Presentation is loading. Please wait.

Presentation is loading. Please wait.

Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active.

Published byTamsin Hodges Modified over 8 years ago

Similar presentations

Presentation on theme: "Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active."— Presentation transcript:

1 Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active Directory, etc.)

2 Permissions can be assigned to groups of users. Users have security rights/permissions. Resources (objects) protected by ACLs. NTFS used. Each user has a profile and personal files/folders. Ctrl+Alt+Del guards logon. Users have accounts protected by password.

3 SID - Security IDentifier each user has a unique SID Predefined SIDs S-1-5-807522115-735419003-... -1204 RID - relative ID domain identifiers (length varies) identifier authority (1-5) revision level each group has a unique SID S-1-5-2 Network group S-1-5-3 Interactive group S-1-5-4 Authenticated Users group S-1-5-500 Administrator S-1-5-544 Administrators group S-1-5-545 Users group

4 Access Tokens When a user logs in an access token is created. Users can log in, but groups cannot. An access token includes 1) the user ’ s SID, 2) the SIDs of user ’ s groups, and 3) other user rights and privileges. An access token must be presented whenever a resource is requested. Groups One user can be assigned to multiple groups. Users with common security privileges are grouped. Local vs. Domain Domains are a means for implementing global (non-local) access. Local refers to the local computer.

5 Guest Automatically created at setp/install. Limited control (use installed programs, view permissions, create/change/delete owned files/folders) Exist if the system is upgraded. Limited Limited control (change personal account (password, picture, etc.), use installed programs, view permissions, create/change/delete owned files/folders) Created by Administrator. Computer Adminstrator Complete control (create users & groups, install programs, backup/restore, load/unload device drivers, manage security/auditing, set permissions, access all files, take ownership of objects). Created at setup/install. Unknown

6 Right-click file/folder > properties > security tab Right-click Computer > Manage > Local Users and Groups.

7 LSA Win login SAM database Active Directory SRM

8 Passwords are hashed: User IDs and passwords older versions of Windows use LM (DES) hash salt? post-NT versions of Windows use NTLM (MD4) hash

9 ( SID, right ) ACL = a list of Access Control Entries An ACL is bound to an object. the object ’ s creator can specify an ACL. the O.S. can find an ACL from a parent object. To validate an operation: 1) The LSA must be presented with an access token. 2) The SRM supplies the ACL for the appropriate object. 3) The LSA validates that the SID from the token matches the ACL.

10 Registry = central database for configuration settings The individual settings are called keys. The entire registry consists of five hives. HKEY_LOCAL_MACHINE HKEY_CLASSES_ROOT HKEY_USERS HKEY_CURRENT_USERS HKEY_CURRENT_CONFIG Keys can be edited with WINDOWS\System32\regedt32.exe.

11 information about currently installed hardware and software includes SAM access and various important security keys HKEY_LOCAL_MACHINE HKEY_CLASSES_ROOT HKEY_USERS HKEY_CURRENT_USERS HKEY_CURRENT_CONFIG maintains file-application associations etc. contains default local user profiles (screen color, wallpaper, screen savers, etc.) stores profile for currently logged in user holds information for the hardware configuration that was booted

Download ppt "Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active."

Similar presentations

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Configuration Files CGS2564. DOS Config.sys Device drivers Memory configuration Autoexec.bat Run programs, DOS commands, etc. Environment settings File.

Configuration Files CGS2564. DOS Config.sys Device drivers Memory configuration Autoexec.bat Run programs, DOS commands, etc. Environment settings File.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Registry Analysis What is it? What does it contain?

Registry Analysis What is it? What does it contain?
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Group Accounts; Securing Resources with Permissions

Group Accounts; Securing Resources with Permissions
Operating System & Application Files BACS 371 Computer Forensics.

Operating System & Application Files BACS 371 Computer Forensics.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
OS and Application Files BACS 371 Computer Forensics.

OS and Application Files BACS 371 Computer Forensics.
Windows Security Mechanisms Al Bento - University of Baltimore.

Windows Security Mechanisms Al Bento - University of Baltimore.
Access Control Lists and NTFS Permissions INFO333 – Lecture 4 2010 Mariusz Nowostawski Noria Foukia.

Access Control Lists and NTFS Permissions INFO333 – Lecture Mariusz Nowostawski Noria Foukia.
Working with Workgroups and Domains

Working with Workgroups and Domains
Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.
Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Similar presentations

Ads by Google