Terms you'll need to understand:
Techniques you'll need to master:
System administrators are overtaxed administering and maintaining network security. Temporary changes in security settings to resolve administration and network problems often result in unforeseen permanent changes that no longer meet security requirements. Implementing security analysis enables administrators to track and ensure that adequate levels of security are maintained throughout the enterprise. Regular security analysis not only tunes security levels, but also detects any security flaws that might occur over time. Administrators need an easy-to-use security analysis tool that can track, detect, compare, fix, adjust, reset, and remove security settings. In earlier chapters, you learned that user and group security permissions could be applied on one or many computers to control password policies, account lockout policies, Kerberos policies, auditing policies, user rights, and other policies. You learned that applying policies to many computers in a domain is best accomplished by using a Group Policy Object (GPO). GPOs are applied at the site, domain, organizational unit (OU), or local level. In this chapter, you'll learn about another method used to apply security policies systemwide by using the Security Configuration and Analysis tool. Using the Security Configuration and Analysis component built in to Windows Server 2003, you can track, detect, compare, edit, adjust, reset, apply, and remove security policy settings. The Security Configuration and Analysis tool analyzes and configures system security at the local, domain, OU, or site level. The Security Templates component is used to create, view, and modify security policy templates settings. With one of the predefined, built-in templates as a starting point, you'll learn how to integrate domainwide company security policies. Using Security Templates along with the Security Configuration and Analysis tool, you'll become skilled at how to implement security baseline settings and audit security policy settings. You'll review the Principle of Least Privilege as it applies to administrators using the Runas command. This chapter also takes an in-depth look, from a security perspective, at installing and configuring Microsoft's Software Update Service along with configuring and deploying Windows clients to use Automatic Updates services. |