Windows security for n00bs part 1 Security architecture & Access Control
|
|
- Lewis Lionel Booth
- 8 years ago
- Views:
Transcription
1 Grenoble INP Ensimag _ (in)security we trust _!! SecurIMAG Windows security for n00bs part 1 Security architecture & Access Control Description: whether you are in favor or against it, the Windows NT OS does not let any IT engineer nor researcher indifferent. We will first introduce some basics regarding the OS structure, then talk about authentication, and each time remind some attacks. Lecturer: Fabien Duchene WARNING: SecurIMAG is a security club at Ensimag. Thoughts, ideas and opinions are not related to Ensimag. The authors assume no liability including for errors and omissions.
2 Summary 0. Introduction 1. Security components 2. Access control ==next session== Memory (Guillaume & Karim) ==next next session== 3. Authentication (Fabien) 4. Network (Fabien)
3 0. Introduction What Windows is What else not? Windows NT brief history Talk perimeter
4 0. Introduction What windows is? A major OS in the market # numbers Windows XP SP3 major in the corporation client OS o ~ 10y old
5 0. Introduction What else not? NOT The most secure system ever built Important attack surface but ability to harden it NOT The most configurable OS Source code «normally» not available o Government, security agencies o you know where ;)
6 0. Windows NT brief history NT 4.0 (1996) NT 5.0 (1999) NT5.1 (2001) NT6.0 (2008) NT 7 (2009) 2000 XP Vista, Server , Server 2008 R2 SSPI DEP ASLR More granular UAC MSGINA Integrity Levels NLA firewall UAC BitLocker CredentialProviders
7 0. Talk perimeter Security mechanisms regarding: Windows XP Vista And 7 Not necessarily presented per version, but more per functionality
8 1. Windows NT6 & NT7 Security components Security components (Windows Vista ie NT6) Windows XP vs Vista & 7 processes hierarchy Security Reference Monitor (SRM) Local Security Authority SubSystem (LSASS) Session Manager SubSystem (SMSS) Wininit Services SAM
9 1.1. Security components (Windows Vista) System threads Session Windows Mgr DLLs Windows LSA DLLs Windows Winlogon DLLs Windows Wininit DLLs Windows DLLs I/O Manager Device & File System Driver Cache manager Service Host Windows Print spooler DLLs Windows DLLs Task Mgr SubSystem Explorer DLLs User SubSystem application DLLs System service dispatcher (Kernel-mode callable interfaces) Object Manager PnP Manager NTDLL.DLL Power Manager Security Ref. Monitor Kernel SubSystem DLLs Virtual Memory Process Mgr Hardware Abstraction Layer (HAL) Configuration Mgr (Registry) Local Procedure Call POSIX Windows DLLs Windows Win32 USER, GDI Graphics Drivers User Mode Kernel Mode Windows Internals, 5th Edition Windows Vista & Server 2008, Mark Russinovich, David Salomon
10 1.2. Windows XP processes hierarchy System Idle Process (0) System (4) Explorer.exe Interrupts SMSS Notepad.exe cmd.exe CRSS Winlogon Services LSASS Service1 (identity1)
11 1.2. Windows Vista & 7 process hierarchy Thanks to ProcessExplorer ;) System Idle Process (0) System (4) CRSS CRSS Wininit winlogon Explorer.exe Interrupts SMSS Services LSASS Notepad.exe cmd.exe Service1 (identity1)
12 1.2. Security Reference Monitor Controls performed on objects and access allowed or restricted regarding Privileges Users rights (ACL) Generating auditing entries Security Ref. Monitor
13 1.3. Local Security Authority SubSystem User-mode process running under SYSTEM identity SID=S Authentication o Trusted domains Token LSA Policy Privileges Netlogon LSA Server LSASS Msv1_0.dll Kerberos.dll Audit entries (security event user logs) Parameters stored under HKLM\security Active Directory SAM Server Active Directory SAM Mécanismes internes de la sécurité Windows, Pascal Saulière, 2010, Microsoft Event Logger
