Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Vista Configuration MCTS 70-620: User Account Security.

Published byIris Daniel Modified over 8 years ago

Similar presentations

Presentation on theme: "Windows Vista Configuration MCTS 70-620: User Account Security."— Presentation transcript:

1 Windows Vista Configuration MCTS 70-620: User Account Security

2 User Accounts and Groups Workstations can be configured as a member of a workgroup or domain. A domain is a logical group of computers that define a security boundary. A user account enables a user to log on to a computer or domain with an identity that can be authenticated and authorized for access to the resources of the computer or domain.

3 User Accounts Local user accounts Defined on a local computer and have access to the local computer only. Local Users and Groups is accessible through the Computer Management console. Domain user accounts Defined in the Active Directory. Can access resources throughout a domain/forest.

4 Default User Accounts Administrator Provides complete access to files, directories, services, and other facilities on the computer. This account cannot be deleted. Guest Designed for users who need one-time or occasional access. Has limited privileges. High risk of potential security problems.

5 Windows Vista Local Accounts Standard Account to use for everyday computing. Permission from an administrator is required if you want to make changes that affect other users or the security of the computer. Administrator Provides the most control over the computer. Can change security settings, install software and hardware, and access all files on the computer. Guest For people who need temporary access to the computer. Enables people to use your computer without having access to your personal files. Can’t install software or hardware, change settings, or create a password.

6 Domain Logon Names At symbol (@) The full logon name for User1 in the Acme.com domain is User1@Acme.com Backslash symbol (\) The full logon name for User1 in the Acme domain is Acme\User1

7 Managing Local Logon Accounts

8 Giving Domain Accounts Local Access

9 User Accounts Console Change accounts Create and change passwords Remove local user accounts

10 Network Rights and Permissions When planning for how you assign the rights and permissions to the network resources, follow these two main rules: Give the rights and permissions for the user to do his job. Don’t give any additional rights and permissions that a user does not need.

11 User Account Control

12 User Account Privileges View system clock and calendar Change time zone Install Wired Equivalent Privacy (WEP) to connect to secure wireless networks Change display settings Change power management settings Install fonts Add printers and other devices that have the required drivers installed on computer or are provided by an IT administrator Create and configure a virtual private network connection Download and install updates using UAC-compatible installer

13 Tasks that will trigger a UAC prompt, if UAC is enabled: Changes to files in %SystemRoot% or %ProgramFiles% Installing and uninstalling applications Installing device drivers Installing ActiveX controls Installing Windows Updates Changing settings for Windows Firewall Changing UAC settings Configuring Windows Update Adding/removing user accounts Changing a user’s account type Configuring parental controls Running Task Scheduler Restoring backed-up system files Viewing/changing another user’s folders and files

14 UAC Messages Windows needs your permission to continue A program needs your permission to continue An unidentified program wants access to your computer This program has been blocked

15 Program Compatibility Some legacy applications will not run on Windows Vista because of compatibility problems. Windows includes a Program Compatibility Wizard to configure Windows to run a program under an older Windows environment. A fully compatible application will keep the system secure by requesting privilege elevation as necessary. The Run This Program as an Administrator option allows the application to use the UAC system to request privilege escalation.

16

17 UAC Message Behavior Administrators Elevate without Prompting Prompt for Credentials Prompt for Consent Standard Users Automatically Deny Elevation Requests Prompt for Credentials

Download ppt "Windows Vista Configuration MCTS 70-620: User Account Security."

Similar presentations

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 1: Installing Windows XP Professional

Module 1: Installing Windows XP Professional
Operating System Customization

Operating System Customization
 Overview User Accounts Groups User Rights Permissions.

 Overview User Accounts Groups User Rights Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
CSCD 303 Essential Computer Security Fall 2010 Lecture 4 - Desktop Security Reading:

CSCD 303 Essential Computer Security Fall 2010 Lecture 4 - Desktop Security Reading:
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Lesson 10 Operating System Customization

Lesson 10 Operating System Customization
Installing and Troubleshooting Hardware Device and Drivers Chapter 6 powered by dj.

Installing and Troubleshooting Hardware Device and Drivers Chapter 6 powered by dj.
Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.

Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.
Working with Workgroups and Domains

Working with Workgroups and Domains
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.

Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.

Similar presentations

Ads by Google