Guide to MCSE 70-270, Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.

Slides:



Advertisements
Similar presentations
Chapter Five Users, Groups, Profiles, and Policies.
Advertisements

Guide to MCSE , Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Windows XP Users, Groups, Profiles and Policies : MCSE Guide to Microsoft Windows XP Professional.
Lesson 17: Configuring Security Policies
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 4: Troubleshoot System Startup and User Logon Problems.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.
Ch 11 Managing System Reliability and Availability 1.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.
70-270: MCSE Guide to Microsoft Windows XP Professional Second Edition, Enhanced Chapter 6: Windows XP Security and Access Controls.
September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.
Hands-On Microsoft Windows Server 2008
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Chapter Six Windows XP Security and Access Controls.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 5: Managing File Access.
Troubleshooting Windows Vista Security Chapter 4.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 UNDERSTANDING USER ACCOUNTS  Local user accounts  stored in the Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Lesson 17-Windows 2000/Windows 2003 Server Security Issues.
Understanding Group Policy James Michael Stewart CISSP, TICSA, CIW SA, CCNA, MCSE NT & W2K, iNet+
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
70-270: MCSE Guide to Microsoft Windows XP Professional 1 Windows XP Professional User Accounts Designed for use as a network client for: Windows NT Windows.
Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.
Module 6: Configuring User Environments Using Group Policy.
Security Windows 2000 Richard Goldman © December 4, 2001.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 11: Group Policy for Corporate Policy.
NetTech Solutions Security and Security Permissions Lesson Nine.
Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
©Richard L. Goldman Public Key Policies for Windows 2000 ©Richard Goldman December 5, 2001.
Configuring the User and Computer Environment Using Group Policy Lesson 8.
Module Overview Installing and Configuring a Network Policy Server
Configuring Windows Firewall with Advanced Security
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Lesson 16-Windows NT Security Issues
Presentation transcript:

Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access token String of bits representing user Attached to processes

Guide to MCSE , Second Edition, Enhanced2 The Windows XP Security Model (continued) Access token Compared with ACL (Access Control List) Domain security Centered on Active Directory

Guide to MCSE , Second Edition, Enhanced3 Active Directory Centralized database containing: Security Configuration Communication information Manages: Information about domain Resources shared by network

Guide to MCSE , Second Edition, Enhanced4 Logon Authentication Logon is mandatory Logon process components: Identification Authentication Password authentication typically used Access token attached to shell process

Guide to MCSE , Second Edition, Enhanced5 Shell Defines environment inside which user executes programs or spawns other processes Default: Windows Explorer Defines desktop, start menu, etc.

Guide to MCSE , Second Edition, Enhanced6 Resources as Objects Access to individual resources controlled at object level Everything in environment is an object Identified by type Type determines Permitted range of contents Kinds of operations

Guide to MCSE , Second Edition, Enhanced7 Resources as Objects (continued) Service How object can be manipulated Attributes Named characteristics

Guide to MCSE , Second Edition, Enhanced8 Access Control Logon process Initiated with Ctrl+Alt+Delete Hardware interrupt cannot be imitated Mandatory logon Restricted user mode Physical logon User profiles

Guide to MCSE , Second Edition, Enhanced9 Customizing the Logon Process Administrator can alter default process Winlogon process: Produces logon dialog box Controls automated logon Warning text Display of Shutdown button Display of last user to log onto system

Guide to MCSE , Second Edition, Enhanced10 Disabling the Default Username Logon window Displays name of the last user to logon Can be unsecure DontDisplayLastUserName Regisry setting Edit with: Local Computer Policy utility

Guide to MCSE , Second Edition, Enhanced11 Adding a Security Warning Message Might be legally obligated to add a warning message Settings in Registry: LegalNoticeCaption LegalNoticeText

Guide to MCSE , Second Edition, Enhanced12 Changing the Shell Default shell Windows Explorer Change Registry setting

Guide to MCSE , Second Edition, Enhanced13 Disabling the Shutdown Button Windows XP logon window includes Shutdown button Potential for unwanted system shutdowns ShutdownWithoutLogon Registry setting Users can still physically power-off machine Winlogon settings for: Laptop Sleep mode Other advanced shutdown settings

