figure 3.7: Help And Support Center Group Policy information
Figure 3.8: A Group Policy event
Figure 3.9: Troubleshooting problems related to unexpected inheritance
Figure 3.10: Resultant Set Of Policy
Figure 3.11: Group Policy information stored in the registry
Figure 3.12: Group order for system policies
Chapter 4: Hardening Computers for Specific Roles
Figure 4.1: Administrative Templates GPO settings
Figure 4.2: Software restrictions forbidding the execution of Notepad
Figure 4.3: Services placed in a single-layer perimeter network
Figure 4.4: Managing authorized DHCP servers
Figure 4.5: DHCP dynamic update options
Figure 4.6: Configuring Application Server options
Figure 4.7: Filtering IIS requests by network
Figure 4.8: Using shared secrets and the Message Authenticator attribute
Figure 4.9: Exchange TLS encryption
Figure 4.10: Configuring SQL Server authentication
Figure 4.11: SQL Server trace data
Figure 4.12: Microsoft Baseline Security Analyzer IIS results
Figure 4.13: Security Configuration And Analysis identifying deficient settings
Figure 4.14: Suggested perimeter network architecture
Chapter 5: Planning an Update Management Infrastructure
Figure 5.1: The Windows Server 2003 product lifecycle
Figure 5.2: The Automatic Update client configured to prompt the user to download
Figure 5.3: Approval of updates using Software Update Services
Figure 5.4: Tiered Software Update Services architecture
Figure 5.5: Selecting Uninstall This Application When It Falls Out Of The Scope Of Management
Figure 5.6: The core updating process
Figure 5.7: Notification settings for Automatic Updates
Figure 5.8: Using Add/Remove Programs for updates
Figure 5.9: Your company’s network architecture
Chapter 6: Assessing and Deploying a Patch Management Infrastructure
Figure 6.1: MBSA configured to scan a subnet
Figure 6.2: MBSA scanning a subnet
Figure 6.3: A private installation network for multiple computers
Figure 6.4: A private installation network for a single computer
Figure 6.5: A private installation network allowing for access to Windows Update
Figure 6.6: Slipstreaming a service pack
Figure 6.7: SUS synchronizing with the Windows Update server.
Figure 6.8: Automatic Updates configured using a Group Policy object
Figure 6.9: Scheduling updates that were skipped
Figure 6.10: MBSA identifies an unpatched computer
Chapter 7: Installing, Configuring, and Managing Certification Services
Figure 7.1: A CA hierarchy
Figure 7.2: Creating a subordinate CA
Figure 7.3: Backing up a CA
Figure 7.4: Specifying the common name for a CA
Figure 7.5: Requesting a subordinate CA certificate
Figure 7.6: Certificate template location
Figure 7.7: Certificate template permissions
Figure 7.8: Properties of New Template dialog box
Figure 7.9: Smart Card Logon policy added to the Application Policies list
Figure 7.10: CRL publishing list
Figure 7.11: Adding a CRL publishing location
Figure 7.12: Web interface for manual enrollment
Figure 7.13: Advanced Certificate Request using Web enrollment
Figure 7.14: Properties for a new certificate
Figure 7.15: Revoking a certificate
Figure 7.16: Publishing a CRL
Figure 7.17: Specifying key archival
Figure 7.18: Exporting a certificate
Figure 7.19: Importing a certificate
Figure 7.20: Key Recovery Agent Selection dialog box
Figure 7.21: Creating a subordinate CA
Chapter 8: Planning and Configuring IPSec
Figure 8.1: Transport mode IPSec
Figure 8.2: Remote access with IPSec
Figure 8.3: Tunnel mode IPSec
Figure 8.4: A site-to-site IPSec tunnel
Figure 8.5: Allowing the ISAKMP service through ICF
Figure 8.6: IP security policy components
Figure 8.7: The Manage IP Filter Lists And Filter Actions dialog box
Figure 8.8: Specifying custom data integrity, encryption, and session key settings
Figure 8.9: Editing IP security policy properties
Figure 8.10: Configuring an IP filter list for Web traffic
Chapter 9: Deploying and Troubleshooting IPSec
Figure 9.1: Local IPSec policy overridden by a domain policy
Figure 9.2: Configuring certificate-to-account mapping
Figure 9.3: Security association authenticated with certificates
Figure 9.4: The Active Policy node of the IP Security Monitor
Figure 9.5: Main Mode SA details
Figure 9.6: Event ID 541 showing a successful IKE SA established
Figure 9.7: Event ID 547 showing an IKE negotiation failure
Figure 9.8: Event ID 4290 showing dropped packets
Figure 9.9: Graphing IPSec performance statistics
Figure 9.10: Network Monitoring displaying ESP-encrypted packets
Figure 9.11: Ping permitted, but not secured
Figure 9.12: Event Viewer details about a dropped ICMP request
Figure 9.13: Configuring a policy to use the most common IKE security algorithms
Figure 9.14: Problematic IPSec architecture
