Index
A
accelerators, SSL, 358
access control
legal issues, 446
overview of, 5 “7
permissions and ( see permissions)
SMTP ( see SMTP virtual servers)
vocabulary for, 45 “46
Windows/Exchange architecture for, 43 “44
access control entries. See ACEs (access control entries)
access control lists. See ACLs (access control lists)
Access tab, SMTP virtual servers, 151
access, timely , 4
account lockout policies
high-volume attacks and, 154
overview of, 113
settings, 115
account management events, 434 “35
Account Operators group , 48
accounts
anonymous requests , 349
Exchange installation, 132 “33
KMS installation, 279
managing, 136 “38
overview of, 46
permissions, 52 “53
policy settings, 111 “13
ACEs (access control entries)
account managers and, 138
defined, 45
overview of, 50 “51
property sets, 140 “44
refining permissions after installation, 144 “46
specifying permissions with, 6
ACLs (access control lists)
defined, 6
Exchange modifying, 51 “52
setup permissions guide, 477 “78
USB drive attacks and, 82
ACM (Association for Computing Machinery), 74
Active Directory
account management, 136 “38
auditing object access, 427 “28
designing, 126 “28
hierarchy, 258 “63
smart cards and, 272
Active Directory Connector (ADC), 129 “30
Active Directory Connector Object (ADCO), 486
Active Directory Users and Computers, 350
Active Server Pages (ASPs), 335
ActiveX control, S/MIME, 363 “64
ADC (Active Directory Connector), 129 “30
ADCO (Active Directory Connector Object), 486
add-ins, Outlook Security Update, 303
Additional Security page, IIS Lockdown, 117
address book security, Outlook, 299
Administration Delegation Wizard, 139 “40
Administrator accounts
built-in groups, 48
Exchange permissions and, 53
overview of, 46
predefined groups, 48 “49
administrators
account management, 136 “38
adding multiple CAs, 262
confidentiality and, 9
legal issues facing , 446
mailbox management, 139 “40
passwords, 112 “13
privacy and, 11
reading other people s mail, 187 “92
remotely disabling mobile devices, 83
security laws ( see security laws, for administrators)
Windows auditing rights, 424 “25
Admpack.exe, 303
ADSIEdit snap-in, 58
AES (Advanced Encryption Standard), 18 “19
AH (Authentication Header), 31 “32
alarms, security, 78
algorithms
additional reading, 40 “41
digital signatures, 29 “30
overview of, 15 “16
protocols ( see protocols)
public-key encryption, 25 “26
secret-key encryption, 18 “20
S/MIME, 300
always up to date (AUTD) notifications, 395
anonymity, 468 “69
antivirus protection, 199 “211
additional reading, 211
cleaning up, 202 “3
at desktop, 205 “6
Exchange server and, 206 “10
legal issues, 468
overview of, 199 “200
at perimeter, 203 “5
risk assessment, 210 “11
security auditing, 441
virus detection, 200 “202
architecture
auditing, 44
laws of security administration, 474
Windows ( see Microsoft Windows)
archives
e-mail policies, 458 “59
expiring materials, 419
litigation and, 420
for mailboxes, 410 “11
product evaluation, 414
retention policy and, 408
archive sink
configuring, 192
installing and uninstalling, 191
overview of, 190 “91
ASPs (Active Server Pages), 335
assets
inventory, 72 “74
risk assessment of, 67 “69
Association for Computing Machinery (ACM), 74
attachments
content filtering, 185
indexing, 418 “19
mobile device security, 400
Outlook security and, 296 “99, 318 “20
OWA access controls on, 361 “63
viruses in, 201 “2
attack, defense vs., 64
attributes, digital certificate, 21 “22
auditing, 439 “44. See also logging, Windows
additional reading, 437, 444
antivirus protection, 441
architecture, 44
client security, 443
content screening, 441
DCAR security, 443
Exchange installation, 440
Internet communications, 441
logging and, 443
message tracking and, 193
mobile device security, 443
operational security, 439
overview of, 7
OWA and FE server security, 442
physical security, 439
PKI and e-mail security, 441 “42
policies, 110 “11
POP3, IMAP4, and NNTP security, 443
potential attacks on, 76
SMTP security and antispam, 440 “41
surveillance and, 409
Windows server, 440
AUTD (always up to date) notifications, 395
Authenticated Users group, 48
authentication
digital certificates and, 22, 250
firewall ports, 367
IMAP4, 384 “85
Internet server/client, 255
legal issues, 446
overview of, 4 “5
OWA ( see OWA (Outlook Web Access), authentication)
POP3, 384 “85
smart card logon, 254 “55
SMTP virtual servers, 155 “57
stealth SMTP AUTH attacks and, 154
Windows/Exchange architecture for, 43 “44
Windows logon process and, 49
Authentication dialog box, 155 “57
Authentication Header (AH), 31 “32
authentication-only protocols
EAP, 39
IEEE 802.1x standard, 39 “40
Kerberos, 37 “38
LAN Manager, 36 “37
NT LAN Manager, 36 “37
PEAP, 39
RADIUS, 39
SASL, 38
Authenticode, 255
authorization
authorized users, 3
defined, 5
rights management, 251
AVAPI (Anti-Virus Application Programming Interface) scanners
defined, 203
overview of, 207 “8
perimeter antivirus protection and, 204
Secure Messaging with MicrosoftВ® Exchange Server 2003 (Pro-Other)
ISBN: 0735619905
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 189
Pages: 189
Authors: Paul Robichaux