Security Options... 1

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Security Options... 1"

Transcription

1 Effective Server Security Options Period: Last 20 week(s) Generated: For: Brian Bartlett By: Ecora Auditor Professional Windows Module Using: Customized FFR Definition based on 'Effective Server Security Options' Description: A Fact-Finding report will show values greater than, less than, or unlike a threshold value you set. These reports are very surgical in their precision - you can pull precisely the data you need, but they also offer a wealth of data through hundreds of built-in reports created by experts. Effective Server Security Options Table of Contents Security Options... 1 Collected Not-Collected Legend DEFAULT *UA* *FC* *NS* Security Options Table 1. BSP/BIGMOUNTAIN The value presented in the report was not directly reported by the target, but implied by the current value or lack of a value for the attribute Unavailable attribute. The current configuration or version of target platform does not provide a value for this attribute. More detail in logs Collection of value failed Value not selected for collection Accounts: Limit local account use of blank passwords to console logon only Devices: Allow undock without having to log on Devices: Prevent users from installing printer drivers Powered by Ecora Auditor Professional Windows Module Page 1 of 14

2 Devices: Restrict CD-ROM access to locally logged-on user only Devices: Restrict floppy access to locally logged-on user only Devices: Unsigned driver installation behavior Domain controller: Allow server operators to schedule tasks Domain controller: LDAP server signing requirements Domain member: Digitally encrypt or sign secure channel data (always) Domain member: Disable machine account password changes Domain member: Require strong (Windows 2000 or later) session key Interactive logon: Do not display last user name Interactive logon: Prompt user to change password before expiration Digitally sign communications (always) Digitally sign communications (if client agrees) Network access: Do not allow anonymous enumeration of SAM accounts Warn but allow installation None 14 days Powered by Ecora Auditor Professional Windows Module Page 2 of 14

3 Network access: Do not allow anonymous enumeration of SAM accounts and shares Network access: Do not allow storage of credentials or.net Passports for network authentication Network access: Let Everyone permissions apply to anonymous users Network access: Named Pipes that can be accessed anonymously Network access: Remotely accessible registry paths Network access: Remotely accessible registry paths and sub-paths Network access: Restrict anonymous access to Named Pipes and Shares Network access: Shares that can be accessed anonymously COMNAP COMNODE SQL\QUERY SPOOLSS LLSRPC TrkSrv netlogon lsarpc samr browser System\CurrentControlSet\Control\ProductOptions System\CurrentControlSet\Control\Server Applications Software\Microsoft\Windows NT\CurrentVersion System\CurrentControlSet\Control\Print\Printers System\CurrentControlSet\Services\Eventlog System\CurrentControlSet\Services\Replicator System\CurrentControlSet\Control\ContentIndex\Catalogs System\CurrentControlSet\Control\ContentIndex System\CurrentControlSet\Control\Terminal Server System\CurrentControlSet\Control\Terminal Server\UserConfig System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration Software\Microsoft\Windows NT\CurrentVersion\Perflib System\CurrentControlSet\Services\SysmonLog Software\Microsoft\Windows NT\CurrentVersion\Print Software\Microsoft\Windows NT\CurrentVersion\Windows COMCFG DFS$ CHEYALERT$ Powered by Ecora Auditor Professional Windows Module Page 3 of 14

4 Network access: Sharing and security model for local accounts Network security: LAN Manager authentication level Network security: LDAP client signing requirements Recovery console: Allow automatic administrative logon Recovery console: Allow floppy copy and access to all drives and all folders Rename administrator account Classic - local users authenticate as themselves Send NTLM response only Negotiate signing Donald Rename guest account Gerald Shutdown: Clear virtual memory pagefile System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing System objects: Default owner for objects created by members of the Administrators group System objects: Require case insensitivity for non-windows subsystems System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) System settings: Optional subsystems Administrators group Posix Powered by Ecora Auditor Professional Windows Module Page 4 of 14

5 Table 2. BSP/CHEYENNE Security Option Accounts: Limit local account use of blank passwords to console logon only Audit: Audit the access of global system objects Audit: Audit the use of Backup and Restore privilege Audit: Shut down system immediately if unable to log security audits Devices: Allow undock without having to log on Devices: Allowed to format and eject removable media Devices: Prevent users from installing printer drivers Devices: Restrict CD-ROM access to locally logged-on user only Devices: Restrict floppy access to locally logged-on user only Devices: Unsigned driver installation behavior Domain member: Digitally encrypt or sign secure channel data (always) Domain member: Digitally encrypt secure channel data (when possible) Domain member: Digitally sign secure channel data (when possible) Domain member: Disable machine account password changes Domain member: Maximum machine account password age Security Option Settings Administrators Warn but allow installation 30 days Overriden By GPO Powered by Ecora Auditor Professional Windows Module Page 5 of 14

