Presentation is loading. Please wait.

Presentation is loading. Please wait.

Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Published byGladys Greer Modified over 8 years ago

Similar presentations

Presentation on theme: "Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano."— Presentation transcript:

1 Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano Viola (CSIA)

2 Overview Securing Desktops and Services by Using Security Policies Auditing Access to System Resources

3 Securing Desktops and Services by Using Security Policies Implementing Security Policies Modifying Security Settings Using Predefined Security Templates Creating Custom Security Templates Analyzing Security Configuring and Analyzing Security from a Command Line

4 Implementing Security Policies Internet Services Manager Implementing Security Policies by Using Local Security Policy Implementing Security Policies by Using Local Security Policy Event Viewer Licensing Performance Routing and Remote Access Server Extensions Administrator Services Telnet Server Administration Local Security Policy Accessories Startup Internet Explorer Outlook Express Administrative Tools Group Policy Implementing Security Policies by Using Group Policy

5 Modifying Security Settings Account policies Local policies Public key policies IPSec policies Event log Configure password and account policies Configure auditing, user rights, and security options Configure encrypted data recovery agents, domain roots, trusted certificate authorities, etc. Configure encrypted data recovery agents, domain roots, trusted certificate authorities, etc. Configure IP security on a network Configures settings for application logs, system logs, and security logs Restricted Groups Configures group memberships for security sensitive groups System Services Configure security and startup settings for services running on a computer Configure security and startup settings for services running on a computer RegistryRegistry Configures security on registry keys File system Configures security on specific file paths

6 Using Predefined Security Templates Define the default security level for Windows 2000. Provide an additional level of security than Compatible, but do not ensure that all of the features of standard business applications will run. Provide a a higher level of security than Basic but still ensures that all the features of standard business applications will run. Enforce the maximum security for Windows 2000 without consideration for application functionality. Compatible Basic Secure High

7 Creating Custom Security Templates To create a custom security template Add the Security Template snap-in to MMC Select the template to customize Configure the new policy settings Save the new configuration

8 Analyzing Security Local Security Settings Console Favorites Console Root Policy Security Options ActionViewFavorites WindowHelp Tree Database SettingComputer Setting Security Configuration and A Account Policies User Rights Assignme Registry MACHINE CLASSES_ROOT System Services Restricted Groups Event Log Local Policies Audit Policies Additional restriction… Allow server operato... Allow system to be s... Allowed to eject rem… Amount of idle time r... Audit the access of g... Audit use of Backup… Automatically log off… Clear virtual memory... Digitally sign client co... Digitally sign client co… Do not allow en… Disabled Administrators Enabled 15 minutes Disabled Enabled Disabled None. Rely on … Disabled Administrators Enabled 15 minutes Disabled Enabled Disabled Current Computer Settings Template (.inf file) Analysis Database (.sdb file)

9 Configuring and Analyzing Security from a Command Line /analyze/configure/export/refreshpolicy/validate/areas FILESTORE C:\WINNT\System32\cmd.exe C:\>cd %windir%\security\database C:\WINNT\security\Database>secedit /configure /db mysecure.sdb /areas FILESTORE /Log C:\WINNT\security\logs\MySecure.Log /verbose Task is completed successfully. See log C:\WINNT\security\logs\MySecure.Log for detail info.

10 Auditing Access to System Resources Introduction to Auditing Selecting Events to Audit Planning an Audit Policy Setting Up an Audit Policy Auditing Access to Resources

11 Introduction to Auditing Auditing Tracks User and Operating System Activities Audit Entries Contain Actions Performed, Users Who Performed the Actions, and Success or Failure of the Events Audit Policy Defines the Types of Security Events That Windows 2000 Records You Set Up an Audit Policy to Track Success or Failure of Events, Identify Unauthorized Use of Resources, and Maintain a Record Activity You View Security Logs in Event Viewer Event Viewer User1 logon failed Access denied Printing successful Use of Resources Success or Failure Logged

12 Selecting Events to Audit EventEventExampleExample Account logon Domain controller receives a request to validate a user account Account management Administrator creates, changes, or deletes a user account or group Directory service access User gains access to an Active Directory object Logon User logs on or off a local computer Object access User gains access to a file, folder, or printer Policy change Change is made to the user security options, user rights, or Audit policies Privilege use User exercises a right, such taking ownership of a file Process tracking Application performs an action System User restarts or shuts down the computer

13 Planning an Audit Policy Determine the Computers on Which to Set Up Auditing Review Security Logs Frequently Determine Whether to Audit the Success or Failure of Events, or Both Determine Whether to Audit the Success or Failure of Events, or Both Determine Which Events to Audit Determine Whether You Need to Track Trends

14 Setting Up an Audit Policy Console Console1 – [Console\Root\Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policie WindowHelp ActionView Tree Console Root Audit Policy Audit account logon events Audit account management Audit directory service access Audit logon events Audit object access Audit policy change Audit privilege use Audit process tracking Local Computer Policy Favorites PolicyLocal SettingEffective Setting Audit system events Computer Configuration Software Settings Window Settings Scripts (Startup/Shutdown) Security Settings Account Policies Local Policies User Rights Assignme Security Options Public Key Policies IP Security Policies on Lo Success, Failure No auditing Success, Failure No auditing Success Failure No auditing Assign Security Settings to a Single Computer by Configuring the Settings in Local Policies in Group PolicyAssign Security Settings to a Single Computer by Configuring the Settings in Local Policies in Group Policy Assign Security Settings to Multiple Computers by Creating a Group Policy Object and Assigning ItAssign Security Settings to Multiple Computers by Creating a Group Policy Object and Assigning It

15 Auditing Access to Resources File System Set the Audit Policy to Audit Object Access Enable Auditing for Specific NTFS Files and Folders Record Success or Failure of an Event Set the Audit Policy to Audit Object Access Enable Auditing for Specific NTFS Files and Folders Record Success or Failure of an Event NTFS Printers Set the Audit Policy to Audit Object Access Enable Auditing for Specific Printers Record Success or Failure of an Event Set the Audit Policy to Audit Object Access Enable Auditing for Specific Printers Record Success or Failure of an Event

Download ppt "Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano."

Similar presentations

Guide to MCSE 70-290, Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.

Guide to MCSE , Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
 Overview User Accounts Groups User Rights Permissions.

 Overview User Accounts Groups User Rights Permissions.
Managing User Settings with Group Policy

Managing User Settings with Group Policy
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.

© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.

11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Similar presentations

Ads by Google