Index_P

P

pass-through authentication, 288

Password Policy group control settings, 105–6

passwords

auditing account management, 358

KMS setup and, 247

Outlook Web Access and, 299–301

policy settings, 105–7

threats to, 79

weak, 88, 92–93

Passwords tab, KMS Key Manager object, 249

patches, 83–100

additional reading, 115

checklist for, 101–2

creating/distributing, 83–85

distributing automatically, 97–100

figuring out what needs, 85–86

patches, MBSA

from command line, 93–97

downloading and installation, 89–90

launching, 90–93

overview, 86–89

PEAP (Protected EAP), 38

penetration attacks, 63

perimeter spam filtering, 156

perimeters, virus scanners for, 180–82

Perl, 357

permissions, 49–56. See also delegation

ADC installation and, 121

CA security and, 255

Certificate Services, 251–52

certificates for Exchange, 193

Exchange installation and, 124

Exchange-specific, 49–52

Explorer and Exchange, 52

group structure, 119–20

KMS, 249

mailbox, 54–56, 168–69

management tasks, 125

overview of, 42

roles and, 52–54

running /domainprep and, 123–24

running /forestprep and, 122

strengthening, 135–36

upgrading servers, 124–25

Web site information, 137

Permissions page, Delegation of Control wizard, 128

PGP (Pretty Good Privacy), 19

physical security, 73–82

additional reading, 80

Certificate Services installation planning, 242

confidentiality, 9

environment, 75–77

hardware, 77–78

laptops and, 78–79

overview of, 73–74

threat assessment, 74–75

PKCS#10 requests, 193, 195–98

PKI (public-key infrastructure)

building, 225–27

components of, 23–24

designing hierarchy, 228–32

history of, 221

outsourcing, 225–26

planning for, 222–25

standalone vs. enterprise CAs, 227–28

plaintext, 279–80

Pocket Outlook, 329

policies, IPsec

creating, 207–15

exemptions, 207

FE/BE communications and, 310–13

overview of, 204–6

policy settings, 102–7

auditing, 103–5

content filters, 166

Group Policies, 102–3

password and account, 105–7

SUS clients, 100

polymorphic viruses, 178

POP3 (Post Office Protocol version 3), 323–30

access control, 324–26

additional reading, 329

IPsec, 208

overview of, 323–24

SMTP relaying and, 141

SSL, 326–29

ports

access control and, 326

firewalls and, 306–9

IM traffic blocks, 341–43

Post Office Protocol version 3. See POP3 (Post Office Protocol version 3)

predefined groups, 46

preshared keys, IPsec, 203

Pretty Good Privacy (PGP), 19

PreventAutoUpdate value, Windows Messenger, 341

PreventRun value, IM client, 340

Print Operators group, defined, 45–46

privacy

additional reading, 13

IM controls, 336, 337–38

protecting, 10–11

Web site information, 13

Privacy tab, IM, 336–37

private keys, 20, 235–36

privileges

attacks on, 63, 118

auditing use events, 359–60

Exchange Full Administrator, 124–25

Exchange installation on member servers, 119

KMS, 247

requesting certificates, 193

proactive scans, 179

Programmatic Settings tab, Outlook security form template, 269–71

properties, 134–35

property sets, 131–34

Protected EAP (PEAP), 38

protocols, security, 29–40. See also algorithms

additional reading, 40

authentication-only, 35–39

IPSec, 30–34

overview of, 15–16

S/MIME, 34–35

SSL and TLS, 30

protocolSettings attribute, 326

proxies, 305–6

public folders

Exchange-specific permissions for, 50–52

permissions and, 55–56

security settings, 266–67

stores, 318

public-key encryption, 20–26

algorithms, 25–26

digital certificates, 21–24

how it works, 24–25

overview of, 20–21

public-key infrastructure. See PKI (public-key infrastructure)

publishing, certificates in GAL, 275

publishing CRLs, 253

publishing CTLs, 252–53

publishing MAPI RPCs with ISA server, 215–18