6 Security Option Security Option Settings Overriden By GPO Domain member: Require strong (Windows 2000 or later) session key Interactive logon: Display user information when the session is locked Interactive logon: Do not display last user name Interactive logon: Do not require CTRL+ALT+DEL Interactive logon: Message text for users attempting to log on Interactive logon: Message title for users attempting to log on Interactive logon: Number of previous logons to cache (in case domain controller is not available) Interactive logon: Prompt user to change password before expiration Interactive logon: Require Domain Controller authentication to unlock workstation Interactive logon: Require smart card Interactive logon: Smart card removal behavior Microsoft network client: Digitally sign communications (always) Microsoft network client: Digitally sign communications (if server agrees) Microsoft network client: Send unencrypted password to third-party SMB servers Amount of idle time required before suspending session Do not display user information 10 logons 14 days No Action 15 minutes Powered by Ecora Auditor Professional Windows Module Page 6 of 14

7 Security Option Digitally sign communications (always) Digitally sign communications (if client agrees) Disconnect clients when logon hours expire Network access: Do not allow anonymous enumeration of SAM accounts Network access: Do not allow anonymous enumeration of SAM accounts and shares Network access: Do not allow storage of credentials or.net Passports for network authentication Network access: Let Everyone permissions apply to anonymous users Network access: Named Pipes that can be accessed anonymously Network access: Remotely accessible registry paths Network access: Remotely accessible registry paths and sub-paths Security Option Settings COMNAP COMNODE SQL\QUERY SPOOLSS NETLOGON LSARPC SAMR BROWSER System\CurrentControlSet\Control\ProductOptions System\CurrentControlSet\Control\Server Applications Software\Microsoft\Windows NT\CurrentVersion System\CurrentControlSet\Control\Print\Printers System\CurrentControlSet\Services\Eventlog Software\Microsoft\OLAP Server System\CurrentControlSet\Control\ContentIndex System\CurrentControlSet\Control\Terminal Server System\CurrentControlSet\Control\Terminal Server\UserConfig System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration System\CurrentControlSet\Services\Wins Overriden By GPO Powered by Ecora Auditor Professional Windows Module Page 7 of 14

8 Security Option Network access: Restrict anonymous access to Named Pipes and Shares Network access: Shares that can be accessed anonymously Network access: Sharing and security model for local accounts Network security: Do not store LAN Manager hash value on next password change Network security: LAN Manager authentication level Network security: LDAP client signing requirements Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Recovery console: Allow automatic administrative logon Recovery console: Allow floppy copy and access to all drives and all folders Shutdown: Allow system to be shut down without having to log on Shutdown: Clear virtual memory pagefile Security Option Settings Software\Microsoft\Windows NT\CurrentVersion\Print Software\Microsoft\Windows NT\CurrentVersion\Windows Software\Microsoft\Windows NT\CurrentVersion\Perflib System\CurrentControlSet\Services\SysmonLog SYSTEM\CurrentControlSet\Services\CertSvc COMCFG DFS$ Classic - local users authenticate as themselves Send NTLM response only Negotiate signing 0 0 Overriden By GPO Powered by Ecora Auditor Professional Windows Module Page 8 of 14

9 Security Option System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing System objects: Default owner for objects created by members of the Administrators group System objects: Require case insensitivity for non-windows subsystems System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) System settings: Optional subsystems System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Security Option Settings Administrators group Posix Overriden By GPO Table 3. BSP/PITA1 Accounts: Limit local account use of blank passwords to console logon only Audit: Audit the access of global system objects Audit: Audit the use of Backup and Restore privilege Audit: Shut down system immediately if unable to log security audits Devices: Allow undock without having to log on Devices: Allowed to format and eject removable media Devices: Prevent users from installing printer drivers Administrators Powered by Ecora Auditor Professional Windows Module Page 9 of 14

10 Devices: Restrict CD-ROM access to locally logged-on user only Devices: Restrict floppy access to locally logged-on user only Devices: Unsigned driver installation behavior Domain controller: LDAP server signing requirements Domain member: Digitally encrypt or sign secure channel data (always) Domain member: Digitally encrypt secure channel data (when possible) Domain member: Digitally sign secure channel data (when possible) Domain member: Disable machine account password changes Domain member: Maximum machine account password age Domain member: Require strong (Windows 2000 or later) session key Interactive logon: Do not display last user name Interactive logon: Do not require CTRL+ALT+DEL Interactive logon: Message text for users attempting to log on Interactive logon: Message title for users attempting to log on Warn but allow installation None 30 days Powered by Ecora Auditor Professional Windows Module Page 10 of 14

11 Interactive logon: Number of previous logons to cache (in case domain controller is not available) Interactive logon: Prompt user to change password before expiration Interactive logon: Require Domain Controller authentication to unlock workstation Interactive logon: Require smart card Interactive logon: Smart card removal behavior Microsoft network client: Digitally sign communications (always) Microsoft network client: Digitally sign communications (if server agrees) Microsoft network client: Send unencrypted password to third-party SMB servers Amount of idle time required before suspending session Digitally sign communications (always) Digitally sign communications (if client agrees) Disconnect clients when logon hours expire Network access: Do not allow anonymous enumeration of SAM accounts 10 logons 14 days No Action 15 minutes Powered by Ecora Auditor Professional Windows Module Page 11 of 14

