| < Day Day Up > |
|
DACLs (discretionary access control lists), 159
data access. See access control
data assets, 2
data packets, attacks on, 5, 68–69
data security requirements. See security analysis
data tampering threats, 42, 43
DC (domain controller) baseline templates, 294–299, 296, 298
DCBP (Domain Controllers Baseline Policy), 295
DCOM (Distributed Component Object Model), 381
DDoS (distributed denial of service) attacks, 42
Default Web Site Properties dialog box, 80, 80, 345, 346
delegation of control in Active Directory, 167–168
demand-dial routing for internal networks,
See also network
authentication design, 94–96
configuring connection type, 93–94, 93
configuring interface type, 91–92, 92
design scenario, 97
encrypting data, 95–96
using IP packet filters, 96
securing connections, 96
strengthening passwords, 94–95
in virtual private networks, 92, 93–95
denial of service (DoS) attacks, 5, 42
department CA hierarchy, 209
Designated File Types Properties dialog box, 334, 334
DFS (Distributed File System), 250
digest authentication in IIS, 260
digital certificates. See PKIs
direct serial connections, 392, 392–393
Disallowed setting, 332, 333, 336
discretionary access control lists (DACLs), 159
Distributed Component Object Model (DCOM), 381
distributed denial of service (DDoS) attacks, 42
Distributed Link Track Server, 251
Distributed Link Tracking Client, 251
Distributed Transaction Coordinator (DTC), 251, 254
DMZs (demilitarized zones), 52
DNS server security,
See also server
design scenario, 309
disabling dynamic updates, 305–307, 306
DNSSEC extensions support, 309
limiting zone transfers, 304, 305
preventing cache pollution, 307–308, 307–308
real world scenario, 306
supporting secure updates, 307
Do not allow Windows Messenger to be run setting, 340–341, 340
Do not store LAN Manager hash value on next password change setting, 297, 298
documentation
as an asset, 2
of data/services recovery, 47
of security policies/procedures, 11–12
domain controller baseline templates, 294–299, 296 , 298
Domain Controllers Baseline Policy (DCBP), 295
Domain Local groups, 134
domain trusts, 129–131, 130
DoS (denial of service) attacks, 5, 42
DTC (Distributed Transaction Coordinator) service, 251, 254
dynamic updates, 305–307, 306
| < Day Day Up > |
|