Guide to MCSE , Second Edition, Enhanced14 Automating Logons Values for username and password can be coded into Registry to automate logons Registry settings: DefaultDomainName DefaultUserName DefaultPassword AutoAdminLogon

Guide to MCSE , Second Edition, Enhanced15 Automatic Account Lockout Disables account Predetermined number of failed logins Predetermined amount of time Default: Unlimited number of attempts

Guide to MCSE , Second Edition, Enhanced16 Domain Security Concepts and Systems Domain Collection of computers with centrally managed security and activities Offers: Increased security Centralized control Broader access to resources

Guide to MCSE , Second Edition, Enhanced17 Domain Security Overview Control of: User accounts Group memberships Resource access for all members of a network instead of only a single computer

Guide to MCSE , Second Edition, Enhanced18 Local Computer Policy Combination of controls System policies Control panel applets Registry settings Other names: Software policy Environmental policy Windows XP policy

Guide to MCSE , Second Edition, Enhanced19 Local Computer Policy (continued) Local system’s group policy Effective policy: Result of combination of all group policies applicable to system Controlled on a domain basis on a Windows domain controller Add Global Policy snap-in to MMC

Guide to MCSE , Second Edition, Enhanced20 Local Computer Policy (continued) Local Group Policy tool Also called Local Security Policy tool Accessed from Administrative Tools Local computer policy contents: Determined during installation Based on: System configuration Existing devices Selected options and components

Guide to MCSE , Second Edition, Enhanced21 Local Computer Policy (continued) Custom policies: Created through the use of.adm files Local group policy: System.adm file Local Computer Policy snap-in Divided into two sections: User Configuration Computer Configuration Contains over 300 individual controls

Guide to MCSE , Second Edition, Enhanced22 Computer Configuration Subnodes: Software Settings The Windows Settings folder: Scripts Security Settings Administrative Templates folder

Guide to MCSE , Second Edition, Enhanced23 Public Key Policies Three purposes Offers additional controls over the Encrypting File System (EFS) Enables the issuing of certificates Allows you to establish trust in a certificate authority

Guide to MCSE , Second Edition, Enhanced24 IP Security Policies Security measure added to TCP/IP Protects communications between two systems using that protocol Can be used over a RAS or WAN link Creates a secured point-to-point link between two systems Configured and enabled with Advanced TCP/IP Settings dialog box

Guide to MCSE , Second Edition, Enhanced25 IP Security Policies (continued) Modes: Transport Tunneling Predefined IPSec policies: Client (Respond Only) Server (Request Security) Secure Server (Require Security)

Guide to MCSE , Second Edition, Enhanced26 IP Security Policies (continued) Authentication methods: Kerberos version 5 Default and preferred Public key certificate authentication Preshared key Less secure

Guide to MCSE , Second Edition, Enhanced27 Administrative Templates Offer controls on a wide range of environmental functions and features Registry based group policy information Used to overwrite Registry to force compliance with group policy

Guide to MCSE , Second Edition, Enhanced28 User Configuration Subfolders: Software Settings Windows Settings folder Administrative Templates folder

Guide to MCSE , Second Edition, Enhanced29 Security Configuration and Analysis Tool MMC snap-in Used to: Analyze Configure Export Validate system security based on a security template Seven predefined security templates

Guide to MCSE , Second Edition, Enhanced30 Security Configuration and Analysis Tool (continued) Checks system’s current configuration against selected security template Produces a report of discrepancies Apply security templates to system

Guide to MCSE , Second Edition, Enhanced31 Auditing Security process Records occurrence of specific operating system events inSecurity log Every object has audit events related to it Event Viewer Maintains logs about: Application events Security events System events

Guide to MCSE , Second Edition, Enhanced32 Event Properties Dialog Box

Guide to MCSE , Second Edition, Enhanced33 Encrypting File System Allows you to encrypt data stored on an NTFS drive Only enabling user can gain access to encrypted object Enabled using Properties dialog Uses public and private key encryption method Encryption process is invisible to user

Guide to MCSE , Second Edition, Enhanced34 Encrypting File System (continued) Recovery Agent Used to recover encrypted files Required for EFS to function CIPHER Command-line tool for batch processing of encryption

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.