12 Network access: Do not allow anonymous enumeration of SAM accounts and shares Network access: Do not allow storage of credentials or.net Passports for network authentication Network access: Let Everyone permissions apply to anonymous users Network access: Named Pipes that can be accessed anonymously Network access: Remotely accessible registry paths Network access: Remotely accessible registry paths and sub-paths Network access: Restrict anonymous access to Named Pipes and Shares Network access: Shares that can be accessed anonymously Network access: Sharing and security model for local accounts COMNAP COMNODE SQL\QUERY SPOOLSS netlogon lsarpc samr browser System\CurrentControlSet\Control\ProductOptions System\CurrentControlSet\Control\Server Applications Software\Microsoft\Windows NT\CurrentVersion System\CurrentControlSet\Control\Print\Printers System\CurrentControlSet\Services\Eventlog Software\Microsoft\OLAP Server Software\Microsoft\Windows NT\CurrentVersion\Print Software\Microsoft\Windows NT\CurrentVersion\Windows System\CurrentControlSet\Control\ContentIndex System\CurrentControlSet\Control\Terminal Server System\CurrentControlSet\Control\Terminal Server\UserConfig System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration Software\Microsoft\Windows NT\CurrentVersion\Perflib System\CurrentControlSet\Services\SysmonLog COMCFG DFS$ Classic - local users authenticate as themselves Powered by Ecora Auditor Professional Windows Module Page 12 of 14

13 Network security: Do not store LAN Manager hash value on next password change Network security: LAN Manager authentication level Network security: LDAP client signing requirements Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Recovery console: Allow automatic administrative logon Recovery console: Allow floppy copy and access to all drives and all folders Shutdown: Allow system to be shut down without having to log on Shutdown: Clear virtual memory pagefile System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing System objects: Default owner for objects created by members of the Administrators group System objects: Require case insensitivity for non-windows subsystems Send NTLM response only Negotiate signing 0 0 Administrators group Powered by Ecora Auditor Professional Windows Module Page 13 of 14

14 System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) System settings: Optional subsystems System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Posix Powered by Ecora Auditor Professional Windows Module Page 14 of 14

Web. Security Options Comparison

Web. Security Options Comparison Web 3 Security Options Comparison Windows Server 2003 provides a number of Security Options that can be applied within the scope of managing a GPO. Most are the same as those available in Windows 2000.

More information

Windows Server 2008/2012 Server Hardening

Windows Server 2008/2012 Server Hardening Account Policies Enforce password history 24 Maximum Password Age - 42 days Minimum Password Age 2 days Minimum password length - 8 characters Password Complexity - Enable Store Password using Reversible

More information

About Microsoft Windows Server 2003

About Microsoft Windows Server 2003 About Microsoft Windows Server 003 Windows Server 003 (WinK3) requires extensive provisioning to meet both industry best practices and regulatory compliance. By default the Windows Server operating system

More information

Walton Centre. Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure

Walton Centre. Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure Page 1 Walton Centre Access and Authentication (network) Document History Date Version Author Changes 01/10/04 1.0 A Cobain L Wyatt 31/03/05 1.1 L Wyatt Update to procedure Page 2 Table of Contents Section

More information

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) WHITE PAPER SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) INTRODUCTION This document covers the recommended best practices for hardening a Cisco Personal Assistant 1.4(x) server. The term

More information

Defense Security Service Office of the Designated Approving Authority

Defense Security Service Office of the Designated Approving Authority Defense Security Service Office of the Designated Approving Authority Baseline Technical Security Configuration of Microsoft Windows 7 and Microsoft Server 2008 R2 Version 1.0 Title Page Document Name:

More information

NNT CIS Microsoft Windows Server 2008 R2 Benchmark Level 1 Member Server v2-1-0-2

NNT CIS Microsoft Windows Server 2008 R2 Benchmark Level 1 Member Server v2-1-0-2 NNT CIS Microsoft Windows Server 2008 R2 Benchmark Level 1 Member Server v2-1-0-2: NNTDC01 On NNTDC01 - By admin for time period 5/23/2014 8:49:51 AM to 5/23/2014 8:49:51 AM NNT CIS Microsoft Windows Server

More information

Belarc Advisor Security Benchmark Summary

Belarc Advisor Security Benchmark Summary Page 1 of 5 The license associated with the Belarc Advisor product allows for free personal use only. Use on multiple computers in a corporate, educational, military or government installation is prohibited.

More information

Microsoft Solutions for Security and Compliance. Windows Server 2003 Security Guide

Microsoft Solutions for Security and Compliance. Windows Server 2003 Security Guide Microsoft Solutions for Security and Compliance Windows Server 2003 Security Guide 2006 Microsoft Corporation. This work is licensed under the Creative Commons Attribution-Non Commercial License. To view

More information

Secure configuration document

Secure configuration document Secure configuration document Windows 7 Draft 0.1. DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India Document Control S. No.

