About Microsoft Windows Server 2003
|
|
- Rolf Hopkins
- 8 years ago
- Views:
Transcription
1 About Microsoft Windows Server 003 Windows Server 003 (WinK3) requires extensive provisioning to meet both industry best practices and regulatory compliance. By default the Windows Server operating system allows various methods of anonymous and unaudited access, which must be corrected in order to properly secure the system and ensure least privilege. The vast majority of the settings listed below can be adjusted in the Local System Security Settings (secpol.msc), or for Domain Controllers, in the Group Policy Settings (gpedit.msc). Additional configurations can be adjusted inside the Registry Editor (regedit.exe).as one of the most widely used server operating systems throughout the world, this checklist is an absolute necessity for ensuring the security of these devices and all other system resources for which they interact with.
2 Sorting Criteria Defined The provisioning and hardening checklist provided below is organized to present security controls in a descending format, with more critical vulnerabilities being addressed first. Each item will be given a severity code derived from the applicable information, while a security control will first be assigned a code based on the area of information security to which it pertains, followed by the severity of the vulnerability addressed. For example: (General/Severity ) indicates a security control which is of the General category, with the highest possible severity. Following the assigned severity code, will be a detailed description of how the control must be implemented to address the aforementioned vulnerability. Each control listed within this document, is an "industry best practice" and its implementation is subject to the specific requirements of the organization being audited.
3 Windows Server 003 (WinK3) Provisioning and Hardening Checklist General Information Name of Individual Performing the Windows Server 003 Provisioning and Hardening Last Name First Name Middle Name Title of Review Additional Information Department Division Office Immediate Supervisor Server Information (). Hostname of Server (). Type of Application(s) on server (3). IP Address of Server (4). Function of Server (5). FIPS Security Category (7). Data Info. Classification Level Vulnerability s Severity Severity Severity 3 Severity 4 Vulnerabilities which when exploited lead to immediate superuser access, unauthorized access to a machine, or allow an attacker to bypass security controls. Vulnerabilities which provide an attacker information with a high probability of allowing unauthorized access to a machine, or to bypass security controls. Vulnerabilities which grant an attacker information that may possibly lead to the compromise of a machine, or the bypassing of existing security controls Vulnerabilities which generally degrade the overall security of a system when left unresolved. Operating System (). The version of Microsoft Windows installed should not be less than Service Pack.
4 (). Ensure the system is configured to disable automatic administrator login. (3). All vendor recommended patches and hot fixes should be installed. (4). The built in Administrator and Guest accounts should be renamed to something other an Administrator or Guest. (5). Unless a documented need exists, the Guest account should be disabled. (6). The system screen saver settings should be configured to lock the screen as required by organizational or regulatory policy.
5 System Auditing (). The Application, System, and Security Event log files should have ACLs set as follows: Administrators Read and Execute. System Full Control. (). Each partition/drive should be set to audit Failures for the Everyone group at a minimum. (3). Configure the system to disallow guest access to the Event logs. (4). The HKEY_LOCAL_MACHINE\SOFTWARE and HKEY_LOCAL_MACHINE\SYEM registry hives should have auditing set to record Failures for the everyone group at a minimum (5). The system event log size, and retention policy should be set to comply with
6 organizational or regulatory requirements. System Access Controls (). The system should be configured to disallow the anonymous enumeration of SAM accounts and network shares. (Note: For domains supporting Exchange 003, this setting should be allowed for the DC Group Policy.) (). Configure the system to lock an account after 3 or fewer bad login attempts. (3). The Reset account lockout counter setting should be set to 30 minutes or greater. (4). The Account location duration setting should be set to 0, which requires an administrator to unlock accounts which have been locked out.