14 1.3. LSASS enforces password policy Locally or via GPO configurable
15 Session Manager SubSystem (SMSS)
16 WinInit.exe
17 Services
18 2. Access Control Access control? Securable Windows NT objects SID Privileges Security Descriptor Access Control Lists Token Impersonation Mandatory Integrity Levels Auditing
19 Access Control? Several models: Mandatory Access Control o Several levels o Eg (Windows NT): Mandatory Integrity Level Discretionary Access Control: o Eg (Windows NT): Files ACL Role-Based Access Control o When ACL permissions are only defined on security groups
20 Securable Windows NT Objects Mailslots Timers Peripherals Semaphores Files Access tokens Jobs Window stations Shared Desktops memory sections I/O SMB completion shares ports Pipes Services (named & anonymous) LPC Registry ports keys Events Printers Mutexes SecurIMAG - Windows security for n00bs part 1 - Fabien Windows Internal 5 th Edition (Windows Vista & Server 2008)
21 Security Identifier (SID) Statistically unique worldwide Not all AD Objects do own a SID ONLY the following AD objects: o Computer: (when the computer joins the domain) o Domain controllers: (same above) o User/service account (when the account is created) o Security group (a security group can contain security groups, users, and computers) These objects are named security principal. They all: o owns a SID: user account SID o member of [0..n] security groups: Group SIDs 24 Technical overview of the Microsoft PKI ADCS 2008 R2
22 Brief SID summary S Revision Level 4 bits Valeur : 1 Authority, 48 bits 0 = null 1 = world 2 = local 3 = creator owner 4 = non unique 5 = NT Domain / Computer SID RID du compte 500 = Administrator 501 = Guest 1000 = user = user2 Sub-Authorities(=RID) Exemples : 0 = null 0 = world 0 = creator owner 1 = creator group 2 = creator owner server 3 = creator group server Well-Known SID examples: S-1-0-0: Null S-1-1-0: Everyone S-1-2-0: Local S-1-3-0: Creator Owner S-1-3-1: Creator Group S-1-5-1: Dialup S-1-5-2: Network S-1-5-3: Batch S-1-5-4: Interactive S X-Y : Logon Session S-1-5-6: Service S-1-5-7: Anonymous Logon S-1-5-9: Enterprise Domain Controlers S : Self S : Authenticated Users S : Restricted S : Terminal Server User S : Remote Interactive Logon S : System (LocalSystem) S : Local Service S : Network Service
23 Well-Know SID for the «built-in» groups SID S S S S S S S S S S S S Name Administrators Users Guests Power Users Account Operators Server Operators Print Operators Backup Operators Replicator Pre-Windows 2000 Compatible Access Remote Desktop Users Network Configuration Operators
24 RID examples for SID S-1-5-domain-500 S-1-5-domain-501 S-1-5-domain-502 S-1-5-domain-512 S-1-5-domain-513 S-1-5-domain-514 S-1-5-domain-515 S-1-5-domain-516 S-1-5-domain-517 S-1-5-root domain-518 S-1-5-root domain-519 S-1-5-domain-520 S-1-5-domain-553 Name Administrator Guest krbtgt Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Cert Publishers Schema Admins Enterprise Admins Group Policy Creator Owners RAS and IAS Servers
25 Know your SID! whoami /all
26 Storing SID? iki/security_identifier Technical overview of the Microsoft PKI ADCS 2008 R2
27 Privileges Right to perform a specific action on several Windows NT objects. Eg: Shutdown the computer Allow logon locally Load and Unload Devices drivers Create a pagefile Ajust memory quotas for processes