More information

Local Groups by Computer... 1

Local Groups by Computer... 1 Period: Last 20 week(s) Generated: For: Internal Auditor InternalAuditor@ecora.com By: Ecora Auditor Professional 4.5 - Windows Module 4.5.8063.19200 Using: FFR Definition '' Description: A Fact-Finding

More information

CIS Microsoft Windows Server 2012. v1.0.0. Benchmark

CIS Microsoft Windows Server 2012. v1.0.0. Benchmark CIS Microsoft Windows Server 2012 v1.0.0 Benchmark 01-31-2013 The CIS Security Benchmarks division provides consensus-oriented information security products, services, tools, metrics, suggestions, and

More information

CIS Microsoft Windows 7 Benchmark. v2.1.0-12-03-2013. http://benchmarks.cisecurity.org

CIS Microsoft Windows 7 Benchmark. v2.1.0-12-03-2013. http://benchmarks.cisecurity.org CIS Microsoft Windows 7 Benchmark v2.1.0-12-03-2013 http://benchmarks.cisecurity.org The CIS Security Benchmarks division provides consensus-oriented information security products, services, tools, metrics,

More information

NNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37

NNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37 NNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37 Compliance Score : 89.81% 370 of 412 rules passed 0 of 412 rules partially passed 42 of 412 rules failed Detailed PCI DSS v3.1 Requirements

More information

Defense Security Service Industrial Security Field Operations NISP Authorization Office. Technical Assessment Guide for Windows 7 Operating System

Defense Security Service Industrial Security Field Operations NISP Authorization Office. Technical Assessment Guide for Windows 7 Operating System Defense Security Service Industrial Security Field Operations NISP Authorization Office Technical Assessment Guide for Windows 7 Operating System February 2016 Revision Log Date Revision Description of

More information

Diebold Security Analysis of ATM Operating and Application Systems Using the Center for Internet Security Scoring Tool

Diebold Security Analysis of ATM Operating and Application Systems Using the Center for Internet Security Scoring Tool Diebold Security Analysis of ATM Operating and Application Systems Using the Center for Internet Security Scoring Tool TP-821129-001B PD 6099 Document History Document Number Date Remarks TP-821129-001A

More information

Installed Applications Summary... 1

Installed Applications Summary... 1 Installed Applications by Application Period: Last 20 week(s) Generated: For: Internal Auditor InternalAuditor@ecora.com By: Ecora Auditor Professional 4.5 - Windows Module 4.5.8111.18300 Using: FFR Definition

More information

Microsoft Windows XP Professional: Guide to Creating a More Secure Operating System

Microsoft Windows XP Professional: Guide to Creating a More Secure Operating System Microsoft Windows XP Professional: Guide to Creating a More Secure Operating System Introduction This document contains specific guidelines for establishing a secure Microsoft Windows XP computing environment.

More information

CIS Microsoft Windows XP Benchmark. v3.1.0-12-03-2013. http://benchmarks.cisecurity.org

CIS Microsoft Windows XP Benchmark. v3.1.0-12-03-2013. http://benchmarks.cisecurity.org CIS Microsoft Windows XP Benchmark v3.1.0-12-03-2013 http://benchmarks.cisecurity.org The CIS Security Benchmarks division provides consensus-oriented information security products, services, tools, metrics,

More information

Level Two Benchmark Windows 2000 Professional Operating System V1.0.4

Level Two Benchmark Windows 2000 Professional Operating System V1.0.4 Level Two Benchmark Windows 2000 Professional Operating System V1.0.4 Copyright 2002, The Center for Internet Security www.cisecurity.org Terms of Use Agreement 1. Grant of Permission to use the Windows

More information

CIS Microsoft Windows Server 2003. Benchmark. v3.1.0-12-03-2013. http://benchmarks.cisecurity.org

CIS Microsoft Windows Server 2003. Benchmark. v3.1.0-12-03-2013. http://benchmarks.cisecurity.org CIS Microsoft Windows Server 2003 v3.1.0-12-03-2013 Benchmark http://benchmarks.cisecurity.org The CIS Security Benchmarks division provides consensus-oriented information security products, services,

More information

Ecora Enterprise Auditor Instructional Whitepaper. Who Made Change

Ecora Enterprise Auditor Instructional Whitepaper. Who Made Change Ecora Enterprise Auditor Instructional Whitepaper Who Made Change Ecora Enterprise Auditor Who Made Change Instructional Whitepaper Introduction... 3 Purpose... 3 Step 1 - Enabling audit in Windows...

More information

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 Domain Controllers Version: 3.0.0 Symantec Enterprise Security Manager Baseline Policy Manual for

More information

South Northamptonshire Council

South Northamptonshire Council South Northamptonshire Council Windows Active Directory Final Internal Audit Report - September Distribution list: Mike Shaw IT & Customer Services Manager David Price Director of Community Engagement

More information

MCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing Resources

MCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing Resources MCSE TestPrep: Windows NT Server 4, Second Edition - CH 3 - Managing Resources Page 1 of 36 [Figures are not included in this sample chapter] MCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing

More information

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security

More information

Windows XP Professional Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Baseline Security Settings

Windows XP Professional Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Baseline Security Settings Windows XP Professional Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Baseline Security Settings Version 2.01 August, 2005 Copyright 2005, The Center for Internet Security

More information

Objectives. At the end of this chapter students should be able to:

Objectives. At the end of this chapter students should be able to: NTFS PERMISSIONS AND SECURITY SETTING.1 Introduction to NTFS Permissions.1.1 File Permissions and Folder Permission.2 Assigning NTFS Permissions and Special Permission.2.1 Planning NTFS Permissions.2.2

More information

Default Domain Policy Data collected on: 10/12/2012 5:28:08 PM General

Default Domain Policy Data collected on: 10/12/2012 5:28:08 PM General Default Domain Default Domain Data collected on: 10/12/2012 5:28:08 PM General Details Domain Owner Created Modified User Revisions Computer Revisions Unique ID GPO Status webrecon.local WEBRECON\Domain

More information

84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff

84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff 84-01-31 Windows NT Server Operating System Security Features Carol A. Siegel Payoff This article is designed to provide security administrators with a security checklist for going live with Windows NT.

