1 Introduction to Auditing Auditing allows you to track User activities. Microsoft Windows 2000 activities. Windows 2000 records events in the security.

Slides:

Advertisements

Similar presentations

Chapter Five Users, Groups, Profiles, and Policies.

Advertisements

Guide to MCSE , Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Lesson 17: Configuring Security Policies

 Overview User Accounts Groups User Rights Permissions.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

1 Distributed File System, and Disk Quotas (Week 7, Thursday 2/21/2007) © Abdou Illia, Spring 2007.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Module 8: Implementing Administrative Templates and Audit Policy.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.

1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.

Ch 11 Managing System Reliability and Availability 1.

1 Chapter Overview Planning an Audit Policy Implementing an Audit Policy Using Event Viewer.

September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.

1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

Hands-On Microsoft Windows Server 2008

6.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 6: Administering User Accounts.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Managing Network Security ref: Overview Using Group Policy to Secure the User Environment Using Group Policy to Configure Account Policies.

5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 

C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.

Configuring Encryption and Advanced Auditing

1 Objectives Audit Policies Update and maintain your clients using Windows Server Update Service Microsoft Baseline Security Analyzer Windows Firewalls.

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 UNDERSTANDING USER ACCOUNTS  Local user accounts  stored in the Security.

PC Maintenance: Preparing for A+ Certification Chapter 23: Using a Windows Network.

1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.

Configuring the User and Computer Environment Using Group Policy Lesson 8.

1 Part-1 Chap 5 Configuring Accounts Definitions.

14.70 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 14: Monitoring Windows Server.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.

NetTech Solutions Configuring Security Settings and Internet Options Chapter Sixteen.

Lecture 6 File, Folder and Share Security. Objectives Managing file and folder security.

NetTech Solutions Security and Security Permissions Lesson Nine.

The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.

1 Introduction to NTFS Permissions Assign NTFS permissions to specify Which users and groups can gain access to folders and files What they can do with.

Module 10: Implementing Administrative Templates and Audit Policy.

Understand Audit Policies LESSON Security Fundamentals.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

Windows Server 2003 群組原則設定與管理林寶森

L Identify the “out-of-the-box” audit settings l Identify recommended minimum audit settings l Configure security event log settings to meet recommendations.

Configuring and Managing Resource Access Lecture 5.

Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.

6/19/2016 أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 4.

1 Administering a Security Configuration Security Configuration Overview Auditing Using Security Logs User Rights Using Security Templates Security Configuration.

Configuring the User and Computer Environment Using Group Policy Lesson 8.

CONFIGURING THE USER AND COMPUTER ENVIRONMENT USING GROUP POLICY

Managing Data by Using NTFS

Bethesda Cybersecurity Club

Chapter 9: Managing Groups, Folders, Files, and Object Security

Presentation transcript:

1 Introduction to Auditing Auditing allows you to track User activities. Microsoft Windows 2000 activities. Windows 2000 records events in the security log. The security log maintains a record of Valid and invalid logon attempts. Events related to creating, opening, or deleting files or other objects.

2 Using an Audit Policy An audit policy defines the types of security events recorded. An event is written to the security log on the computer where it occurs. An audit policy for a computer can Track the success and failure of events. Minimize the risk of unauthorized use of resources.

3 Audit Policy Guidelines Determine which computers need auditing. Auditing is turned off by default. Plan what to audit on each computer.

4 Events You Can Audit Accessing files and folders Logging on and off Shutting down and restarting a computer Changing user accounts and groups Attempting to make changes to objects in directory services

5 Auditing Successful Events, Failed Events, or Both Tracking successful events helps you determine How often Windows 2000 or users gain access to specific objects Resource planning Tracking failed events helps you determine Security breaches Attempted security breaches

6 Additional Audit Policy Guidelines Determine if you need to track trends of system use. Plan frequent security log reviews. Define a useful and meaningful audit policy. Audit resource access by using the Everyone group.

7 Configuring Auditing Auditing requirements You must have the Manage Auditing And Security Log user right. The files and folders to be audited must be on NTFS volumes. Setting up auditing Set the audit policy. Enable auditing of specific resources.

8 Setting an Audit Policy

9 The Local Security Policy Dialog Box

10 Auditing Access to Files and Folders Security breaches are an issue. After you set up your audit policy to audit object access Enable auditing for specific files and folders. Specify which types of access to audit.

11 Events That Can Be Audited for Files and Folders

12 Auditing Access to Printers Track sensitive printers. Set your audit policy to audit object access. Enable auditing for specific printers. Specify which users will have access. Specify which type of access to audit.

13 Printer Events That Can Be Audited

14 Understanding Windows 2000 Logs Use Event Viewer to view Windows 2000 logs. By default, Event Viewer has three logs: Application log. Security log. System log.

15 Viewing Security Logs

16 Locating Events

17 Managing Audit Logs You can control the size of the event log. The size of each log can be from 64 KB to 4 GB. The default size of a log is 512 KB. You can specify what to do when the log is full. Overwrite Events As Needed. Overwrite Events Older Than X Days. Do Not Overwrite Events (Clear Log Manually).

18 Archiving Logs Keep logs for a specified period of time to track security- related information. Configure archived logs in Event Viewer. Save Log File As Clear All Events New Log View