28 Privileges changing them graphically Windows Server 2008 and WS 2008 R2 user rights -
29 Privileges - Know yours! whoami /all once more usefull!
30 Security descriptor for a securable object S contains ACL: DACL: contains 0 n ACE o ACE: a security principal (SID) SACL: log who attempted to perform specific actions on S
31 Access Control Lists a list of ACE (Access Control Entries) ACE: right/privilege/permission given to a specific SID on a specific object/resource Resource examples: Shared folder LDAP object certificate template 36 Technical overview of the Microsoft PKI ADCS 2008 R2
32 DACL File object Security descriptor ACE ACE Windows Internals, 5th Edition Windows Vista & Server 2008, Mark Russinovich, David Salomon Technical overview of the Microsoft PKI ADCS 2008 R2
33 ACL application order From the most "generic" scope to the most precise one Technical overview of the Microsoft PKI ADCS 2008 R2
34 Exercise is Sophie able to? Technical overview of the Microsoft PKI ADCS 2008 R2 r:4mmsr-ensimag-telecom-2a- Network_Security-Examination EN_US.pdf
35 SMB Share ACL Share ACL are applied Then system ACL
36 Token Security context: thread, process Privileges, SPN (user SID, group SIDs) Logon process: Winlogon creates a token related to a user Inheritance: a child process automatically inherits the token of the parent Token fields immutable (because located in the kernel memory) Token Source Impersonation type Token ID Authentication ID Modified ID Expiration time Default Primary Group Default DACL User Account SID Group 1 SID Group n SID Restricted SID 1 Restricted SID n Privilege 1 Privilege n
37 Token kernel structure on Windows 7
38 Token - administrator "Complete"/"normal Restricted token» token SecurIMAG - Windows security for n00bs part 1 - Fabien
39 Restricted token runas /trustlevel:0x20000 cmd.exe SRP
40
41 Software Restriction Policy Enforce restricted token via group policy for specific executables
42 Mandatory Integrity Level Ensured by the SRM Processes isolation Mandatory Access Control Depending of the process "integrity» Ability to interact with "lower integrity objects" only Mandatory Access Control (Wikipedia)
43 Mandatory Integrity Level - example System 0x4000 Eg: WININIT.EXE High 0x3000 Eg: Admin processes Medium 0x2000 Eg: OUTLOOK.EXE Low 0x1000 Eg: IEXPLORE.EXE Untrusted 0x0000 Processes Object (could be a process) System Eg: kernel variables High Medium Low Untrusted Mandatory Access Control (Wikipedia)
44 Mandatory Integrity Level
45 Shatter attack
46 DLL injection Priviledge: SE_DEBUG (by default only Administrators)
47 Priviledge SE_DEBUG Debug programs o This user right determines which users can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not need to be assigned this user right. Developers who are debugging new system components will need this user right to be able to do so. This user right provides complete access to sensitive and critical operating system components. Caution Assigning this user right can be a security risk. Only assign this user right to trusted users. Default: Administrators
48 Mandatory Integrity Level - advantages Consequences: Blocks SHATTER attacks Blocks DLL injection in a higher integrity process!
49 Impersonation
50 User Access Control
51 UAC granularity (Windows 7) Inside Windows 7 UAC
52 UAC autoelevation? Frequent question: when you change the UAC level alert, for which executable will Windows 7 allow to autoelevate? Marker in the executable: <asmv3:windowssettings xmlns=" ssettings"> <autoelevate>true</autoelevate> </asmv3:windowssettings>
53 UAC autoelevate markers / whitelist
54 UAC attack? How to auto-elevate without the user being prompted? Add that marker to your executable! Additional requirement: executable to be signed by Microsoft! Thus prevening EXTERNAL ones from autoelevating injecting a DLL into an autoelevated allowed executable. Problems: Mandatory integrity levels:
55 Auditing
Computer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 24 Windows and Windows Vista Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Windows and Windows Vista Security
More informationSecurity. Ausgewählte Betriebssysteme Institut Betriebssysteme Fakultät Informatik. Copyright 2001-2004 Hermann Härtig, Ronald Aigner
Ausgewählte Betriebssysteme Institut Betriebssysteme Fakultät Informatik Outline Ratings System Components Logon Object (File) Access Impersonation Auditing 2 Ratings National Computer Center (NCSC) part
More informationIntroduction to Computer Security
Introduction to Computer Security Windows Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Microsoft Windows Family Tree Key security milestones: NT 3.51 (1993): network drivers and
More informationWindows Security Environment
Motivation Popularity, widespread use of Windows Big surface, big impact Protection via user/kernel architecture and CPU modes Multiple-users environment, same physical resources Easy to install < security
More informationSECURITY SUBSYSTEM IN WINDOWS
Operating Systems SECURITY SUBSYSTEM IN WINDOWS Zoltán Micskei http://www.mit.bme.hu/~micskeiz Budapesti Műszaki és Gazdaságtudományi Egyetem Neeraj Suri Méréstechnika és Információs Rendszerek Tanszék
More informationWindows Server 2008/2012 Server Hardening
Account Policies Enforce password history 24 Maximum Password Age - 42 days Minimum Password Age 2 days Minimum password length - 8 characters Password Complexity - Enable Store Password using Reversible
More informationWindows Security. CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger. www.cse.psu.edu/~tjaeger/cse497b-s07/
Windows Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ Windows Security 0 to full speed No protection system in early versions
More informationwindows maurizio pizzonia roma tre university
windows maurizio pizzonia roma tre university 1 references M. Russinovich, D. A. Solomon Windows Internals: Including Windows Server 2008 and Windows Vista 5 th ed. Microsoft Press 2 architecture overview
More informationWeb. Security Options Comparison
Web 3 Security Options Comparison Windows Server 2003 provides a number of Security Options that can be applied within the scope of managing a GPO. Most are the same as those available in Windows 2000.
More informationObjectives. Windows 7 Security. Desktop OS Market Share. Windows Background. CS140M Fall 2014. Lake
Objectives Windows 7 Security By Al Fall 2014 CS 140M LBCC Background Windows Security Architecture Windows Vulnerabilities Means of Evaluating Metrics System Hardening Windows Defenses OS Security Capabilities
More informationWindows8 Internals, Sixth Edition, Part 1
Microsoft Windows8 Internals, Sixth Edition, Part 1 Mark Russinovich David A. Solomon Alex lonescu Windows Internals, Sixth Edition, Part i Introduction xvii Chapter 1 Concepts and Tools 1 Windows Operating
More informationWindows servers. NT networks
Windows servers The NT security model NT networks Networked NT machines can be: Primary Domain controller Centralizes user database/authentication Backup Domain controller Domain member Non-domain member
More informationSecurity Options... 1
Effective Server Security Options Period: Last 20 week(s) Generated: For: Brian Bartlett bbartlett@ecora.com By: Ecora Auditor Professional 4.5 - Windows Module 4.5.8010.20310 Using: Customized FFR Definition
More informationAbout Microsoft Windows Server 2003
About Microsoft Windows Server 003 Windows Server 003 (WinK3) requires extensive provisioning to meet both industry best practices and regulatory compliance. By default the Windows Server operating system
More informationBelarc Advisor Security Benchmark Summary
Page 1 of 5 The license associated with the Belarc Advisor product allows for free personal use only. Use on multiple computers in a corporate, educational, military or government installation is prohibited.
More informationSECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)
WHITE PAPER SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) INTRODUCTION This document covers the recommended best practices for hardening a Cisco Personal Assistant 1.4(x) server. The term
More informationBMC Performance Manager Windows Security White Paper DCOM / WMI
BMC Performance Manager Windows Security White Paper DCOM / WMI Problem The IT department delivers user IT services to their internal and external customers. The IT department wants to maintain control
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationWindows Advanced Audit Policy Configuration
Windows Advanced Audit Policy Configuration EventTracker v7.x Publication Date: May 6, 2014 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com Abstract This document describes auditing
More informationWindows 7. Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org
Windows 7 Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org 1 Overview 1. Financial Institution s Preliminary Steps 2. User Interface 3. Data Protection 4. User and Group Changes
More informationT21: Microsoft Windows Server and Client Security Donald E. Hester, Maze Associates
T21: Microsoft Windows Server and Client Security Donald E. Hester, Maze Associates Microsoft Windows Server and Client Security Windows 7, Vista and Server 2008 R2 Donald E. Hester CISSP, CISA, CAP, MCT,
More information84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff
84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff This article is designed to provide security administrators with a security checklist for going live with Windows NT.
More informationTable Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10
Table Of Contents - - WINDOWS SERVER 2003 MAINTAINING AND MANAGING ENVIRONMENT...1 WINDOWS SERVER 2003 IMPLEMENTING, MANAGING & MAINTAINING...6 WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS
More informationCIS 551 / TCOM 401 Computer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2007 Lecture 3 1/18/07 CIS/TCOM 551 1 Announcements Email project groups to Jeff (vaughan2 AT seas.upenn.edu) by Jan. 25 Start your projects early!