More information

JapanCert 専 門 IT 認 証 試 験 問 題 集 提 供 者

JapanCert 専 門 IT 認 証 試 験 問 題 集 提 供 者 JapanCert 専 門 IT 認 証 試 験 問 題 集 提 供 者 http://www.japancert.com 1 年 で 無 料 進 級 することに 提 供 する Exam : 70-643 Title : Windows Server 2008 Applications Infrastructure, Configuring Vendors : Microsoft Version :

More information

Session 17 Windows 7 Professional DNS & Active Directory(Part 2)

Session 17 Windows 7 Professional DNS & Active Directory(Part 2) Session 17 Windows 7 Professional DNS & Active Directory(Part 2) Fall 2011 ITE153 Operating Systems 1 Session 17 Windows 7 Professional Operating in Microsoft Networks Fall 2011 ITE153 Operating Systems

More information

1.1.1.1.2.1 Set 'Reset account lockout counter after' to '15' or more

1.1.1.1.2.1 Set 'Reset account lockout counter after' to '15' or more NNT CIS Server 2003 Benchmark_v3.1.0 Level 1 Member Server: NNT-2003-32-BIT On NNT-2003-32-BIT - By admin for time period 28/07/2014 13:43:41 to 28/07/2014 13:43:41 NNT CIS Server 2003 Benchmark_v3.1.0

More information

Data Stored on a Windows Server Connected to a Network

Data Stored on a Windows Server Connected to a Network Attachment A Form to Describe Sensitive Data Security Plan For the Use of Sensitive Data from The National Longitudinal Study of Adolescent to Adult Health Data Stored on a Windows Server Connected to

More information

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit. SiteAudit Knowledge Base Deployment Check List June 2012 In This Article: Platform Requirements Windows Settings Discovery Configuration Before deploying SiteAudit it is recommended to review the information

More information

Setting Up, Managing, and Troubleshooting Security Accounts and Policies

Setting Up, Managing, and Troubleshooting Security Accounts and Policies 3 Setting Up, Managing, and Troubleshooting Security Accounts and Policies............................................... Terms you ll need to understand: Local user account Local group Complex password

More information

Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers

Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers Version 1.2 October 17, 2005 Copyright 2004, The Center

More information

VERITAS Backup Exec TM 10.0 for Windows Servers

VERITAS Backup Exec TM 10.0 for Windows Servers VERITAS Backup Exec TM 10.0 for Windows Servers Quick Installation Guide N134418 July 2004 Disclaimer The information contained in this publication is subject to change without notice. VERITAS Software

More information

Services Summary... 1

Services Summary... 1 Services Report By Service Name Period: Last 20 week(s) Generated: For: Internal Auditor InternalAuditor@ecora.com By: Ecora Auditor Professional 4.5 - Windows Module 4.5.8063.19200 Using: FFR Definition

More information

HP LeftHand SAN Solutions

HP LeftHand SAN Solutions HP LeftHand SAN Solutions Support Document Application Notes Backup Exec 11D VSS Snapshots and Transportable Offhost Backup Legal Notices Warranty The only warranties for HP products and services are set

More information

Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment

Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment (Exam 70-290) Table of Contents Table of Contents... 1 Course Overview... 2 Section 0-1: Introduction... 4

More information

DriveLock and Windows 7

DriveLock and Windows 7 Why alone is not enough CenterTools Software GmbH 2011 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise

More information

Symantec Backup Exec TM 11d for Windows Servers. Quick Installation Guide

Symantec Backup Exec TM 11d for Windows Servers. Quick Installation Guide Symantec Backup Exec TM 11d for Windows Servers Quick Installation Guide September 2006 Symantec Legal Notice Copyright 2006 Symantec Corporation. All rights reserved. Symantec, Backup Exec, and the Symantec

More information

Symantec Backup Exec 12.5 for Windows Servers. Quick Installation Guide

Symantec Backup Exec 12.5 for Windows Servers. Quick Installation Guide Symantec Backup Exec 12.5 for Windows Servers Quick Installation Guide 13897290 Installing Backup Exec This document includes the following topics: System requirements Before you install About the Backup

More information

APPENDIX I Basic Windows NT Server 4.0 Installation and Configuration

APPENDIX I Basic Windows NT Server 4.0 Installation and Configuration Basic Windows NT Server 4.0 Installation and Configuration Windows NT 4.0 (English version) Installation The first step of the installation is to install the English Windows NT Server 4.0 to the file server