Figure 9.15: Problematic IPSec architecture
Chapter 10: Planning and Implementing Security for Wireless Networks
Figure 10.1: Connecting to an 802.1X-authenticated wireless network
Figure 10.2: Sample user and group hierarchy for controlling wireless network authorization
Figure 10.3: Configuring policy conditions to apply the policy to wireless connections
Figure 10.4: Configuring authentication methods for a RAP
Figure 10.5: Configuring session timeout for WEP
Figure 10.6: Enabling IAS authentication auditing
Figure 10.7: Windows XP wireless network authentication configuration
Figure 10.8: The General tab of the wireless network policy properties dialog box
Figure 10.9: The Network Properties tab of the New Preferred Setting Properties dialog box
Figure 10.10: Configuring security on a WAP
Figure 10.11: Default IAS PEAP properties
Figure 10.12: The Protected EAP Properties dialog box
Figure 10.13: Wireless network architecture
Chapter 11: Deploying, Configuring, and Managing SSL Certificates
Figure 11.1: Internet Explorer’s trusted root CAs
Figure 11.2: Internet Explorer warning regarding an untrusted CA
Figure 11.3: Requiring HTTPS for a Web server
Figure 11.4: Configuring one-to-one certificate mapping
Figure 11.5: Editing rule properties for many-to-one client certificate mappings
Figure 11.6: The SSL Diagnostic Utility probing IIS
Figure 11.7: The SSL Diagnostic Utility monitoring client certificates
Figure 11.8: Exporting a SQL Server certificate
Figure 11.9: IIS configured to require SSL
Figure 11.10: The requested host name does not match the common name in the certificate
Figure 11.11: Network Monitor displaying the results of an unencrypted LDAP query
Figure 11.12: The subject field of a certificate containing the domain controller’s common name
Figure 11.13: Requiring messaging encryption
Figure 11.14: Creating an Address Book query
Figure 11.15: Configuring Address Book for encryption
Figure 11.16: Network Monitor attempting to analyze SSL-encrypted LDAP queries
Figure 11.17: Systems architecture for www.adventure-works.com
Chapter 12: Securing Remote Access
Figure 12.1: PPTP-tunneled data packet structure
Figure 12.2: L2TP-tunneled data packet structure
Figure 12.3: Configuring Routing And Remote Access to authenticate to a RADIUS server
Figure 12.4: Default server authentication and accounting settings
Figure 12.5: Default server authentication methods
Figure 12.6: Editing user dial-in properties
Figure 12.7: Configuring RAP encryption levels
Figure 12.8: Network architecture for testing VPN connectivity
Figure 12.9: Creating a new test VPN connection
Figure 12.10: Default client authentication settings
Figure 12.11: Advanced client authentication settings
Figure 12.12: Configuring VPN servers and security settings
Figure 12.13: Editing basic VPN security settings by using the CMAK wizard
Figure 12.14: Editing advanced VPN security settings by using the CMAK wizard
Figure 12.15: Editing EAP configuration settings
Figure 12.16: VPN destinations as specified in the VPN file
Figure 12.17: VPN connection details confirming security configuration
Figure 12.18: Dial-in properties of problematic user account
< Day Day Up >
Previous page
Table of content
Next page
MCSA/MCSE Self-Paced Training Kit (Exam 70-299): Implementing and Administering Security in a MicrosoftВ® Windows Server(TM) 2003 Network (Pro-Certification)
ISBN: 073562061X
EAN: 2147483647
Year: 2004
Pages: 217
Authors:
Anthony Northrup
,
Orin Thomas
BUY ON AMAZON
WebLogic: The Definitive Guide
Virtual Hosting
Designing a Domain
Handling System Failure
Machines, Replication Groups, and Failover
The Logging Architecture
MySQL Clustering
Management Nodes
Managing MySQL Cluster
Data Retrieval in MySQL Cluster
High-Speed Interconnects
Network Redundancy
Cisco IOS Cookbook (Cookbooks (OReilly))
Generating Large Numbers of Router Configurations
Displaying Historical CPU Values
Examining Policy-Based Routing
Redistributing External Routes into OSPF
Supporting SNA Priorities
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Article 300: Wiring Methods
Article 353 High Density Polyethylene Conduit Type HDPE Conduit
Article 366 Auxiliary Gutters
Article 500 Hazardous (Classified) Locations, Classes I, II, and III, Divisions 1 and 2
Example No. D4(b) Optional Calculation for Multifamily Dwelling
Java All-In-One Desk Reference For Dummies
Using Eclipse
Adding Some Methods to Your Madness
Network Programming
Creating Servlets
Animation and Game Programming
Python Standard Library (Nutshell Handbooks) with
The os.path Module
The zipfile Module
The wave Module
The regex_syntax Module
The find Module
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies