Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z] S4U2Self (Service-for-User-to-Self) extension, Kerberos 2nd 3rd SACL (System Access Control List)Safe Mode Software Restriction Policies SafeDllSerachMode setting (security baseline templates) SAM (Security Account Manager)SAM (security accounts manager) password hash storagescanning vunerabilities 2nd 3rd 4th 5th 6th 7th 8th 9th Schema Admins group forest-wide permissions Schema Master FSMOscope groups 2ndScope of Managements (SOMs) [See SOMs (Scope of Management)]scopes Authorization Manager 2nd 3rd 4th 5th 6th ScreenSaverGracePeriod setting (security baseline templates)scripts Authorization Scripts 2nd 3rd 4th 5th 6th 7th 8th 9th Scripts shutdown subfolder (GPO) Scripts startup subfolder (GPO) Scripts subfolder (GPO)secedit commandsecurity templates applying 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15thSecure Sockets Layer (SSL) [See communication;SSL (Secure Sockets Layer)] Securedc security template Securews security templatesecurity information security goal of 2nd 3rd principles 2nd attack surface reduction auditing 2nd 3rd availability complete mediation 2nd confidentiality 2nd 3rd 4th defense in depth 2nd 3rd diversity of mechanism 2nd economy of mechanism fail-safe defaults integrity 2nd 3rd least privilege 2nd open designs psychological acceptability 2nd relevance security policy separation of duties 2nd training and awareness Security Account Manager (SAM)security accounts manager (SAM) password hash storagesecurity areas (networks) segmenting security assessment security awarenesssecurity baseline configuration domain controllers 2ndsecurity boundaries (forests) trusts 2nd 3rd 4th 5th 6th 7th 8th 9th Security Descriptorssecurity filteringGPOs checking 2nd security groupssecurity identifier (SID) [See SID (security identifier)]security levelsCOM/COM+ applications setting 2ndSoftware Restriction Policies hacking levels 2nd 3rd setting 2ndsecurity logs monitoring security monitoring 2nd 3rd 4th 5th Active Directory 2nd 3rd dcdiag 2nd 3rd 4th Group Policy 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th replication 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th 28th 29th DHCP 2nd 3rd DNS 2nd 3rd 4th 5th 6th 7th 8th 9th 10th event logs 2nd 3rd 4th 5th 6th 7th Group Policy 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st dcdiag 2nd 3rd 4th replication 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th 28th 29th network connectivity 2nd 3rd 4th 5th 6th 7th 8th 9th 10th performance monitoring 2nd 3rd 4th 5th 6th 7th 8th 9th PKI (public key infrastructure) 2nd 3rd remote access 2nd 3rd 4th routing 2nd 3rd 4th shares 2nd 3rd Security Options 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th baseline templates 2nd 3rd 4th 5th 6th 7th 8th 9th 10th TCP/IP settings 2nd 3rd 4th Domain controllers 2nd 3rd 4th 5th establishing Security Options (Group Policy) Security permission (event logs)security policies implementingsecurity policy boundaries Active Directory 2ndsecurity principals anonymous access 2nd Security Principals (authorization) Security Reference Monitor (SRM) [See SRM (Security Reference Monitor)] Security Support Provider Interface (SSPI). SSPI (Security Support Provider Interface)Security Support Providers (SSP) [See SSP (Security Support Providers)]security template consoles creating security templates 2nd 3rd 4th 5th 6th 7th applying 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th baseline templates 2nd 3rd 4th 5th Account Policies 2nd categories dowloading reviewing Security Options 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th services 2nd 3rd 4th user rights 2nd 3rd 4thcomputer roles securing by 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th 28th 29th 30th 31st 32nd 33rd 34th 35th 36th 37th 38th 39th 40th 41st configuring 2nd 3rd creating 2nd 3rd default security templates 2ndGPOs importing into incremental templates 2nd 3rd 4th DHCP servers 2nd 3rd 4th DNS clients DNS servers 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th DNS zones downloading infrastructure servers 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd port blocking 2nd service accounts well-known account protection 2nd WINS servers modifying 2nd 3rd 4th 5th 6thpermissions setting 2nd testingtesting of hacking contests security updates 2nd 3rd 4th 5th non-Internet computerspatches Automatic Updates 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th directly applying Software Update Services 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th Windows Update Site 2nd 3rdproactive updates implementing 2nd 3rd 4threactive updates implementingsecurity vunerability announcements best practices security vuneralibility announcements Select Users or Groups dialog box 2nd selective authentication trusts 2nd self-signed certificates 2nd 3rd separation of duties security principle 2nd Server Operators groupserversDHCP servers securing 2nd 3rd 4thDNS servers securing 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14thdomain controllers promoting to 2nd 3rd 4th 5th 6th 7thinfrastructure servers securing 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rdinstalling as domain controllers 2nd 3rdnetwork authentication configuring for 2nd promoting to domain controller 2ndWINS servers securingservice accountssecuring incremental templatesservice administration secure configuration 2nd 3rd service logons Service ticket (Kerberos) Service-for-User-to-Self (S4U2Self) extension, Kerberos 