More information

70-290 Q&A. DEMO Version

70-290 Q&A. DEMO Version Managing and Maintaining a Microsoft Windows Server 2003 Environment Q&A DEMO Version Copyright (c) 2010 Chinatag LLC. All rights reserved. Important Note Please Read Carefully For demonstration purpose

More information

Department of Information Technology Active Directory Audit Final Report. August 2008. promoting efficient & effective local government

Department of Information Technology Active Directory Audit Final Report. August 2008. promoting efficient & effective local government Department of Information Technology Active Directory Audit Final Report August 2008 promoting efficient & effective local government Executive Summary Active Directory (AD) is a directory service by Microsoft

More information

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide N109548 Disclaimer The information contained in this publication is subject to change without notice. VERITAS Software Corporation makes

More information

Data Stored on a Windows Computer Connected to a Network

Data Stored on a Windows Computer Connected to a Network Attachment A Form to Describe Sensitive Data Security Plan For the Use of Sensitive Data from The National Longitudinal Study of Adolescent to Adult Health Data Stored on a Windows Computer Connected to

More information

Managing a Microsoft Windows Server 2003 Environment

Managing a Microsoft Windows Server 2003 Environment Managing a Microsoft Windows Server 2003 Environment Course number: 2274C Course lenght: 5 days Course Outline Module 1: Introduction to Administering Accounts and Resources This module explains how to

More information

DC Agent Troubleshooting

DC Agent Troubleshooting DC Agent Troubleshooting Topic 50320 DC Agent Troubleshooting Web Security Solutions v7.7.x, 7.8.x 27-Mar-2013 This collection includes the following articles to help you troubleshoot DC Agent installation

More information

Setup process for a secure workstation

Setup process for a secure workstation Setup process for a secure workstation This is a work in progress. Version - 5/15/08 Billions of people use computers running Microsoft software. Microsoft has therefore made a quite understandable decision

More information

IBM Client Security Solutions. Client Security User's Guide

IBM Client Security Solutions. Client Security User's Guide IBM Client Security Solutions Client Security User's Guide December 1999 1 Before using this information and the product it supports, be sure to read Appendix B - Notices and Trademarks, on page 22. First

More information

CREDENTIAL MANAGER IN WINDOWS 7

CREDENTIAL MANAGER IN WINDOWS 7 CREDENTIAL MANAGER IN WINDOWS 7 What is Credential Manager Whenever we try to access some resource, whether it is local or remote resource, Windows always validates our credentials to make sure we have

More information

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM)

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) March, 2013 Ref. 03.10 Kepware Technologies Table of Contents 1. Overview... 1 1.1 What is DCOM?... 1 1.2 What is OPCEnum?... 1 2. Users and

More information

File and Printer Sharing with Microsoft Windows

File and Printer Sharing with Microsoft Windows Operating System File and Printer Sharing with Microsoft Windows Microsoft Corporation Published: November 2003 Abstract File and printer sharing in Microsoft Windows allows you to share the contents of

More information

Defense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations

Defense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations Defense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations March 2009 Version 2.2 This page intentionally left blank. 2 1. Introduction...4

More information

How-to: Single Sign-On

How-to: Single Sign-On How-to: Single Sign-On Document version: 1.02 nirva systems info@nirva-systems.com nirva-systems.com How-to: Single Sign-On - page 2 This document describes how to use the Single Sign-On (SSO) features

More information

Securing SQL Server. Protecting Your Database from. Second Edition. Attackers. Denny Cherry. Michael Cross. Technical Editor ELSEVIER

Securing SQL Server. Protecting Your Database from. Second Edition. Attackers. Denny Cherry. Michael Cross. Technical Editor ELSEVIER Securing SQL Server Second Edition Protecting Your Database from Attackers Denny Cherry Technical Editor Michael Cross AMSTERDAM BOSTON HEIDELBERG LONDON ELSEVIER NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Managing and Maintaining a Microsoft Windows Server 2003 Environment Managing and Maintaining a Microsoft Windows Server 2003 Environment Course 2273: Five days; Blended (classroom/e-learning) Introduction Elements of this syllabus are subject to change. This course combines

More information

Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer The (MBSA) checks computers running Microsoft Windows Server 2008 R2 for common security misconfigurations. The following are the scanning options selected for Cisco Unified ICM Real-Time Distributor running

More information

How to monitor AD security with MOM

How to monitor AD security with MOM How to monitor AD security with MOM A article about monitor Active Directory security with Microsoft Operations Manager 2005 Anders Bengtsson, MCSE http://www.momresources.org November 2006 (1) Table of

More information

DriveLock and Windows 8

DriveLock and Windows 8 Why alone is not enough CenterTools Software GmbH 2013 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise

More information

Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Controllers

Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Controllers Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Controllers Version 2.0 November 2007 Copyright 2007, The Center for Internet

More information

Windows Vista. Securing & Safe Computing PROTECTING YOUR PERSONAL COMPUTER FROM MALICIOUS THREATS

Windows Vista. Securing & Safe Computing PROTECTING YOUR PERSONAL COMPUTER FROM MALICIOUS THREATS Windows Vista Securing & Safe Computing PROTECTING YOUR PERSONAL COMPUTER FROM MALICIOUS THREATS Pre-Setup Notes As of August 12, 2009, all of the following procedures to secure the Windows Vista operating

More information

NetIQ Advanced Authentication Framework - Client. User's Guide. Version 5.1.0

NetIQ Advanced Authentication Framework - Client. User's Guide. Version 5.1.0 NetIQ Advanced Authentication Framework - Client User's Guide Version 5.1.0 Table of Contents 1 Table of Contents 2 Introduction 4 About This Document 4 NetIQ Advanced Authentication Framework Overview

More information

NETASQ SSO Agent Installation and deployment

NETASQ SSO Agent Installation and deployment NETASQ SSO Agent Installation and deployment Document version: 1.3 Reference: naentno_sso_agent Page 1 / 20 Copyright NETASQ 2013 General information 3 Principle 3 Requirements 3 Active Directory user

More information

Xerox DocuShare Security Features. Security White Paper

Xerox DocuShare Security Features. Security White Paper Xerox DocuShare Security Features Security White Paper Xerox DocuShare Security Features Businesses are increasingly concerned with protecting the security of their networks. Any application added to a

More information

Remote Administration

Remote Administration Windows Remote Desktop, page 1 pcanywhere, page 3 VNC, page 7 Windows Remote Desktop Remote Desktop permits users to remotely execute applications on Windows Server 2008 R2 from a range of devices over

More information

NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment

NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment Summary Duration Vendor Audience 5 Days Microsoft IT Professionals Published Level Technology 05 October 2005 200 Microsoft

More information

Secure . Administrator's Guide

Secure  . Administrator's Guide Secure E-mail Administrator's Guide February 2014 www.lexmark.com Contents 2 Contents Overview...3 Configuring Secure E-mail...4 Configuring TCP/IP settings...4 Configuring printer e-mail settings...4

More information

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10 Table Of Contents - - WINDOWS SERVER 2003 MAINTAINING AND MANAGING ENVIRONMENT...1 WINDOWS SERVER 2003 IMPLEMENTING, MANAGING & MAINTAINING...6 WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS

More information

Intel Entry Storage System SS4000-E

Intel Entry Storage System SS4000-E Intel Entry Storage System SS4000-E Software Release Notes March, 2006 Storage Systems Technical Marketing Revision History Intel Entry Storage System SS4000-E Revision History Revision Date Number 3 Mar

More information

SQL Server Hardening

SQL Server Hardening Considerations, page 1 SQL Server 2008 R2 Security Considerations, page 4 Considerations Top SQL Hardening Considerations Top SQL Hardening considerations: 1 Do not install SQL Server on an Active Directory

More information

Windows IIS Server hardening checklist

Windows IIS Server hardening checklist General Windows IIS Server hardening checklist By Michael Cobb Do not connect an IIS Server to the Internet until it is fully hardened. Place the server in a physically secure location. Do not install

More information

Configuring Virtual Blades

Configuring Virtual Blades CHAPTER 14 This chapter describes how to configure virtual blades, which are computer emulators that reside in a WAE or WAVE device. A virtual blade allows you to allocate WAE system resources for use

More information

Windows security for n00bs part 1 Security architecture & Access Control

Windows security for n00bs part 1 Security architecture & Access Control Grenoble INP Ensimag _ (in)security we trust _!! SecurIMAG 2011-05-12 Windows security for n00bs part 1 Security architecture & Access Control Description: whether you are in favor or against it, the Windows

More information

Windows Operating Systems. Basic Security

Windows Operating Systems. Basic Security Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System

More information

NETWRIX PASSWORD MANAGER

NETWRIX PASSWORD MANAGER NETWRIX PASSWORD MANAGER ADMINISTRATOR S GUIDE Product Version: 6.1 February/2012 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment

More information

Virto Password Reset Web Part for SharePoint. Release 3.1.0. Installation and User Guide

Virto Password Reset Web Part for SharePoint. Release 3.1.0. Installation and User Guide Virto Password Reset Web Part for SharePoint Release 3.1.0 Installation and User Guide 2 Table of Contents OVERVIEW... 3 SYSTEM REQUIREMENTS... 3 OPERATING SYSTEM... 3 SERVER... 3 BROWSER... 4 INSTALLATION...

More information

Technical Overview of Terminal Services

Technical Overview of Terminal Services Technical Overview of Terminal Services Microsoft Corporation Updated: January 2005 Abstract Windows Server 2003 includes the Terminal Services features of Windows 2000, the client and protocol enhancements

More information

DIRECTORY PASSWORD V1.2 Quick Start Guide

DIRECTORY PASSWORD V1.2 Quick Start Guide DIRECTORY PASSWORD V1.2 Quick Start Guide Directory Password is a self-service password reset / account unlock tool that is an optional add-on for Directory Update v2.5. Directory Update must be installed

More information

Tharo Systems, Inc. 2866 Nationwide Parkway P.O. Box 798 Brunswick, OH 44212 USA Tel: 330.273.4408 Fax: 330.225.0099