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationHow to monitor AD security with MOM
How to monitor AD security with MOM A article about monitor Active Directory security with Microsoft Operations Manager 2005 Anders Bengtsson, MCSE http://www.momresources.org November 2006 (1) Table of
More informationDefense Security Service Office of the Designated Approving Authority
Defense Security Service Office of the Designated Approving Authority Baseline Technical Security Configuration of Microsoft Windows 7 and Microsoft Server 2008 R2 Version 1.0 Title Page Document Name:
More informationObjectives. At the end of this chapter students should be able to:
NTFS PERMISSIONS AND SECURITY SETTING.1 Introduction to NTFS Permissions.1.1 File Permissions and Folder Permission.2 Assigning NTFS Permissions and Special Permission.2.1 Planning NTFS Permissions.2.2
More informationADMINISTERING WINDOWS VISTA SECURITY: THE BIG SURPRISES
ADMINISTERING WINDOWS VISTA SECURITY: THE BIG SURPRISES Introduction. Chapter 1 Administering Vista Security: The Little Surprises. Restoring the Administrator. Making Your Own Administrator. Activating
More informationWINDOWS 2000 Training Division, NIC
WINDOWS 2000 Active TE Directory Services WINDOWS 2000 Training Division, NIC Active Directory Stores information about objects on the network and makes this information easy for administrators and users
More informationObjectives I. IY5512 Computer Security. Agenda. Objectives II. Chris Mitchell. Final part of the course covers:
Objectives I IY5512 Computer Security Part 7b: Windows security Chris Mitchell me@chrismitchell.net http://www.chrismitchell.net Final part of the course covers: basic security features of Windows; uses
More information70-685: Enterprise Desktop Support Technician
70-685: Enterprise Desktop Support Technician Course Introduction Course Introduction Chapter 01 - Identifying Cause and Resolving Desktop Application Issues Identifying Cause and Resolving Desktop Application
More informationHow the Active Directory Installation Wizard Works
How the Active Directory Installation Wizard Works - Directory Services: Windows Serv... Page 1 of 18 How the Active Directory Installation Wizard Works In this section Active Directory Installation Wizard
More informationOPERATING. William Stallings
THE WINDOWS OPERATING S YSTEM William Stallings This document is an extract from Operating Systems: Internals and Design Principles, Fifth Edition Prentice Hall, 2005, ISBN 0-13-147954-7 Copyright 2005
More informationWindows 7, Enterprise Desktop Support Technician
Windows 7, Enterprise Desktop Support Technician Course Number: 70-685 Certification Exam This course is preparation for the Microsoft Certified IT Professional (MCITP) Exam, Exam 70-685: Pro: Windows
More informationWindows 2000 Security Architecture. Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation
Windows 2000 Security Architecture Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation Topics Single Sign-on Kerberos v5 integration Active Directory security Delegation of authentication
More informationSymantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark
Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 Domain Controllers Version: 3.0.0 Symantec Enterprise Security Manager Baseline Policy Manual for
More informationBM482E Introduction to Computer Security
BM482E Introduction to Computer Security Lecture 7 Database and Operating System Security Mehmet Demirci 1 Summary of Lecture 6 User Authentication Passwords Password storage Password selection Token-based
More informationHow To Write A Windows Operating System (Windows) (For Linux) (Windows 2) (Programming) (Operating System) (Permanent) (Powerbook) (Unix) (Amd64) (Win2) (X
(Advanced Topics in) Operating Systems Winter Term 2009 / 2010 Jun.-Prof. Dr.-Ing. André Brinkmann brinkman@upb.de Universität Paderborn PC 1 Overview Overview of chapter 3: Case Studies 3.1 Windows Architecture.....3
More informationWindows 7, Enterprise Desktop Support Technician
Course 50331D: Windows 7, Enterprise Desktop Support Technician Page 1 of 11 Windows 7, Enterprise Desktop Support Technician Course 50331D: 4 days; Instructor-Led Introduction This four-day instructor-ledcourse
More informationMicrosoft Windows Internals, Fourth Edition: Microsoft Windows Server 2003, Windows XR and Windows 2000
Microsoft* Microsoft Windows Internals, Fourth Edition: Microsoft Windows Server 2003, Windows XR and Windows 2000 Mark E. Russinovich David A. Solomon Historical Perspective Foreword Acknowledgments Introduction
More informationChapter 15 Windows Operating Systems
Understanding Operating Systems, Fifth Edition 15-1 Chapter 15 Windows Operating Systems At a Glance Instructor s Manual Table of Contents Overview Objectives s Quick Quizzes Class Discussion Topics Additional
More informationWindows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led
Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led
More informationNNT CIS Microsoft Windows Server 2008 R2 Benchmark Level 1 Member Server v2-1-0-2
NNT CIS Microsoft Windows Server 2008 R2 Benchmark Level 1 Member Server v2-1-0-2: NNTDC01 On NNTDC01 - By admin for time period 5/23/2014 8:49:51 AM to 5/23/2014 8:49:51 AM NNT CIS Microsoft Windows Server
More informationMCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
More informationCourse Description. Course Audience. Course Outline. Course Page - Page 1 of 12
Course Page - Page 1 of 12 Windows 7 Enterprise Desktop Support Technician M-50331 Length: 5 days Price: $2,795.00 Course Description This five-day instructor-led course provides students with the knowledge
More informationSecuring Active Directory Presented by Michael Ivy
Securing Active Directory Presented by Michael Ivy Presenter: Michael Ivy Consultant, Rook Security Michael Ivy Thank you for being here today August 20, 2014 Brief Overview Securing NTDS and Replication
More information"Charting the Course... ... to Your Success!" MOC 50331 D Windows 7 Enterprise Desktop Support Technician Course Summary
Description Course Summary This course provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows 7 desktop or laptop computer. It will also help test
More informationILTA HANDS ON Securing Windows 7
Securing Windows 7 8/23/2011 Table of Contents About this lab... 3 About the Laboratory Environment... 4 Lab 1: Restricting Users... 5 Exercise 1. Verify the default rights of users... 5 Exercise 2. Adding
More informationOwner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de
Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Microsoft Forefront TMG Role based Administration Abstract In this article I will show you how
More informationNE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment
NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment Summary Duration Vendor Audience 5 Days Microsoft IT Professionals Published Level Technology 05 October 2005 200 Microsoft
More informationLesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment
Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment (Exam 70-290) Table of Contents Table of Contents... 1 Course Overview... 2 Section 0-1: Introduction... 4
More informationNetworking Best Practices Guide. Version 6.5
Networking Best Practices Guide Version 6.5 Summer 2010 Copyright: 2010, CCH, a Wolters Kluwer business. All rights reserved. Material in this publication may not be reproduced or transmitted in any form
More information70 299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network
70 299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network Course Number: 70 299 Length: 1 Day(s) Course Overview This course is part of the MCSA training.. Prerequisites
More informationGuide to deploy MyUSBOnly via Windows Logon Script Revision 1.1. Menu
Menu INTRODUCTION...2 HOW DO I DEPLOY MYUSBONLY ON ALL OF MY COMPUTERS...3 ADMIN KIT...4 HOW TO SETUP A LOGON SCRIPTS...5 Why would I choose one method over another?...5 Can I use both methods to assign
More informationITKwebcollege.ADMIN-Basics Fundamentals of Microsoft Windows Server
ITKwebcollege.ADMIN-Basics Fundamentals of Microsoft Windows Server Inhalte Teil 01 Network Architecture Standards Network Components and Terminology Network Architecture Network Media Access Control Methods
More informationSecurity Overview for Windows Vista. Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation
Security Overview for Windows Vista Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation Agenda User and group changes Encryption changes Audit changes User rights New and modified
More informationSQL Server Hardening
Considerations, page 1 SQL Server 2008 R2 Security Considerations, page 4 Considerations Top SQL Hardening Considerations Top SQL Hardening considerations: 1 Do not install SQL Server on an Active Directory
More informationWindows" 7 Desktop Support
Windows" 7 Desktop Support and Administration Real World Skills for MCITP Certification and Beyond Darril Gibson WILEY Wiley Publishing, Inc. Contents Introduction xxiii Chapter 1 Planning for the Installation
More informationnitrobit group policy
nitrobit group policy Administrator's Guide 2010 analytiq consulting gmbh. All rights reserved. Page 2 nitrobit group policy Administrator's Guide Content I. Introduction...4 Overview...4 Components of
More informationMCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing Resources
MCSE TestPrep: Windows NT Server 4, Second Edition - CH 3 - Managing Resources Page 1 of 36 [Figures are not included in this sample chapter] MCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing
More informationSetting Up, Managing, and Troubleshooting Security Accounts and Policies
3 Setting Up, Managing, and Troubleshooting Security Accounts and Policies............................................... Terms you ll need to understand: Local user account Local group Complex password
More informationWindows 2000/Active Directory Security
Information Systems Audit & Control Association Windows 2000/Active Directory Security Presented by: Deloitte & Touche Raj Mehta CPA, CITP, CISA, CISSP Denis Tiouttchev CIA, CISA, CISSP August 21, 2003
More informationModule 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed.
CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! 50331 - Windows 7, Enterprise Desktop Support Technician Duration: 5 days About this Course This five-day
More informationManaging and Maintaining a Microsoft Windows Server 2003 Environment
Managing and Maintaining a Microsoft Windows Server 2003 Environment Course 2273: Five days; Blended (classroom/e-learning) Introduction Elements of this syllabus are subject to change. This course combines
More informationManaging Local Administrator Passwords with LAPS 10/14/2015 PENN STATE SECURITY CONFERENCE
Managing Local Administrator Passwords with LAPS 2015 PENN STATE SECURITY CONFERENCE DAN BARR DRB45@PSU.EDU SYSTEMS ADMINISTRATOR, APPLIED RESEARCH LABORATORY The Shared Password Threat Shared passwords
More informationCourseware Samples Complete Training Courses available for FREE preview
Courseware Samples Complete Training Courses available for FREE preview PREVIEW - Cheltenham Computer Training 1998 PLEASE SHOW THIS SAMPLE TO YOUR DEPARTMENT OUR COURSEWARE COULD SAVE THEM A LOT OF TIME
More informationMetalogix SharePoint Backup. Advanced Installation Guide. Publication Date: August 24, 2015
Metalogix SharePoint Backup Publication Date: August 24, 2015 All Rights Reserved. This software is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this
More informationMarkMlnasi Byron Hynes
A ul ^HP &1 ^n* JÜ& MarkMlnasi Byron Hynes i 1 8 O 7,^ j Wiley Publishing, Inc. Mark Minasi U Windows Administrator X. Library Table of Contents Introduction Chapter 1 Administering Vista Security: The
More information1DV416 Windowsadministration I, 7.5hp MODULE 3 ACTIVE DIRECTORY PART 2
1DV416 Windowsadministration I, 7.5hp MODULE 3 ACTIVE DIRECTORY PART 2 2013-12- 10 2013 Jacob Lindehoff 2 Lecture content Today's lecture Active Directory Installation Joining the domain Centralized user
More informationPLANNING AND DESIGNING GROUP POLICY, PART 1
84-02-06 DATA SECURITY MANAGEMENT PLANNING AND DESIGNING GROUP POLICY, PART 1 Melissa Yon INSIDE What Is Group Policy?; Software Settings; Windows Settings; Administrative Templates; Requirements for Group
More informationMicrosoft Baseline Security Analyzer
The (MBSA) checks computers running Microsoft Windows Server 2008 R2 for common security misconfigurations. The following are the scanning options selected for Cisco Unified ICM Real-Time Distributor running
More informationMicrosoft Solutions for Security and Compliance. Windows Server 2003 Security Guide
Microsoft Solutions for Security and Compliance Windows Server 2003 Security Guide 2006 Microsoft Corporation. This work is licensed under the Creative Commons Attribution-Non Commercial License. To view
More informationContents. Supported Platforms. Event Viewer. User Identification Using the Domain Controller Security Log. SonicOS
SonicOS User Identification Using the Domain Controller Security Log Contents Supported Platforms... 1 Event Viewer... 1 Configuring Group Policy to Enable Logon Audit... 2 Events in Security Log... 4
More informationMCSE 2003. Core exams (Networking) One Client OS Exam. Core Exams (6 Exams Required)
MCSE 2003 Microsoft Certified Systems Engineer (MCSE) candidates on the Microsoft Windows Server 2003 track are required to satisfy the following requirements: Core Exams (6 Exams Required) Four networking
More informationWebsense Support Webinar: Questions and Answers
Websense Support Webinar: Questions and Answers Configuring Websense Web Security v7 with Your Directory Service Can updating to Native Mode from Active Directory (AD) Mixed Mode affect transparent user
More informationWindows Internals, Fifth Edition
Windows Internals, Fifth Edition Mark E. Russinovich David A. Solomon with Alex lonescu Foreword xix Acknowledgments " xxi Introduction xxiii 1 Concepts and Tools 1 Windows Operating System Versions 1
More informationDriveLock and Windows 7
Why alone is not enough CenterTools Software GmbH 2011 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
More informationNNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37
NNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37 Compliance Score : 89.81% 370 of 412 rules passed 0 of 412 rules partially passed 42 of 412 rules failed Detailed PCI DSS v3.1 Requirements
More informationWalton Centre. Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure
Page 1 Walton Centre Access and Authentication (network) Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure Page 2 Table of Contents Section
More informationAgency Pre Migration Tasks
Agency Pre Migration Tasks This document is to be provided to the agency and will be reviewed during the Migration Technical Kickoff meeting between the ICS Technical Team and the agency. Network: Required
More informationCSE331: Introduction to Networks and Security. Lecture 34 Fall 2006
CSE331: Introduction to Networks and Security Lecture 34 Fall 2006 Announcements Problem with Crypto.java Look for a new Crypto.java file later today Project 4 is due Dec. 8th at midnight. Homework 3 is
More informationMicrosoft Virtual Labs. Active Directory New User Interface
Microsoft Virtual Labs Active Directory New User Interface 2 Active Directory New User Interface Table of Contents Active Directory New User Interface... 3 Exercise 1 User Management and Saved Queries...4
More information[MS-GPAC]: Group Policy: Audit Configuration Extension
[MS-GPAC]: Group Policy: Audit Configuration Extension Intellectual Property Rights Notice for Open Specifications Documentation Technical Documentation. Microsoft publishes Open Specifications documentation
More informationConfigure and enable remote access for windows operating system
Configure and enable remote access for windows operating system There can be several reasons on why you cannot access a remote computer in your network. In this guide we will focus on troubleshooting the
More informationMicrosoft Auditing Events for Windows 2000/2003 Active Directory. By Ed Ziots Version 1.6 9/20/2005
Microsoft Auditing Events for Windows 2000/2003 Active Directory. By Ed Ziots Version 1.6 9/20/2005 Revision 1.3: Cleaned up resources and added additional detail into each auditing table. Revision 1.4:
More informationThe Institute of Internal Auditors Detroit Chapter Presents
1 The Institute of Internal Auditors Detroit Chapter Presents 1 MOST Suitable for all categories business and personal presentation 3 If You Have Questions If you have questions during the webcast: If
More informationPREPARED BY: AUDIT PROGRAM Author: Lance M. Turcato. APPROVED BY: Logical Security Operating Systems - Generic. Audit Date:
A SYSTEMS UNDERSTANDING A 1.0 Organization Objective: To ensure that the audit team has a clear understanding of the delineation of responsibilities for system administration and maintenance. A 1.1 Determine
More informationCIS 551 / TCOM 401 Computer and Network Security. Spring 2005 Lecture 4
CIS 551 / TCOM 401 Computer and Network Security Spring 2005 Lecture 4 Access Control: The Big Picture Objects - resources being protected E.g. files, devices, etc. Subjects - active entities E.g. processes,
More informationInstallation Notes for Outpost Network Security (ONS) version 3.2
Outpost Network Security Installation Notes version 3.2 Page 1 Installation Notes for Outpost Network Security (ONS) version 3.2 Contents Installation Notes for Outpost Network Security (ONS) version 3.2...
More informationMCSA Security + Certification Program
MCSA Security + Certification Program 12 credit hours 270 hours to complete certifications Tuition: $4500 Information technology positions are high-demand occupations that support virtually all industries.
More informationHardening IIS Servers
8 Hardening IIS Servers Overview This chapter focuses on the guidance and procedures required to harden the IIS servers in your environment. To provide comprehensive security for Web servers and applications
More informationSecuring. Active. Directory. Your. Five Key Lessons to. Chapters. Sponsored by: 1. Perform a Self-Audit
Five Key Lessons to Securing Your Active Directory Chapters Roberta Bragg MCSE, CISSP, Author, Columnist, Speaker, Consultant 1. Perform a Self-Audit 2. Know and Use Security Tools and Techniques 3. Monitor
More informationKepware Technologies Remote OPC DA Quick Start Guide (DCOM)
Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) March, 2013 Ref. 03.10 Kepware Technologies Table of Contents 1. Overview... 1 1.1 What is DCOM?... 1 1.2 What is OPCEnum?... 1 2. Users and
More informationActive Directory. Users & Computers. Group Policies
Active Directory Users & Computers Policies Users & Computers domains domain trusted domains, trusting domains subdomains tree of domains forest of trees s s in Active Directory are directory objects that
More informationEnterprise Reporter Report Library
Enterprise Reporter Overview v2.5.0 This document contains a list of the reports in the Enterprise Reporter. Active Directory Reports Change History Reports Computer Reports File Storage Analysis Reports
More informationAdmin Report Kit for Active Directory
Admin Report Kit for Active Directory Reporting tool for Microsoft Active Directory Enterprise Product Overview Admin Report Kit for Active Directory (ARKAD) is a powerful reporting solution for the Microsoft
More informationNETWRIX IDENTITY MANAGEMENT SUITE
NETWRIX IDENTITY MANAGEMENT SUITE FEATURES AND REQUIREMENTS Product Version: 3.3 February 2013. Legal Notice The information in this publication is furnished for information use only, and does not constitute
More informationQuick Start Guide for Parallels Virtuozzo
PROPALMS VDI Version 2.1 Quick Start Guide for Parallels Virtuozzo Rev. 1.1 Published: JULY-2011 1999-2011 Propalms Ltd. All rights reserved. The information contained in this document represents the current
More informationDefense Security Service Industrial Security Field Operations NISP Authorization Office. Technical Assessment Guide for Windows 7 Operating System
Defense Security Service Industrial Security Field Operations NISP Authorization Office Technical Assessment Guide for Windows 7 Operating System February 2016 Revision Log Date Revision Description of
More information