User Rights vjj 1
|
|
- Charleen Nash
- 7 years ago
- Views:
Transcription
1 User Rights vjj 1
2 User Rights některá oprávnění nelze (snadno) vyjádřit pomocí přístupových práv k objektům user rights vjj 2
3 vjj 3 User Rights User rights fall into two general categories: logon rights and privileges. Logon rights control who is authorized to log on to a computer and how they can log on. Privileges control access to system-wide resources on a computer and can override the permissions that are set on particular objects.
4 vjj 4 Logon Rights control how security principals are allowed access to the computer ano nebo ne allow logging on to the computer deny logging on to the computer. Use a deny logon right as you would use a deny permission to exclude a subset of a group that has been assigned an allow logon right. odkud from the keyboard through a network connection speciální způsob as a service as a batch job
5 privilegia privilege assignment prostřednictvím Group Policy Ntrights.exe from command prompt (W2K3 Resource Kit) protože v existujícím Security Tokenu nelze provádět zásadní změny, projeví se změna v přidělených privilegiích až po novém přilogování přidělená privilegia nebývají rovnou i aktivní - před použitím je nutné je explicitně aktivovat vjj 5
6 vjj 6 aktivace privilegia Win32 API HANDLE htok = 0; TOKEN_PRIVILEGES tp, tpold; tp.privilegecount = 1; tp.privileges[0].attributes = SE_PRIVILEGE_ENABLED; DWORD cb = sizeof tp; OpenProcessToken( GetCurrentProcess( ), TOKEN_QUERY TOKEN_ADJUST_PRIVILEGES, &htok ); LookupPrivilegeValue( 0, SE_BACKUP_NAME, &tp.privileges[0].luid ); LUID (locally unique identifier) A 64-bit value that is guaranteed to be unique on the operating system that generated it until the system is restarted. AdjustTokenPrivileges( htok, FALSE, &tp, cb, &tpold, &cb );
7 aktivace privilegia.net API funkce OpenProcessToken GetCurrentProcess LookupPrivilegeValueW AdjustTokenPrivileges dvě možnosti: prostřednictvím P/Invoke volat všechny funkce z.netu komplikované předávání parametrů nekompatibilních s.netem vlastní obalující C++ funkce (v DLL) volaná prostřednictvím P/Invoke z.netu vjj 7
8 vjj 8 myadjusttokenprivileges (C++) BOOL WINAPI myadjusttokenprivilege ( LPCWSTR lpprivilegename, BOOL benable) { TOKEN_PRIVILEGES Privileges; HANDLE htoken; BOOL bresult; OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &htoken) Privileges.PrivilegeCount = 1; Privileges.Privileges[0].Attributes = (benable)? SE_PRIVILEGE_ENABLED : 0;
9 myadjusttokenprivileges (C++) LookupPrivilegeValueW( NULL, lpprivilegename, &Privileges.Privileges[0].Luid ) bresult = AdjustTokenPrivileges ( htoken, FALSE, &Privileges, 0, NULL, NULL ); CloseHandle( htoken ); return TRUE; } vjj 9
10 vjj 10 P/Invoke: API ->.NET (C#) [DllImport ( "myapi.dll", CharSet = CharSet.Auto, EntryPoint = "myadjusttokenprivilege", ExactSpelling = false, BestFitMapping = true, CallingConvention = CallingConvention.Winapi )] public static extern System.Boolean myadjusttokenprivilege ( string lpprivilegename, System.Boolean benable );
11 vjj 11 aktivace privilegia TCB (C#) myadjusttokenprivilege ( (string) "SeTcbPrivilege", (bool) true ) ;
12 nepřehledný přehled vjj 12
13 Access this computer from the network Allow logon through Terminal Services Log on as a batch job Log on locally SeNetworkLogonRig ht SeRemoteInteractive LogonRight SeBatchLogonRight SeInteractiveLogonR ight Allows a user to connect to the computer from the network Allows a user to log on to the computer by using a Remote Desktop connection Allows a user to log on by using a batchqueue facility such as the Task Scheduler service Allows a user to start an interactive session on the computer Log on as a service SeServiceLogonRight Allows a security principal to log on as a service. Services can be configured to run under the Local System, Local Service, or Network Service accounts, which have a built-in Administrators Power Users Users Everyone Backup Operators Administrators Remote Desktop Users Administrator System Support_xxxxxxxx Administrators Power Users Users, Guest Backup Operators Network Service When an administrator uses t task to run under a particular automatically assigned the "L scheduled time arrives, the Ta batch job rather than as an in security context. The Support Remote Assistance. Users who do not have this rig the computer if they have the vjj 13
14 Privileges Table B.2 Privileges Privilege Description Act as part of the operating system (SeTcbPrivilege) Allows a process to assume the identity of any user and thus gain access to the resources that the user is authorized to access. Typically, only low-level authentication services require this privilege. Default setting: Not assigned. Note that potential access is not limited to what is associated with the user by default; the calling process might request that arbitrary additional privileges be added to the access token. The calling process might also build an access token that does not provide a primary identity for tracking events in the audit log. When a service requires this privilege, configure the service to log on using the Local System account, which has the privilege inherently. Do not create a separate account and assign the privilege to it. Add workstations to domain (SeMachineAccountPrivilege) Allows