Tharo Systems, Inc. 2866 Nationwide Parkway P.O. Box 798 Brunswick, OH 44212 USA Tel: 330.273.4408 Fax: 330.225.0099 Introduction EASYLABEL 6 has several new features for saving the history of label formats. This history can include information about when label formats were edited and printed. In order to save this history,

More information

SIEMENS. Sven Lehmberg. ZT IK 3, Siemens CERT. Siemens AG 2000 Siemens CERT Team / 1

SIEMENS. Sven Lehmberg. ZT IK 3, Siemens CERT. Siemens AG 2000 Siemens CERT Team / 1 Sven Lehmberg / 1 Agenda Event Viewer and User Manager Analyzing Audit Logs Tools / 2 Auditing Step by Step Two important programs in NT 4.0 Event Viewer and User Manager User Manager for Domains / 3 /

More information

Configuring Security Features of Session Recording

Configuring Security Features of Session Recording Configuring Security Features of Session Recording Summary This article provides information about the security features of Citrix Session Recording and outlines the process of configuring Session Recording

More information

Entrust Managed Services PKI

Entrust Managed Services PKI Entrust Managed Services PKI Entrust Managed Services PKI Windows Smart Card Logon Configuration Guide Using Web-based applications Document issue: 1.0 Date of Issue: June 2009 Copyright 2009 Entrust.

More information

Managing Multi-Hypervisor Environments with vcenter Server

Managing Multi-Hypervisor Environments with vcenter Server Managing Multi-Hypervisor Environments with vcenter Server vcenter Server 5.1 vcenter Multi-Hypervisor Manager 1.0 This document supports the version of each product listed and supports all subsequent

More information

Password Manager Windows Desktop Client

Password Manager Windows Desktop Client Password Manager Windows Desktop Client EmpowerID provides an extension that allows organizations to plug into Password Manager to customize the Windows logon experience beyond that supplied by the standard

More information

Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers

Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers Windows Server 2003 Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Security Settings for Domain Member Servers Version 2.0 November 2007 Copyright 2007, The Center for

More information

Active Directory network protocols and traffic

Active Directory network protocols and traffic samba experience 2005 Göttingen, Germany 4 th May 2005 Active Directory network protocols and traffic Jean-Baptiste Marchand Jean-Baptiste Marchand Introduction Agenda Active

More information

Managing and Maintaining a Windows Server 2003 Network Environment

Managing and Maintaining a Windows Server 2003 Network Environment Managing and maintaining a Windows Server 2003 Network Environment. AIM This course provides students with knowledge and skills needed to Manage and Maintain a Windows Server 2003 Network Environment.

More information

Metalogix SharePoint Backup. Advanced Installation Guide. Publication Date: August 24, 2015

Metalogix SharePoint Backup. Advanced Installation Guide. Publication Date: August 24, 2015 Metalogix SharePoint Backup Publication Date: August 24, 2015 All Rights Reserved. This software is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this

More information

Desktop Web Access Single Sign-On Configuration Guide

Desktop Web Access Single Sign-On Configuration Guide Waypoint Global Suite Single Sign-On relies on establishing a relationship between a Windows network user identity and a Suite user (Windows Authentication). This is accomplished by assigning to each of

More information

Windows Advanced Audit Policy Configuration

Windows Advanced Audit Policy Configuration Windows Advanced Audit Policy Configuration EventTracker v7.x Publication Date: May 6, 2014 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com Abstract This document describes auditing

More information

Dell Active Administrator 7.5. User Guide

Dell Active Administrator 7.5. User Guide Dell Active Administrator 7.5 2015 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software

More information

Security Configuration Benchmark For. Microsoft Windows 7. Version 1.1.0 July 30 th 2010

Security Configuration Benchmark For. Microsoft Windows 7. Version 1.1.0 July 30 th 2010 Security Configuration Benchmark For Microsoft Windows 7 Version 1.1.0 July 30 th 2010 Copyright 2001-2010, The Center for Internet Security http://cisecurity.org feedback@cisecurity.org Background. CIS

More information

efolder BDR for Veeam Cloud Connection Guide

efolder BDR for Veeam Cloud Connection Guide efolder BDR for Veeam Cloud Connection Guide Setup Connect Preload Data uh6 efolder BDR Guide for Veeam Page 1 of 36 INTRODUCTION Thank you for choosing the efolder Cloud for Veeam. Using the efolder Cloud

More information

Security IIS Service Lesson 6

Security IIS Service Lesson 6 Security IIS Service Lesson 6 Skills Matrix Technology Skill Objective Domain Objective # Configuring Certificates Configure SSL security 3.6 Assigning Standard and Special NTFS Permissions Enabling and

More information

ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE CATALOG DESCRIPTION

ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE CATALOG DESCRIPTION ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE COURSE: Windows 2003 Server COURSE NO: CSI 265 CREDIT HOURS: 3 hours of lecture weekly DEPARTMENT: CATALOG DESCRIPTION CSI 265 Windows 2003

More information

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Windows Server 2008 (Domain Member Servers and Domain Controllers)

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Windows Server 2008 (Domain Member Servers and Domain Controllers) Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 (Domain Member Servers and Domain Controllers) Symantec Enterprise Security Manager Baseline Policy

More information