Chp14 - 70-290: MCSE Guide to Managing a Microsoft Windows...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to MCSE 70-290, Enhanced 2 Objectives Identify the various elements and techniques that can be used to secure a Windows Server 2003 system Use Security Configuration and Analysis tools to configure and review security settings Audit access to resources and review Security log settings
Background image of page 2
Guide to MCSE 70-290, Enhanced 3 Securing Your Windows 2003 System Five broad categories of security-related features: Authentication Access control Encryption Security policies Service packs and hot fixes
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to MCSE 70-290, Enhanced 4 Authentication Most basic level is requiring a user id and password to log on to some system In a domain environment, authentication is centralized on the network while in a workgroup environment, authentication is local In a domain environment, a single authentication can provide access to multiple domains and forests Additional authentication methods can apply to other services (e.g., IIS)
Background image of page 4
Guide to MCSE 70-290, Enhanced 5 Access Control Access control is used to secure resources such as files, folders, and printers Common types of access control are NTSF and shared folder permissions, printer permissions, Active Directory object permissions The “principle of least privilege” implies that users should only have the access that they really need
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to MCSE 70-290, Enhanced 6 Encryption Confidential files can be encrypted using the Encrypting File System (EFS) for local files stored on NTFS volumes EFS uses a combination of public and private keys The IPSec protocol can encrypt the contents of packets sent across a TCP/IP network There are two IPSec modes: transport and tunnel IPSec is used to make it difficult for hackers to intercept sensitive network data
Background image of page 6
Guide to MCSE 70-290, Enhanced 7 Security Policies Security policy settings can be configured from the Local Security Policy and Group Policy Object Editor MMC snap-ins Security policies control a range of security settings Windows Server 2003 includes tools that analyze policy settings compared to pre-configured security templates Security Configuration and Analysis MMC snap-in Command-line SECEDIT utility
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to MCSE 70-290, Enhanced 8 Service Packs and Hot Fixes Many critical updates and patches are related to security issues Hot fixes address a specific identified issue A service pack is a cumulative collection of hot fixes and updates Service packs and hot fixes can be downloaded and installed from Microsoft Software Update Services can assist in automating and managing the distribution of updates
Background image of page 8
Guide to MCSE 70-290, Enhanced 9 Using Security Configuration Manager Tools Windows Server 2003 provides tools specifically designed to help configure and manage security settings (Security Configuration Manager tools) These tools plus Group Policies can be used to set up a Security Policy template which is administered centrally
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/22/2011 for the course CIS 2150 taught by Professor Ajackson during the Winter '09 term at A.T. Still University.

Page1 / 48

Chp14 - 70-290: MCSE Guide to Managing a Microsoft Windows...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online