the user to add a computer to a specific domain. For the privilege to take effect, it must be assigned to the user as part of the Default Domain Controllers Policy for the domain. A user who has this privilege can add up to 10 workstations to the domain. Default setting: Not assigned. Users can also join a computer to a domain if they have Create Computer Objects permission for an organizational unit or for the Computers container in Active Directory. Users who have this permission can add an unlimited number of computers to the domain regardless of whether they have been assigned the "Add workstations to a domain" privilege. Adjust memory quotas for a process (SeIncreaseQuotaPrivilege) Allows a process that has access to a second process to increase the processor quota assigned to the second process. This privilege is useful for system tuning, but it can be abused. In the wrong hands, it could be used to launch a denial-of-service attack. Default setting: Administrators, Local Service, and Network Service. Back up files and directories (SeBackupPrivilege) Allows the user to circumvent file and directory permissions to back up the system. The privilege is selected only when an application attempts access by using the NTFS backup application programming interface (API). Otherwise, normal file and directory permissions apply. Default setting: Administrators and Backup Operators See also "Restore files and directories" in this table. vjj 14
15 vjj 15 standard privilegies Friendly Name Programmatic Name Admin System Act as part of the operating system SE_TCB_NAME S Add workstations to domain SE_MACHINE_ACCOUNT_NAME Back up files and directories SE_BACKUP_NAME A S Bypass traverse checking SE_CHANGE_NOTIFY_NAME U S Change the system time SE_SYSTEMTIME_NAME A S Create a page file SE_CREATE_PAGEFILE_NAME A S Create a token object SE_CREATE_TOKEN_NAME S Create permanent shared object SE_CREATE_PERMANENT_NAME S Debug programs SE_DEBUG_NAME A S Enable computer and user account to be trusted for delegation SE_ENABLE_DELEGATION_NAME Force shutdown from a remote system SE_REMOTE_SHUTDOWN_NAME A Generate security audits SE_AUDIT_NAME S
16 vjj 16 Friendly Name Programmatic Name Admin System Increase quotas SE_INCREASE_QUOTA_NAME A o Increase scheduling priority SE_INC_BASE_PRIORITY_NAME o o Load and unload device drivers SE_LOAD_DRIVER_NAME o o Lock pages in memory SE_LOCK_MEMORY_NAME o Manage auditing and security log SE_SECURITY_NAME o o Modify firmware environment values SE_SYSTEM_ENVIRONMENT_NAME o o Profile single process SE_PROF_SINGLE_PROCESS_NAME o o Profile system performance SE_SYSTEM_PROFILE_NAME o Remove computer from docking station SE_UNDOCK_NAME U o Replace a process-level token SE_ASSIGNPRIMARYTOKEN_NAME o Restore files and directories SE_RESTORE_NAME o o Shut down the system SE_SHUTDOWN_NAME U o Synchronize directory service data SE_SYNC_AGENT_NAME Take ownership of files or other objects SE_TAKE_OWNERSHIP_NAME o o
17 vjj 17 user run as admin SeBackupPrivilege SeChangeNotifyPrivilege SeChangeNotifyPrivilege SeCreateGlobalPrivilege SeCreatePagefilePrivilege SeCreateSymbolicLinkPrivilege SeDebugPrivilege SeImpersonatePrivilege SeIncreaseBasePriorityPivilege SeIncreaseQuotaPrivilege SeIncreaseWorkingSetPrivilege SeIncreaseWorkingSetPrivilege SeLoadDrivePrivilege SeManageVolumePrivilege
18 vjj 18 user run as admin SeProfileSingleProcessPrivilege SeRemoteShutdownPrivilege SeRestorePrivilege SeSecurityPrivilege SeShutdownPrivilege SeShutdownPrivilege SeSystemEnvironmentPrivilege SeSystemProfilePrivilege SeSystemTimePrivilege SeTakeOwnershipPrivilege SeTimeZonePrivilege SeTimeZonePrivilege SeUndockPrivilege SeUndockPrivilege
19 vjj 19 Bypass traverse checking This user right determines which users can traverse directory trees even though the user may not have permissions on the traversed directory. This privilege does not allow the user to list the contents of a directory, only to traverse directories On workstations and servers: Administrators Backup Operators Power Users Users Everyone On domain controllers: Administrators Authenticated Users
20 SeEnableDelegationPrivilege dovoluje nastavit v Active Directory pro počítače vlastnost Trusted for Delegation. ta dovoluje zastupovat uživatele i při komunikaci s dalšími servery vjj 20
21 vjj 21 Act as part of the operating system SeTcbPrivilege (Tcb = Trusted Computing Base) Allows a process to perform as a secure, trusted part of the operating system This user right allows a process to impersonate any user without authentication Some subsystems are granted this right required to call LogonUser SeImpersonatePrivilege Assigning this privilege to a user allows programs running on behalf of that user to impersonate a client. Requiring this user right for this kind of impersonation prevents an unauthorized user from convincing a client to connect (for example, by remote procedure call (RPC) or named pipes) to a service that they have created and then impersonating that client, which can elevate the unauthorized user's permissions to administrative or system levels