7 (5). The system should be configured to cache 3 or fewer user logins. 3 User Account Privilege Controls (). No user, to include administrators should be granted the right, act as part of the operating system. (). Ensure the following User Rights are assigned: Access this computer from network Administrators, Authenticated Users, Enterprise Domain Controllers Add workstations to domain Administrators Adjust memory quotas for a process Administrators, Local Service, Network Service Allow log on locally Administrators, Backup Operators Allow log on through Terminal Services Administrators Backup files and directories Administrators, Backup Operators Bypass traverse checking Authenticated Users Change the system time Administrators, Local Service Create a pagefile Administrators Create a token object (None) Create global objects Administrators, Service Create permanent shared objects (None) Deny logon as a batch job Guests, Support_388945a0 Deny logon as a service (None) Deny logon locally Guests, Support_388945a0 Deny logon through Terminal Services Guests, Users
8 Enable computer and user accounts to be trusted for delegation Administrators Force shutdown from a remote system Administrators Generate security audits Local Service, Network Service Impersonate a client after authentication Administrators, Service Increase scheduling priority Administrators Load and unload device drivers Administrators Lock pages in memory (None) Log on as a batch job (None) Log on as a service Network Service Manage auditing and security log Administrators Group (Exchange Enterprise Servers Group on Domain Controllers and Exchange Servers) Modify firmware environment values Administrators Perform volume maintenance tasks Administrators Profile single process Administrators Profile system performance Administrators Remove computer from docking station Administrators Replace a process level token Local Service, Network Service Restore files and directories Administrators, Backup Operators Shut down the system Administrators Take ownership of files or other objects Administrators (3). Minimum, and Maximum Password Age, Password Length/Complexity, and Password Uniqueness settings should comply with organizational or regulatory standards. Networking Security (). All unnecessary services and protocols should be disabled.
9 (). If the ftp service is enabled, it should be configured to disallow access to system-related files such as PAGEFILE.sys or NTLDR. (3). All forms of remote access to system services should be conducted using encrypted formats such as SSH or Remote Desktop Protocol. (4). Configure the system to disallow Remote Assistance. (5). The server's web content should be kept in a separate partition from the server's system files. (6). Configure the system to prevent the sending of unencrypted passwords to third party SMB servers.
10 (7). Configure the system to disallow anonymous remote registry access. (8). Ensure the LanMan authentication level is set to at least: Send NTLMv response only\refuse LM. (9). The following accounts: Guests, Anonymous Logon, Support_388945a0, should be denied the ability to login to the machine remotely. (0). The system should be configured to perform SMB packet signing and encryption wherever possible (). Ensure the system is configured to require secure RPC connections.
11 (). The system should be configured to disallow IP Source Routing, ICMP Redirects, and Internet Router Discovery Protocol. Additionally, configure the system to allow connections to time out sooner if a SYN flood is detected. 3 (3). Configure the system to ignore NetBIOS name release requests from all systems except WINS servers. 3 Local Security Options (). The system should be configured to disable AutoRun for all drives and removable media. (). Anonymous SID/Name translation should be disabled. (3). Anonymous access to named pipes should be limited to the following: COMNAP, COMNODE, SQL\QUERY, SPOOLSS, LLSRPC, BROWSER, NETLOGON,
12 Lsarpc, samr. (4). Remote accessible registry paths should be restricted to the following: System\CurrentControlSet\Control\ProductOptions System\CurrentControlSet\Control\Server Applications Software\Microsoft\Windows NT\CurrentVersion (5). No unapproved account should be able to Debug programs or have more than read access to Winlogon registry keys. (6). The ACLs for all disabled services should be set as follows: Administrators Full Control, System Full Control, Interactive Read. (7). Configure the system to disallow the storing of passwords using reversible encryption.
13
Windows Server 2008/2012 Server Hardening
Account Policies Enforce password history 24 Maximum Password Age - 42 days Minimum Password Age 2 days Minimum password length - 8 characters Password Complexity - Enable Store Password using Reversible
More informationSecurity Options... 1
Effective Server Security Options Period: Last 20 week(s) Generated: For: Brian Bartlett bbartlett@ecora.com By: Ecora Auditor Professional 4.5 - Windows Module 4.5.8010.20310 Using: Customized FFR Definition
More informationSymantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark
Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 Domain Controllers Version: 3.0.0 Symantec Enterprise Security Manager Baseline Policy Manual for
More informationBelarc Advisor Security Benchmark Summary
Page 1 of 5 The license associated with the Belarc Advisor product allows for free personal use only. Use on multiple computers in a corporate, educational, military or government installation is prohibited.
More informationAbout Cisco PIX Firewalls
About Cisco PIX Firewalls The PIX firewall requires extensive provisioning to meet both industry best practices and regulatory compliance. By default the firewall operating system allows various methods
More informationWeb. Security Options Comparison
Web 3 Security Options Comparison Windows Server 2003 provides a number of Security Options that can be applied within the scope of managing a GPO. Most are the same as those available in Windows 2000.
More informationSECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)
WHITE PAPER SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) INTRODUCTION This document covers the recommended best practices for hardening a Cisco Personal Assistant 1.4(x) server. The term
More informationSymantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Windows Server 2008 (Domain Member Servers and Domain Controllers)
Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 (Domain Member Servers and Domain Controllers) Symantec Enterprise Security Manager Baseline Policy
More informationObjectives. At the end of this chapter students should be able to:
NTFS PERMISSIONS AND SECURITY SETTING.1 Introduction to NTFS Permissions.1.1 File Permissions and Folder Permission.2 Assigning NTFS Permissions and Special Permission.2.1 Planning NTFS Permissions.2.2
More informationDefense Security Service Office of the Designated Approving Authority
Defense Security Service Office of the Designated Approving Authority Baseline Technical Security Configuration of Microsoft Windows 7 and Microsoft Server 2008 R2 Version 1.0 Title Page Document Name:
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationData Stored on a Windows Server Connected to a Network
Attachment A Form to Describe Sensitive Data Security Plan For the Use of Sensitive Data from The National Longitudinal Study of Adolescent to Adult Health Data Stored on a Windows Server Connected to
More informationPATCHING WINDOWS SERVER 2012 DOMAIN CONTROLLERS. Prepared By: Sainath K.E.V MVP Directory Services
PATCHING WINDOWS SERVER 2012 DOMAIN CONTROLLERS Prepared By: Sainath K.E.V MVP Directory Services TABLE OF CONTENTS 1 Introduction:... 3 2 Patch management process... 4 3 Patching active directory domain
More informationWalton Centre. Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure
Page 1 Walton Centre Access and Authentication (network) Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure Page 2 Table of Contents Section
More informationDefense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations
Defense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations March 2009 Version 2.2 This page intentionally left blank. 2 1. Introduction...4
More informationMicrosoft Windows XP Professional: Guide to Creating a More Secure Operating System
Microsoft Windows XP Professional: Guide to Creating a More Secure Operating System Introduction This document contains specific guidelines for establishing a secure Microsoft Windows XP computing environment.
More informationMicrosoft Solutions for Security and Compliance. Windows Server 2003 Security Guide
Microsoft Solutions for Security and Compliance Windows Server 2003 Security Guide 2006 Microsoft Corporation. This work is licensed under the Creative Commons Attribution-Non Commercial License. To view
More information84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff
84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff This article is designed to provide security administrators with a security checklist for going live with Windows NT.
More informationWindows IIS Server hardening checklist
General Windows IIS Server hardening checklist By Michael Cobb Do not connect an IIS Server to the Internet until it is fully hardened. Place the server in a physically secure location. Do not install
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationNNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37
NNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37 Compliance Score : 89.81% 370 of 412 rules passed 0 of 412 rules partially passed 42 of 412 rules failed Detailed PCI DSS v3.1 Requirements
More informationSIEMENS. Sven Lehmberg. ZT IK 3, Siemens CERT. Siemens AG 2000 Siemens CERT Team / 1
Sven Lehmberg / 1 Agenda Event Viewer and User Manager Analyzing Audit Logs Tools / 2 Auditing Step by Step Two important programs in NT 4.0 Event Viewer and User Manager User Manager for Domains / 3 /
More informationHow To Set A Group Policy On A Computer With A Network Security Policy On Itunes.Com (For Acedo) On A Pc Or Mac Mac (For An Ubuntu) On An Ubode (For Mac) On Pc Or Ip
CIS Microsoft Windows XP Benchmark v3.1.0-12-03-2013 http://benchmarks.cisecurity.org The CIS Security Benchmarks division provides consensus-oriented information security products, services, tools, metrics,
More informationMCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
More informationmodules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref:
SERVER SECURITY STANDARD Security Standards are mandatory security rules applicable to the defined scope with respect to the subject. Overview Scope Purpose Instructions Improperly configured systems,
More informationBefore deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.
SiteAudit Knowledge Base Deployment Check List June 2012 In This Article: Platform Requirements Windows Settings Discovery Configuration Before deploying SiteAudit it is recommended to review the information
More informationDefense Security Service Industrial Security Field Operations NISP Authorization Office. Technical Assessment Guide for Windows 7 Operating System
Defense Security Service Industrial Security Field Operations NISP Authorization Office Technical Assessment Guide for Windows 7 Operating System February 2016 Revision Log Date Revision Description of
More informationWindows XP Professional Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Baseline Security Settings
Windows XP Professional Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Baseline Security Settings Version 2.01 August, 2005 Copyright 2005, The Center for Internet Security
More informationCIS Microsoft Windows Server 2012. v1.0.0. Benchmark
CIS Microsoft Windows Server 2012 v1.0.0 Benchmark 01-31-2013 The CIS Security Benchmarks division provides consensus-oriented information security products, services, tools, metrics, suggestions, and
More informationA Roadmap for Securing IIS 5.0
This document was grafted together from various Web and other sources by Thomas Jerry Scott for use in his Web and other Security courses. Jerry hopes you find this information helpful in your quest to
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 24 Windows and Windows Vista Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Windows and Windows Vista Security
More informationNNT CIS Microsoft Windows Server 2008 R2 Benchmark Level 1 Member Server v2-1-0-2
NNT CIS Microsoft Windows Server 2008 R2 Benchmark Level 1 Member Server v2-1-0-2: NNTDC01 On NNTDC01 - By admin for time period 5/23/2014 8:49:51 AM to 5/23/2014 8:49:51 AM NNT CIS Microsoft Windows Server
More informationHow To Audit A Windows Active Directory System
South Northamptonshire Council Windows Active Directory Final Internal Audit Report - September Distribution list: Mike Shaw IT & Customer Services Manager David Price Director of Community Engagement
More informatione-governance Password Management Guidelines Draft 0.1
e-governance Password Management Guidelines Draft 0.1 DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S.
More informationSQL Server Hardening
Considerations, page 1 SQL Server 2008 R2 Security Considerations, page 4 Considerations Top SQL Hardening Considerations Top SQL Hardening considerations: 1 Do not install SQL Server on an Active Directory
More informationWindows Advanced Audit Policy Configuration
Windows Advanced Audit Policy Configuration EventTracker v7.x Publication Date: May 6, 2014 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com Abstract This document describes auditing
More informationWeb Plus Security Features and Recommendations
Web Plus Security Features and Recommendations (Based on Web Plus Version 3.x) Centers for Disease Control and Prevention National Center for Chronic Disease Prevention and Health Promotion Division of
More informationMSRPC NULL sessions. Exploitation and protection. Jean-Baptiste Marchand <Jean-Baptiste.Marchand@hsc.fr>
MSRPC NULL sessions Exploitation and protection Jean-Baptiste Marchand Jean-Baptiste Marchand Agenda - 2 - Introduction to NULL sessions NULL sessions internals Tools to
More informationTable Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10
Table Of Contents - - WINDOWS SERVER 2003 MAINTAINING AND MANAGING ENVIRONMENT...1 WINDOWS SERVER 2003 IMPLEMENTING, MANAGING & MAINTAINING...6 WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS
More informationPREPARED BY: AUDIT PROGRAM Author: Lance M. Turcato. APPROVED BY: Logical Security Operating Systems - Generic. Audit Date:
A SYSTEMS UNDERSTANDING A 1.0 Organization Objective: To ensure that the audit team has a clear understanding of the delineation of responsibilities for system administration and maintenance. A 1.1 Determine
More informationMicrosoft Auditing Events for Windows 2000/2003 Active Directory. By Ed Ziots Version 1.6 9/20/2005
Microsoft Auditing Events for Windows 2000/2003 Active Directory. By Ed Ziots Version 1.6 9/20/2005 Revision 1.3: Cleaned up resources and added additional detail into each auditing table. Revision 1.4:
More informationHow To Secure An Rsa Authentication Agent
RSA Authentication Agents Security Best Practices Guide Version 3 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks RSA,
More informationMCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing Resources
MCSE TestPrep: Windows NT Server 4, Second Edition - CH 3 - Managing Resources Page 1 of 36 [Figures are not included in this sample chapter] MCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing
More informationData Stored on a Windows Computer Connected to a Network
Attachment A Form to Describe Sensitive Data Security Plan For the Use of Sensitive Data from The National Longitudinal Study of Adolescent to Adult Health Data Stored on a Windows Computer Connected to
More informationDepartment of Information Technology Active Directory Audit Final Report. August 2008. promoting efficient & effective local government
Department of Information Technology Active Directory Audit Final Report August 2008 promoting efficient & effective local government Executive Summary Active Directory (AD) is a directory service by Microsoft
More informationSystem Security Policy Management: Advanced Audit Tasks
System Security Policy Management: Advanced Audit Tasks White Paper October 6, 2005 2005 Altiris Inc. All rights reserved. ABOUT ALTIRIS Altiris, Inc. is a pioneer of IT lifecycle management software that
More informationPointsec Enterprise Encryption and Access Control for Laptops and Workstations
Pointsec Enterprise Encryption and Access Control for Laptops and Workstations Overview of PC Security Since computer security has become increasingly important, almost all of the focus has been on securing
More informationSecure configuration document
Secure configuration document Windows 7 Draft 0.1. DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India Document Control S. No.
More informationPension Benefit Guaranty Corporation. Office of Inspector General. Evaluation Report. Penetration Testing 2001 - An Update
Pension Benefit Guaranty Corporation Office of Inspector General Evaluation Report Penetration Testing 2001 - An Update August 28, 2001 2001-18/23148-2 Penetration Testing 2001 An Update Evaluation Report
More informationWeb Security School Entrance Exam
Web Security School Entrance Exam By Michael Cobb 1) What is SSL used for? a. Encrypt data as it travels over a network b. Encrypt files located on a Web server c. Encrypt passwords for storage in a database
More informationUser Rights. 7.5.15 vjj 1
User Rights 7.5.15 vjj 1 User Rights některá oprávnění nelze (snadno) vyjádřit pomocí přístupových práv k objektům user rights 7.5.15 vjj 2 7.5.15 vjj 3 User Rights User rights fall into two general categories:
More informationDC Agent Troubleshooting
DC Agent Troubleshooting Topic 50320 DC Agent Troubleshooting Web Security Solutions v7.7.x, 7.8.x 27-Mar-2013 This collection includes the following articles to help you troubleshoot DC Agent installation
More informationWindows 2000/Active Directory Security
Information Systems Audit & Control Association Windows 2000/Active Directory Security Presented by: Deloitte & Touche Raj Mehta CPA, CITP, CISA, CISSP Denis Tiouttchev CIA, CISA, CISSP August 21, 2003
More informationRSA SecurID Ready Implementation Guide
RSA SecurID Ready Implementation Guide Partner Information Last Modified: December 18, 2006 Product Information Partner Name Microsoft Web Site http://www.microsoft.com/isaserver Product Name Internet
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationFive Steps to Improve Internal Network Security. Chattanooga ISSA
Five Steps to Improve Internal Network Security Chattanooga ISSA 1 Find Me AverageSecurityGuy.info @averagesecguy stephen@averagesecurityguy.info github.com/averagesecurityguy ChattSec.org 2 Why? The methodical
More informationOn-Site Computer Solutions values these technologies as part of an overall security plan:
Network Security Best Practices On-Site Computer Solutions Brian McMurtry Version 1.2 Revised June 23, 2008 In a business world where data privacy, integrity, and security are paramount, the small and
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationImplementation of Internal Audit Recommendations: Summary of Progress Report by Head of Finance
Financial Scrutiny and Audit Committee 11 February 2014 Agenda Item No 13 Implementation of Internal Audit : Summary of Progress Report by Finance Summary: This report updates members on progress in implementing
More informationEMC Celerra Network Server
EMC Celerra Network Server Release 5.6.47 Using Windows Administrative Tools with Celerra P/N 300-004-139 REV A02 EMC Corporation Corporate Headquarters: Hopkintons, MA 01748-9103 1-508-435-1000 www.emc.com
More informationRemote Administration
Windows Remote Desktop, page 1 pcanywhere, page 3 VNC, page 7 Windows Remote Desktop Remote Desktop permits users to remotely execute applications on Windows Server 2008 R2 from a range of devices over
More informationNE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment
NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment Summary Duration Vendor Audience 5 Days Microsoft IT Professionals Published Level Technology 05 October 2005 200 Microsoft
More informationGFI White Paper PCI-DSS compliance and GFI Software products
White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption
More informationGE Measurement & Control. Cyber Security for NEI 08-09
GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4
More informationWindows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers
Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers Version 1.2 October 17, 2005 Copyright 2004, The Center
More informationKepware Technologies Remote OPC DA Quick Start Guide (DCOM)
Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) March, 2013 Ref. 03.10 Kepware Technologies Table of Contents 1. Overview... 1 1.1 What is DCOM?... 1 1.2 What is OPCEnum?... 1 2. Users and
More informationAIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FIVE. Microsoft Windows Security. www.uscyberpatriot.
AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FIVE Microsoft Windows Security www.uscyberpatriot.org AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION
More informationHardening IIS Servers
8 Hardening IIS Servers Overview This chapter focuses on the guidance and procedures required to harden the IIS servers in your environment. To provide comprehensive security for Web servers and applications
More informationUsing Windows Administrative Tools on VNX
EMC VNX Series Release 7.0 Using Windows Administrative Tools on VNX P/N 300-011-833 REV A01 EMC Corporation Corporate Headquarters: Hopkinton, MA 01748-9103 1-508-435-1000 www.emc.com Copyright 2011 -
More informationIntroduction to Computer Security
Introduction to Computer Security Windows Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Microsoft Windows Family Tree Key security milestones: NT 3.51 (1993): network drivers and
More informationWorkflow Templates Library
Workflow s Library Table of Contents Intro... 2 Active Directory... 3 Application... 5 Cisco... 7 Database... 8 Excel Automation... 9 Files and Folders... 10 FTP Tasks... 13 Incident Management... 14 Security
More informationCentral Agency for Information Technology
Central Agency for Information Technology Kuwait National IT Governance Framework Information Security Agenda 1 Manage security policy 2 Information security management system procedure Agenda 3 Manage
More informationIntroduction p. 1 Approach to the Book p. 2 At Least Three Ways to Do It p. 2 Where to Find the Tools p. 3 Running Tools with Alternate Credentials
Preface p. xvii Introduction p. 1 Approach to the Book p. 2 At Least Three Ways to Do It p. 2 Where to Find the Tools p. 3 Running Tools with Alternate Credentials p. 3 A Brief Word on Windows Scripting
More informationFINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE
Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security
More information6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING
6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING The following is a general checklist for the audit of Network Administration and Security. Sl.no Checklist Process 1. Is there an Information
More informationWindows security for n00bs part 1 Security architecture & Access Control
Grenoble INP Ensimag _ (in)security we trust _!! SecurIMAG 2011-05-12 Windows security for n00bs part 1 Security architecture & Access Control Description: whether you are in favor or against it, the Windows
More information11 NETWORK SECURITY PROJECTS. Project 11.1. Understanding Key Concepts. Project 11.2. Using Auditing and Event Logs. Project 11.3
11 NETWORK SECURITY PROJECTS Project 11.1 Project 11.2 Project 11.3 Project 11.4 Project 11.5 Understanding Key Concepts Using Auditing and Event Logs Managing Account Lockout Policies Managing Password
More informationData Stored on a Windows Computer Connected to a Network
Attachment A Form to Describe Sensitive Data Security Plan For the Use of Sensitive Data from The National Longitudinal Study of Adolescent to Adult Health Data Stored on a Windows Computer Connected to
More informationWindows 7 / Server 2008 R2 Configuration Overview. By: Robert Huth Dated: March 2014
Windows 7 / Server 2008 R2 Configuration Overview By: Robert Huth Dated: March 2014 Expectations This Windows 7 / Server 2008 R2 (Win7-2K8) presentation is a general overview of the technical security
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More information6WRUP:DWFK. Policies for Dedicated SQL Servers Group
OKENA 71 Second Ave., 3 rd Floor Waltham, MA 02451 Phone 781 209 3200 Fax 781 209 3199 6WRUP:DWFK Policies for Dedicated SQL Servers Group The sample policies shipped with StormWatch address both application-specific
More informationCIS Microsoft Windows Server 2003. Benchmark. v3.1.0-12-03-2013. http://benchmarks.cisecurity.org
CIS Microsoft Windows Server 2003 v3.1.0-12-03-2013 Benchmark http://benchmarks.cisecurity.org The CIS Security Benchmarks division provides consensus-oriented information security products, services,
More informationHands-On Ethical Hacking and Network Defense Second Edition Chapter 8 Desktop and Server OS Vulnerabilities
Objectives After reading this chapter and completing the exercises, you will be able to: Describe vulnerabilities of Windows and Linux operating systems Identify specific vulnerabilities and explain ways
More informationSecuring Active Directory Correctly
SESSION ID: TECH-F02 Securing Active Directory Correctly Derek Melber, MVP Technical Evangelist ManageEngine @derekmelber About Your Speaker Derek Melber, MCSE & MVP (Group Policy and AD) derek@manageengine.com
More informationRapid Vulnerability Assessment Report
White Paper Rapid Vulnerability Assessment Report Table of Contents Executive Summary... Page 1 Characteristics of the Associated Business Corporation Network... Page 2 Recommendations for Improving Security...
More informationMicrosoft Windows NT. Securing Windows NT Installation. October 23, 1997. Microsoft Corporation. Contents. Abstract
Microsoft Windows NT Securing Windows NT Installation October 23, 1997 Microsoft Corporation Contents Abstract Establishing Computer Security Levels of Security Off-the-Shelf vs. Custom Software Minimal
More informationMCSE 2003. Core exams (Networking) One Client OS Exam. Core Exams (6 Exams Required)
MCSE 2003 Microsoft Certified Systems Engineer (MCSE) candidates on the Microsoft Windows Server 2003 track are required to satisfy the following requirements: Core Exams (6 Exams Required) Four networking
More informationSQL Server Hardening
Considerations, page 1 SQL Server 2008 R2 Security Considerations, page 4 Considerations Top SQL Hardening Considerations Top SQL Hardening considerations: 1 Do not install SQL Server on an Active Directory
More informationUnivention Corporate Server. Operation of a Samba domain based on Windows NT domain services
Univention Corporate Server Operation of a Samba domain based on Windows NT domain services 2 Table of Contents 1. Components of a Samba domain... 4 2. Installation... 5 3. Services of a Samba domain...
More informationLesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment
Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment (Exam 70-290) Table of Contents Table of Contents... 1 Course Overview... 2 Section 0-1: Introduction... 4
More informationManaging and Maintaining a Microsoft Windows Server 2003 Environment
Managing and Maintaining a Microsoft Windows Server 2003 Environment Course 2273: Five days; Blended (classroom/e-learning) Introduction Elements of this syllabus are subject to change. This course combines
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationUniversity of California, Riverside Computing and Communications. IS3 Local Campus Overview Departmental Planning Template
University of California, Riverside Computing and Communications IS3 Local Campus Overview Departmental Planning Template Last Updated April 21 st, 2011 Table of Contents: Introduction Security Plan Administrative
More informationNessus scanning on Windows Domain
Nessus scanning on Windows Domain A little inside information and Nessus can go a long way By Sunil Vakharia sunilv@phreaker.net Version 1.0 4 November 2003 About this paper This paper is not a tutorial
More informationSecuring Remote Desktop for Windows XP
Securing Remote Desktop for Windows XP http://www.mobydisk.com/./techres/securing_remote_desktop.html Remote Desktop, Unsafely Many people use the Windows XP Professional remote desktop feature to gain
More informationImplementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
Question Number (ID) : 1 (jaamsp_mngnwi-025) Lisa would like to configure five of her 15 Web servers, which are running Microsoft Windows Server 2003, Web Edition, to always receive specific IP addresses
More informationDefault Domain Policy Data collected on: 10/12/2012 5:28:08 PM General
Default Domain Default Domain Data collected on: 10/12/2012 5:28:08 PM General Details Domain Owner Created Modified User Revisions Computer Revisions Unique ID GPO Status webrecon.local WEBRECON\Domain
More informationSecuring. Active. Directory. Your. Five Key Lessons to. Chapters. Sponsored by: 1. Perform a Self-Audit
Five Key Lessons to Securing Your Active Directory Chapters Roberta Bragg MCSE, CISSP, Author, Columnist, Speaker, Consultant 1. Perform a Self-Audit 2. Know and Use Security Tools and Techniques 3. Monitor
More informationManaging and Maintaining a Windows Server 2003 Network Environment
Managing and maintaining a Windows Server 2003 Network Environment. AIM This course provides students with knowledge and skills needed to Manage and Maintain a Windows Server 2003 Network Environment.
More information