|
LC4, Table 9-3: Test Tools
LDAP (Lightweight Directory Access Protocol), Searching Active Directory, Windows Integrated Security
least privilege, principle of, Chapter 2: Role-Based Authorization
Lightweight Directory Access Protocol (LDAP), Searching Active Directory, Windows Integrated Security
Link, Table 9-3: Test Tools
LinkDemand, Security Features and the Visual Basic .NET Developer
Linux vulnerabilities, No Operating System Is Safe
Local Intranet Zone, Security Zones and Trust Levels
defined, Security Zones and Trust Levels
isolated storage support, Cooperating with the Security System
luring attacks, The Luring Attack
permissions for, Security Zones and Permissions, Local Intranet, Internet, and Trusted Sites Zones
scope of, How Visual Basic .NET Determines Zone
locking down, Chapter 11: Locking Down Windows, Internet Information Services, and .NET
.NET Framework, Locking Down .NET
accounts, Disable and Delete Unnecessary Accounts
antivirus software, Fundamental Lockdown Principles
auditing, enabling, Enable Auditing
automated tools for, Automated Tools
back doors, closing, Fundamental Lockdown Principles
backing up data, Fundamental Lockdown Principles
BIOS passwords, Implement BIOS Password Protection
clients, Locking Down Windows Clients, Disable Boot from Floppy Drive
databases, Core Database Security Concepts
defined, Chapter 11: Locking Down Windows, Internet Information Services, and .NET
disabling auto logon, Disable Auto Logon
domain controllers, Isolate Domain Controller
encrypting folders, Format Disk Drives Using NTFS
file-sharing software, Remove File-Sharing Software
firewall installation, Install a Firewall
firewalls with, “I’m Already Protected. I’m Using a Firewall.”
floppy drives, booting from, Disable Boot from Floppy Drive
fundamental principles of, Fundamental Lockdown Principles
IIS, Locking Down IIS, Install URLScan
IIS Lockdown tool, Automated Tools
least privelege principle, Fundamental Lockdown Principles
maintenance, Fundamental Lockdown Principles
MBSA. , see mbsa (microsoft baseline security analyzer)
Microsoft Access, Locking Down Microsoft Access
NTFS file system, Fundamental Lockdown Principles, Format Disk Drives Using NTFS
patches, OS security, Fundamental Lockdown Principles
physical security, Fundamental Lockdown Principles
purpose of, Chapter 11: Locking Down Windows, Internet Information Services, and .NET
real-world considerations, Summary
servers, Locking Down Windows Servers, Install a Firewall
service packs, Fundamental Lockdown Principles
sharing, Turn Off Unnecessary Sharing
SQL Server, Locking Down SQL Server, Figure 12-4: Turn on auditing in SQL Server Enterprise Manager
strong user passwords, Fundamental Lockdown Principles
tools for, Automated Tools
turning off services, Turn Off Unnecessary Services
URLScan, Automated Tools, Install URLScan
Windows clients, Locking Down Windows Clients, Disable Boot from Floppy Drive
Windows NT, Fundamental Lockdown Principles
Windows servers, Locking Down Windows Servers, Install a Firewall
Windows 9x, Fundamental Lockdown Principles
logging
attacks altering logs, Determining Whether to Trust Your Detection Mechanisms
detecting attacks from, Early Detection, Detecting That an Attack Has Taken Place or Is in Progress
encryption exceptions, Logging Exceptions
IIS, enabling, Enable IIS Logging
monitoring logs, Step 10: Design for Maintenance
SQL Server, Locking Down SQL Server
logons
auto logon, disabling, Disable Auto Logon
eliminating repetition of, Windows Integrated Security
frmLogin sample, Employee Management System
HTML scripting attacks using, When HTML Script Injection Becomes a Problem
login.aspx sample, Employee Management Web
recommendation, Step 7: Design for Simplicity and Usability
SQL-injection attacks using, SQL-Injection Attacks
Windows Authentication, setting up, SQL Server Authentication
logs
automated unit testing, Automated Unit Testing
exceptions handled, Exception Handling, Viewing the Event Log Remotely
viewing remotely, Viewing the Event Log Remotely
LSADump2, Table 9-3: Test Tools
luring attacks
defined, Chapter 3: Code-Access Security
protection from, The Luring Attack
L0phtCrack, Table 9-3: Test Tools
|