22 Act as part of the operating system This privilege allows a process to authenticate as, and therefore gain access to the same resources as any user, by calling the LogonUser APIs to create an access token. Only low-level authentication services should require this privilege. The potential access is not limited to what is associated with the user by default, because the calling process may request that arbitrary additional accesses be put in the access token. Of even more concern is that the calling process can build an anonymous token that can provide any and all accesses. Additionally, this token does not provide a primary identity for tracking events in the audit log. It is recommended that processes requiring this privilege are run using the LocalSystem account, which already includes this privilege. This is preferable to using a separate user account with this privilege specially assigned. Because running as LocalSystem makes use of this privilege unnecessary, this privilege might be made obsolete in a future version of Windows vjj 22
23 Trusted Computing Base Federal Standard 1037C, Telecommunications, Glossary of Terms totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination of which is responsible for enforcing a security policy. Note: The ability of a trusted computing base to enforce correctly a unified security policy depends on the correctness of the mechanisms within the trusted computing base, the protection of those mechanisms to ensure their correctness, and the correct input of parameters related to the security policy vjj 23
24 TCB Trusted Computing Base Group Policy : (Start Control Panel Administrative Tools Group Policy Management Local Security Policy) Windows Security Settings Local Policies User Rights Assignment Act as part of the operating system vjj 24
Exam Ref 70-414 Implementing an Advanced Server Infrastructure. Steve Suehring
Exam Ref 70-414 Implementing an Advanced Server Infrastructure Steve Suehring PUBLISHED BY Microsoft Press A Division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright
More informationSIEMENS. Sven Lehmberg. ZT IK 3, Siemens CERT. Siemens AG 2000 Siemens CERT Team / 1
Sven Lehmberg / 1 Agenda Event Viewer and User Manager Analyzing Audit Logs Tools / 2 Auditing Step by Step Two important programs in NT 4.0 Event Viewer and User Manager User Manager for Domains / 3 /
More informationWindows Server 2008/2012 Server Hardening
Account Policies Enforce password history 24 Maximum Password Age - 42 days Minimum Password Age 2 days Minimum password length - 8 characters Password Complexity - Enable Store Password using Reversible
More informationMicrosoft Auditing Events for Windows 2000/2003 Active Directory. By Ed Ziots Version 1.6 9/20/2005
Microsoft Auditing Events for Windows 2000/2003 Active Directory. By Ed Ziots Version 1.6 9/20/2005 Revision 1.3: Cleaned up resources and added additional detail into each auditing table. Revision 1.4:
More informationSymantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark
Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 Domain Controllers Version: 3.0.0 Symantec Enterprise Security Manager Baseline Policy Manual for
More informationBrowsing the Web and Reading E-mail Safely as an Administrator
1 of 7 12/11/2008 9:14 AM 2008 Microsoft Corporation. All rights reserved. Code Secure Browsing the Web and Reading E-mail Safely as an Administrator Michael Howard Microsoft Security Engineering November
More informationAbout Microsoft Windows Server 2003
About Microsoft Windows Server 003 Windows Server 003 (WinK3) requires extensive provisioning to meet both industry best practices and regulatory compliance. By default the Windows Server operating system
More informationManaging and Securing Windows Service Accounts. Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation
Managing and Securing Windows Service Accounts Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation Agenda The basics Best practices Accounts and privileges Tools Why This is Important
More informationObjectives. At the end of this chapter students should be able to:
NTFS PERMISSIONS AND SECURITY SETTING.1 Introduction to NTFS Permissions.1.1 File Permissions and Folder Permission.2 Assigning NTFS Permissions and Special Permission.2.1 Planning NTFS Permissions.2.2
More informationPATCHING WINDOWS SERVER 2012 DOMAIN CONTROLLERS. Prepared By: Sainath K.E.V MVP Directory Services
PATCHING WINDOWS SERVER 2012 DOMAIN CONTROLLERS Prepared By: Sainath K.E.V MVP Directory Services TABLE OF CONTENTS 1 Introduction:... 3 2 Patch management process... 4 3 Patching active directory domain
More informationMicrosoft Windows NT. Securing Windows NT Installation. October 23, 1997. Microsoft Corporation. Contents. Abstract
Microsoft Windows NT Securing Windows NT Installation October 23, 1997 Microsoft Corporation Contents Abstract Establishing Computer Security Levels of Security Off-the-Shelf vs. Custom Software Minimal
More informationSymantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Windows Server 2008 (Domain Member Servers and Domain Controllers)
Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 (Domain Member Servers and Domain Controllers) Symantec Enterprise Security Manager Baseline Policy
More information84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff
84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff This article is designed to provide security administrators with a security checklist for going live with Windows NT.