2nd 3rdservices baseline templates 2nd 3rd 4th locking down servicessession security NTLM NTLMv2 2nd 3rd Set Value permission (registry) Setup security template Shadow Copy volumes 2nd 3rd command-line administration creating 2nd 3rd 4th 5th 6th 7th 8th restoring 2nd 3rdshared folders Shadow Copy volumes 2nd 3rd command-line administration creating 2nd 3rd 4th 5th 6th 7th 8th restoring 2nd 3rd shares 2nd 3rdanonymous access limiting best practices 2nd creating 2nd 3rd 4th 5th 6th 7th default permissions 2nd 3rd 4th default shares 2nd 3rd File and Printer Sharing mode 2nd 3rdpermissions combining 2nd remote administration security monitoring 2nd 3rdSMB shares remote storage 2ndsharingencrypted files EFS 2nd 3rd 4th 5th shortcut trusts 2nd 3rd 4th 5th 6thSID relative identifiers well-known SIDs SID (security identifier) SIDs filtering 2nd 3rdwell-known SIDs anonymous access 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14thsigning (message) SMB (server message block) signing 2nd 3rdsigning (server) LDAP 2nd 3rdsilent decryption EFS (Encrypting File System) Simple Certificate Enrollment Protocol (SCEP) Add on for Certificate Servicessingle (symmetric) key encryption EFS (Encrypting File System) 2nd 3rd 4th 5th 6th 7th 8th 9thsites Active Directory 2ndsmall officesdomain controllers physical security 2nd 3rd 4th 5th 6th 7thsmart cards authentication 2nd Certificate Services 2ndSMBWebDAV compared SMB (server message block) signing 2nd 3rdSMB shares remote storage 2ndSMB signing requiring SMS (Systems Management Server)softwareauthorization Authorization Manager 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th 28th 29th 30th 31st 32nd 33rd 34th 35th 36th 37th 38th 39th 40th 41st 42nd 43rd 44th 45th 46th 47th 48th 49th 50th 51st 52nd 53rd 54th 55th 56th 57th 58th 59th 60th 61st 62nd 63rd 64th 65th 66th 67th 68th Component Services 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th Software Restriction Policy 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th 28th 29th 30th 31st 32nd 33rd 34th 35th 36th 37th 38th 39th 40th 41st 42nd 43rd 44th 45th 46th 47th 48th 49th 50th 51st 52nd 53rd 54th 55th 56th 57th 58th 59th 60th 61stcryptographic software Federal Information Processing Standard (FIPS) 140-1 legacy application permissions 2nd 3rd 4th Software Restriction Policies 2nd 3rd 4th 5th 6thanti-virus protection compared automatic path rules best practices 2nd 3rdCOM+ applications setting 2nd 3rd creating 2nd 3rddesignated file types establishing 2nd 3rdenforcement determining 2nd 3rd examplesoftware restriction policies Group PolicySoftware Restriction Policies limitations 2nd 3rd Local Security Policyrules certificate rules 2nd 3rd creating 2nd 3rd 4th 5th hash rules 2nd 3rd 4th 5th Internet zone rules 2nd path rules 2nd 3rd 4th 5th registry rules 2nd 3rd 4th 5th Safe Modesecurity levels hacking levels 2nd 3rd setting 2nd troubleshooting 2nd 3rd trusted publishers 2nd 3rd Software Update Services 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th SOMs (Scope of Management)sonarFRS functionality checking 2ndSonarFRS traffic levels monitoring 2nd 3rd 4thspoofsSID spoofs catching 2nd 3rdSPOOLSS named pipe anonymous accessSQLnamed pipe anonymous access SRM (Security Reference Monitor) 2nd SRV (Service Locator) resource records (DNS) 2nd SSL 2nd 3rd 4th (Secure Sockets Layer)implementing IIS 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11thSSP (Security Support Providers) SSPI (Security Support Provider Interface)standalone root CAs configuring 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th Standalone Root Certification Authoritystandalone servers built-in groupsgroups managing 2nd 3rd 4th 5th 6th 7th 8th 9thusers managing 2nd 3rd 4th 5th 6th 7th 8th 9th Standalone Subordinate Certification Authoritystandar template types certificate templatesstandards auditing backups Startup Key dialog boxstartup mode basline template services Store password using reversible encryption user account restriction Store passwords using reversible encryption option (Password Policy)subfolders GPOssubordinate CAsautoenrollment configuring 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th configuring 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th installing 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th 28th 29throle separations establishing 2nd 3rd 4th 5th 6thsuperceding certificate templates 2ndSupport Tools group (Windows 2003 Server installation CD)Group Policy troubleshootingSUS serversAutomatic Update clients configuring 2nd 3rd 4th configuring 2nd 3rd 4th 5th 6th hierarchies 2nd 3rd installing 2nd 3rd 4th 5th 6th 7th 8thoffline SUS servers preparing 2nd securing 2ndsymmetric (single) key encryption EFS (Encrypting File System) 2nd 3rd 4th 5th 6th 7th 8th 9th symmetric key cryptographypublic key cryptography compared SynAttackProtect setting (security baseline templates)synchronization external timeservers 2nd 3rd 4th 5th 6thsynchronization (time) trust relationships Synchronize file/folder permission (NTFS) Syskey syskeySyskeyaccount database protecting 2nd 3rd 4th 5thsyskey configuring startingSystem Access Control List (SACL) [See SACL (System Access Control List)] System File Checker System log permission (event logs)System Restore EFS (Encrypting File System)system services domain controllers 2nd 3rd system services (Group Policy)system state backups ntbackup tool 2nd 3rd 4th system user accountssystems state backups restoring 2nd Sysvol share |