More informationManaging and Maintaining a Windows Server 2003 Network Environment
Managing and maintaining a Windows Server 2003 Network Environment. AIM This course provides students with knowledge and skills needed to Manage and Maintain a Windows Server 2003 Network Environment.
More informationBelarc Advisor Security Benchmark Summary
Page 1 of 5 The license associated with the Belarc Advisor product allows for free personal use only. Use on multiple computers in a corporate, educational, military or government installation is prohibited.
More informationActive Directory. Users & Computers. Group Policies
Active Directory Users & Computers Policies Users & Computers domains domain trusted domains, trusting domains subdomains tree of domains forest of trees s s in Active Directory are directory objects that
More informationWeb. Security Options Comparison
Web 3 Security Options Comparison Windows Server 2003 provides a number of Security Options that can be applied within the scope of managing a GPO. Most are the same as those available in Windows 2000.
More informationSecurity. Ausgewählte Betriebssysteme Institut Betriebssysteme Fakultät Informatik. Copyright 2001-2004 Hermann Härtig, Ronald Aigner
Ausgewählte Betriebssysteme Institut Betriebssysteme Fakultät Informatik Outline Ratings System Components Logon Object (File) Access Impersonation Auditing 2 Ratings National Computer Center (NCSC) part
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationDesktop Web Access Single Sign-On Configuration Guide
Waypoint Global Suite Single Sign-On relies on establishing a relationship between a Windows network user identity and a Suite user (Windows Authentication). This is accomplished by assigning to each of
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 24 Windows and Windows Vista Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Windows and Windows Vista Security
More informationWindows security for n00bs part 1 Security architecture & Access Control
Grenoble INP Ensimag _ (in)security we trust _!! SecurIMAG 2011-05-12 Windows security for n00bs part 1 Security architecture & Access Control Description: whether you are in favor or against it, the Windows
More informationDefense Security Service Office of the Designated Approving Authority
Defense Security Service Office of the Designated Approving Authority Baseline Technical Security Configuration of Microsoft Windows 7 and Microsoft Server 2008 R2 Version 1.0 Title Page Document Name:
More informationPREPARED BY: AUDIT PROGRAM Author: Lance M. Turcato. APPROVED BY: Logical Security Operating Systems - Generic. Audit Date:
A SYSTEMS UNDERSTANDING A 1.0 Organization Objective: To ensure that the audit team has a clear understanding of the delineation of responsibilities for system administration and maintenance. A 1.1 Determine
More informationThe following list outlines the key components of the management infrastructure in Windows 95:
1 C H A P T E R 1 0 Systems Management Windows 95 is the first version of Windows expressly designed for manageability. The design ensures that management of the Windows 95 PC is accessible both locally
More informationExhIBIT 1 User Manager and Users Group
51-30-26 DATA COMMUNICATIONS MANAGEMENT SECURITY IN A WINDOWS NT ENVIRONMENT Gilbert Held INSIDE The User Manager, Creating a User Account, Comparing NT and NetWare Groups, Assigning Users to Groups, Working
More informationWindows Server 2008 Security Resource Kit
Windows Server 2008 Security Resource Kit Jesper M. Johansson and MVPs with the Microsoft Security Team To learn more about this book, visit Microsoft Learning at http://www.microsoft.com/mspress/books/11841.aspx
More informationMCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
More informationWalton Centre. Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure
Page 1 Walton Centre Access and Authentication (network) Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure Page 2 Table of Contents Section
More informationWHITE PAPER. Best Practices for Configuring PATROL for Microsoft Exchange Servers
WHITE PAPER Best Practices for Configuring PATROL for Microsoft Exchange Servers Contents INTRODUCTION..................................................... 3 PATROL SECURITY....................................................
More informationNETWRIX PASSWORD MANAGER
NETWRIX PASSWORD MANAGER ADMINISTRATOR S GUIDE Product Version: 6.1 February/2012 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment
More informationZENworks 11 Support Pack 4 Full Disk Encryption Agent Reference. May 2016
ZENworks 11 Support Pack 4 Full Disk Encryption Agent Reference May 2016 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government
More informationSOLAARsecurity. Administrator Software Manual. 010508 Issue 2
SOLAARsecurity Administrator Software Manual 9499 400 40011 010508 Issue 2 2008. All rights reserved. SOLAAR House, 19 Mercers Row, Cambridge CB5 8BZ.United Kingdom. Telephone +44 (0) 1223 347400, Fax
More informationSQL Server Hardening
Considerations, page 1 SQL Server 2008 R2 Security Considerations, page 4 Considerations Top SQL Hardening Considerations Top SQL Hardening considerations: 1 Do not install SQL Server on an Active Directory
More informationMCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing Resources
MCSE TestPrep: Windows NT Server 4, Second Edition - CH 3 - Managing Resources Page 1 of 36 [Figures are not included in this sample chapter] MCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing
More informationSecurity Options... 1
Effective Server Security Options Period: Last 20 week(s) Generated: For: Brian Bartlett bbartlett@ecora.com By: Ecora Auditor Professional 4.5 - Windows Module 4.5.8010.20310 Using: Customized FFR Definition
More informationNETWRIX IDENTITY MANAGEMENT SUITE
NETWRIX IDENTITY MANAGEMENT SUITE FEATURES AND REQUIREMENTS Product Version: 3.3 February 2013. Legal Notice The information in this publication is furnished for information use only, and does not constitute
More informationrev. 31 (applies to CyBro OPC Server v3.0.4 and later)
CyBro OPC Server User Manual rev. 31 (applies to CyBro OPC Server v3.0.4 and later) 2003-2013 Cybrotech Ltd www.cybrotech.co.uk Index Index... 1 General... 2 Installation... 2 Activation code... 2 Configuration...
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationDC Agent Troubleshooting
DC Agent Troubleshooting Topic 50320 DC Agent Troubleshooting Web Security Solutions v7.7.x, 7.8.x 27-Mar-2013 This collection includes the following articles to help you troubleshoot DC Agent installation
More informationDefense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations
Defense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations March 2009 Version 2.2 This page intentionally left blank. 2 1. Introduction...4
More informationPaul McFedries. Home Server 2011 LEASHE. Third Edition. 800 East 96th Street, Indianapolis, Indiana 46240 USA
Paul McFedries Microsoft Windows9 Home Server 2011 LEASHE Third Edition 800 East 96th Street, Indianapolis, Indiana 46240 USA Table of Contents Introduction 1 Part I Unleashing Windows Home Server Configuration
More informationSB34: Event Logs Don t Lie: Step-by-Step Security. Rick Simonds, Sage Data Security
SB34: Event Logs Don t Lie: Step-by-Step Security Rick Simonds, Sage Data Security AGENDA 1. Learn best practices for event and audit log review. 2. Learn which devices to track and monitor. 3. Learn how
More informationPcounter Web Report 3.x Installation Guide - v2014-11-30. Pcounter Web Report Installation Guide Version 3.4
Pcounter Web Report 3.x Installation Guide - v2014-11-30 Pcounter Web Report Installation Guide Version 3.4 Table of Contents Table of Contents... 2 Installation Overview... 3 Installation Prerequisites
More informationTable Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10
Table Of Contents - - WINDOWS SERVER 2003 MAINTAINING AND MANAGING ENVIRONMENT...1 WINDOWS SERVER 2003 IMPLEMENTING, MANAGING & MAINTAINING...6 WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS
More informationLocal Accounts and Privileges in Likewise Storage Server Rafal Szczesniak EMC Isilon
Local Accounts and Privileges in Likewise Storage Server Rafal Szczesniak EMC Isilon Introduction to LSASS Likewise Security and Authentication Subsystem Service Identity mapping Name SID/UID/GID Authentication
More informationNETWORK ADMINISTRATION USING MICROSOFT (310) REGIONAL 2014
Page 1 of 17 Contestant Number: Time: Rank: NETWORK ADMINISTRATION USING MICROSOFT (310) REGIONAL 2014 TOTAL POINTS (500) Failure to adhere to any of the following rules will result in disqualification:
More informationInventoryControl for use with QuoteWerks Quick Start Guide
InventoryControl for use with QuoteWerks Quick Start Guide Copyright 2013 Wasp Barcode Technologies 1400 10 th St. Plano, TX 75074 All Rights Reserved STATEMENTS IN THIS DOCUMENT REGARDING THIRD PARTY
More informationMicrosoft Solutions for Security and Compliance. Windows Server 2003 Security Guide
Microsoft Solutions for Security and Compliance Windows Server 2003 Security Guide 2006 Microsoft Corporation. This work is licensed under the Creative Commons Attribution-Non Commercial License. To view
More informationWindows 2000/Active Directory Security
Information Systems Audit & Control Association Windows 2000/Active Directory Security Presented by: Deloitte & Touche Raj Mehta CPA, CITP, CISA, CISSP Denis Tiouttchev CIA, CISA, CISSP August 21, 2003
More informationExam: 070-215 QUESTION 1 QUESTION 2 QUESTION 3 QUESTION 4
Exam: 070-215 QUESTION 1 You want to provide complete redundancy for all data stored on your hardware RAID-5 disk array. You install a second hardware RAID-5 disk array. You want to create a mirror of
More informationBlackShield ID Agent for Terminal Services Web and Remote Desktop Web
Agent for Terminal Services Web and Remote Desktop Web 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication
More informationInstallation Notes for Outpost Network Security (ONS) version 3.2
Outpost Network Security Installation Notes version 3.2 Page 1 Installation Notes for Outpost Network Security (ONS) version 3.2 Contents Installation Notes for Outpost Network Security (ONS) version 3.2...
More informationUserLock advanced documentation
UserLock advanced documentation 1. Agent deployment with msi package or with the UserLock deployment module The UserLock deployment module doesn t deploy the msi package. It just transfers the agent file
More informationImportant Windows Files Folders and Tools Author: Jialong He Jialong_he@bigfoot.com http://www.bigfoot.com/~jialong_he
Important Windows Files Folders and Tools Author: Jialong He Jialong_he@bigfoot.com http://www.bigfoot.com/~jialong_he Time Synchronization Time Service On Window NT4, use TimeServ from Windows NT Server
More informationWindows Server 2012 Directory Partition Containers- A Walk Through
Windows Server 2012 Directory Partition Containers- A Walk Through Introduction: Active Directory Users and Computers form a centralized management console to manage User objects, computer objects, Groups,
More informationSoonr Workplace Enterprise Plan Overview
This document is an overview of the features that are included in the Soonr Workplace Enterprise Plan. The Enterprise Plan is designed for the specific needs of IT departments in larger companies where
More informationMetalogix SharePoint Backup. Advanced Installation Guide. Publication Date: August 24, 2015
Metalogix SharePoint Backup Publication Date: August 24, 2015 All Rights Reserved. This software is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this
More informationSecurity and Rights Delegations for the Password Reset PRO Master Service Applies to software versions 2.x.x and 3.x.x
Security and Rights Delegations for the Password Reset PRO Master Service Applies to software versions 2.x.x and 3.x.x Password Reset PRO Master Service Delegated rights required for running the Password
More informationContents. Supported Platforms. Event Viewer. User Identification Using the Domain Controller Security Log. SonicOS
SonicOS User Identification Using the Domain Controller Security Log Contents Supported Platforms... 1 Event Viewer... 1 Configuring Group Policy to Enable Logon Audit... 2 Events in Security Log... 4
More informationWorkflow Templates Library
Workflow s Library Table of Contents Intro... 2 Active Directory... 3 Application... 5 Cisco... 7 Database... 8 Excel Automation... 9 Files and Folders... 10 FTP Tasks... 13 Incident Management... 14 Security
More informationWindows IIS Server hardening checklist
General Windows IIS Server hardening checklist By Michael Cobb Do not connect an IIS Server to the Internet until it is fully hardened. Place the server in a physically secure location. Do not install
More informationRemote Administration
Windows Remote Desktop, page 1 pcanywhere, page 3 VNC, page 7 Windows Remote Desktop Remote Desktop permits users to remotely execute applications on Windows Server 2008 R2 from a range of devices over
More informationFull Disk Encryption Agent Reference
www.novell.com/documentation Full Disk Encryption Agent Reference ZENworks 11 Support Pack 3 May 2014 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or
More informationFull disk encryption with Sophos Safeguard Enterprise With Two-Factor authentication of Users Using SecurAccess by SecurEnvoy
Full disk encryption with Sophos Safeguard Enterprise With Two-Factor authentication of Users Using SecurAccess by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 1210 Parkview
More information1. Installation Overview
Quick Install Guide 1. Installation Overview Thank you for selecting Bitdefender Business Solutions to protect your business. This document enables you to quickly get started with the installation of Bitdefender
More informationAPPENDIX I Basic Windows NT Server 4.0 Installation and Configuration
Basic Windows NT Server 4.0 Installation and Configuration Windows NT 4.0 (English version) Installation The first step of the installation is to install the English Windows NT Server 4.0 to the file server
More informationSECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)
WHITE PAPER SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) INTRODUCTION This document covers the recommended best practices for hardening a Cisco Personal Assistant 1.4(x) server. The term
More informationDCOM settings for computer-to-computer communication between OPC servers and OPC clients
DCOM settings for computer-to-computer communication between OPC servers and OPC clients 1. Introduction Under OPC DA, the "dcomcnfg" service program is used for computer-to-computer communication between
More informationanshoku@yahoo.com or Contact address on web site Contact Information http://usuarios.arnet.com.ar/fliamarconato/pages/edeepunfreezer.
Deep Freeze Unfreezer Security Notice Deep Freeze Unfreezer effectively bypasses Deep Freeze security whether booting from a floppy drive or CD-ROM drive is permitted or not. The CMOS can be configured
More informationGuide to deploy MyUSBOnly via Windows Logon Script Revision 1.1. Menu
Menu INTRODUCTION...2 HOW DO I DEPLOY MYUSBONLY ON ALL OF MY COMPUTERS...3 ADMIN KIT...4 HOW TO SETUP A LOGON SCRIPTS...5 Why would I choose one method over another?...5 Can I use both methods to assign
More informationMicrosoft" Windows8 Home Server
Paul MeFedries Microsoft" Windows8 Home Server I UNLEASHED Second Edition 800 East 96th Street, Indianapolis, Indiana 46240 USA Table of Contents Introduction 1 Part I Unleashing Windows Home Server Configuration
More informationUsing DC Agent for Transparent User Identification
Using DC Agent for Transparent User Identification Using DC Agent Web Security Solutions v7.7, 7.8 If your organization uses Microsoft Windows Active Directory, you can use Websense DC Agent to identify
More informationCERT-In Indian Computer Emergency Response Team Enhancing Cyber Security in India
CERT-In Indian Computer Emergency Response Team Enhancing Cyber Security in India Securing IIS 6.0 Web Server Department of Information Technology Ministry of Communications and Information Technology
More informationUsing RADIUS Agent for Transparent User Identification
Using RADIUS Agent for Transparent User Identification Using RADIUS Agent Web Security Solutions Version 7.7, 7.8 Websense RADIUS Agent works together with the RADIUS server and RADIUS clients in your
More informationAras Innovator Authentication Setup
Aras Innovator Authentication Setup Aras Innovator 9.1 Document #: 9.1.009032008 Last Modified: 3/12/2009 Copyright 2009 Aras Corporation ARAS CORPORATION Copyright 2009 All rights reserved Aras Corporation
More informationMicrosoft Baseline Security Analyzer
The (MBSA) checks computers running Microsoft Windows Server 2008 R2 for common security misconfigurations. The following are the scanning options selected for Cisco Unified ICM Real-Time Distributor running
More informationAdagio and Terminal Services
This document will describe some best practices to follow when installing Modules in a Terminal Server Environment. First, let s look at a Basic Network configuration as shown in Diagram 1: Basic Network
More informationProficyTM. HMI/SCADA - ifix I MPLEMENTING S ECURITY
ProficyTM HMI/SCADA - ifix I MPLEMENTING S ECURITY Version 4.0 December 2005 All rights reserved. No part of this publication may be reproduced in any form or by any electronic or mechanical means, including
More informationAdvanced Diploma In Hardware, Networking & Server Configuration
Advanced Diploma In Hardware, Networking & Server Configuration Who should do this course? This course is meant for those persons who have a dream of getting job based on Computer Hardware, Networking
More informationWindows clustering glossary
Windows clustering glossary To configure the Microsoft Cluster Service with Windows 2000 Advanced Server, you need to have a solid grounding in the various terms that are used with the Cluster Service.
More informationInstallation Overview
Contents Installation Overview... 2 How to Install Ad-Aware Management Server... 3 How to Deploy the Ad-Aware Security Solutions... 5 General Deployment Conditions... 5 Deploying Ad-Aware Management Agent...
More informationNetIQ Advanced Authentication Framework - Administrative Tools. Installation Guide. Version 5.1.0
NetIQ Advanced Authentication Framework - Administrative Tools Installation Guide Version 5.1.0 Table of Contents 1 Table of Contents 2 Introduction 3 About This Document 3 NetIQ Advanced Authentication
More informationILTA HANDS ON Securing Windows 7
Securing Windows 7 8/23/2011 Table of Contents About this lab... 3 About the Laboratory Environment... 4 Lab 1: Restricting Users... 5 Exercise 1. Verify the default rights of users... 5 Exercise 2. Adding
More informationGE Measurement & Control. Cyber Security for NEI 08-09
GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4
More informationMICROSOFT 70-687 EXAM QUESTIONS & ANSWERS
MICROSOFT 70-687 EXAM QUESTIONS & ANSWERS Number: 70-687 Passing Score: 700 Time Limit: 120 min File Version: 58.0 http://www.gratisexam.com/ MICROSOFT 70-687 EXAM QUESTIONS & ANSWERS Exam Name: Configuring
More informationLesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment
Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment (Exam 70-290) Table of Contents Table of Contents... 1 Course Overview... 2 Section 0-1: Introduction... 4
More informationCS WinOMS Practice Management Software Server Migration Help Guide
CS WinOMS Practice Management Software Server Migration Help Guide Checklist Prior to Beginning a Server Migration: A. The CS WinOMS install disk. Install files can be downloaded to server via FTP, contact
More informationNetIQ Advanced Authentication Framework - Client. User's Guide. Version 5.1.0
NetIQ Advanced Authentication Framework - Client User's Guide Version 5.1.0 Table of Contents 1 Table of Contents 2 Introduction 4 About This Document 4 NetIQ Advanced Authentication Framework Overview
More informationQUANTIFY INSTALLATION GUIDE
QUANTIFY INSTALLATION GUIDE Thank you for putting your trust in Avontus! This guide reviews the process of installing Quantify software. For Quantify system requirement information, please refer to the
More informationDeploying BitDefender Client Security and BitDefender Windows Server Solutions
Deploying BitDefender Client Security and BitDefender Windows Server Solutions Quick Install Guide Copyright 2011 BitDefender 1. Installation Overview Thank you for selecting BitDefender Business Solutions
More informationMCTS Guide to Microsoft Windows 7. Chapter 13 Enterprise Computing
MCTS Guide to Microsoft Windows 7 Chapter 13 Enterprise Computing Objectives Understand Active Directory Use Group Policy to control Windows 7 Control device installation with Group Policy settings Plan
More informationOPC Server Machine Configuration
OPC Server Machine Configuration General Information For remote OPC Server operation, server must be running under Windows XP Pro, Windows Server 2003, Windows Vista (Business & Ultimate), Windows 7 (Professional
More informationDIGILIANT Windows Storage Server 2012
DIGILIANT Windows Storage Server 2012 User s Guide Copyright 2012 Digiliant, LLC. All Rights Reserved. This User s Guide is provided AS IS and Digiliant, LLC makes no warranty as to its accuracies or use.
More informationTroubleshooting CallManager Problems with Windows NT and Internet Information Server (IIS)
Troubleshooting CallManager s with Windows NT and Internet Information Server (IIS) Document ID: 13973 Contents Introduction Prerequisites Requirements Components Used Conventions CallManager Administration
More informationNetWrix USB Blocker Version 3.6 Quick Start Guide
NetWrix USB Blocker Version 3.6 Quick Start Guide Table of Contents 1. Introduction...3 1.1. What is NetWrix USB Blocker?...3 1.2. Product Architecture...3 2. Licensing...4 3. Getting Started...5 3.1.
More informationBest Practices and Vulnerabilities for
for Privileged Accounts NAVIGATION IN THE MEETING ROOM Poll Enlarge Screen Q & A Closed Captioning below Notes & Announcements File Share Overview Define Privilege Account Identify Common Types of Privileged
More informationVERITAS Backup Exec TM 10.0 for Windows Servers
VERITAS Backup Exec TM 10.0 for Windows Servers Quick Installation Guide N134418 July 2004 Disclaimer The information contained in this publication is subject to change without notice. VERITAS Software
More informationKepware Technologies Remote OPC DA Quick Start Guide (DCOM)
Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) March, 2013 Ref. 03.10 Kepware Technologies Table of Contents 1. Overview... 1 1.1 What is DCOM?... 1 1.2 What is OPCEnum?... 1 2. Users and
More informationOnline Backup - Installation and Setup
The following guide will assist you in installing the Attix5 Backup Professional Server Edition on your Admin Server. You will have received your Group Name and Group Create Key from the Schools Broadband
More information