Professional Windows Server 1002003 Security A Technical Reference [Electronic resources] نسخه متنی
لطفا منتظر باشید ...
Windows Server 2003 Security: A Technical ReferenceBy
Table of Contents
| Index
Copyright
Praise for Windows Server 2003 Security
Acknowledgments
About the Author
About the Technical Editor
Preface
Should You Buy This Book?
What''''s Inside and What''''s Not
An Unusual Approach to Production
Bibliography
Part I.
Security Basics
Chapter 1.
Principles of Information Security
Principle Number One: There Is No Such Thing as a Secure Computer
Classic Security Principles: Confidentiality, Integrity, and Accounting
Corollaries: Principles That Spring from the Classics
Part II.
Securing the Server Itself
Chapter 2.
Authentication: Proof of Identity
Logon Process
Network Authentication Processes
Windows Time Service
Computer Accounts and Authentication Controls
Anonymous Access
Authentication Management via Group Policy
Forest and Interforest Authentication
Best Practices for Securing Authentication
Summary
Chapter 3.
AuthorizationLimiting System Access and Controlling User Behavior
Windows Security Architecture and the Authorization Process
Rights, Privileges, and Permissions
Using Object Permissions to Control Access
Rule-Based Versus Role-Based Access Control Systems
Default Operating System User Roles
Creating Custom Roles
Creating Custom Group Roles
The Access Control Process
Authorization Using Security Options and Registry Settings
Computer Roles
Anonymous Access
Protect the Account Database with Syskey
Summary
Chapter 4.
Restricting Access to Software; Restricting Software''''s Access to Resources
Authorization Manager Framework
Software Restriction Policies
Securing COM, COM+, and DCOM Applications Using Component Services
Summary
Chapter 5.
Controlling Access to Data
Controlling Access to Files and Folders Using NTFS Permissions
Controlling Access to Shares
Controlling Access to Web Folders Using WebDAV
Controlling Access to Registry Keys
Practical Deployment Issues
Summary
Chapter 6.
EFS Basics
What Is the Encrypting File System?
Implementation Differences Between Windows Versions
Basic Operations
Effect of Normal Operations on Encrypted Files
EFS Architecture
Avoiding Data LossPlanning for Recovery
Special Operations and Issues
Remote Storage
Sound Enterprise Strategies
Tools
Troubleshooting
Summary
Part III.
Securing Domain Services
Chapter 7.
Active Directory''''s Role in Domain Security
Active Directory and Security
Active Directory: Organization, Structure, and Function
Active Directory Installation: Changes During dcpromo
Managing Computers and Users Using Active Directory
Group Policy Tools
Difference in Managing Windows 2000 GPOs
Best Practices for Group Policy
Summary
Chapter 8.
Trust
New Trust Features in Windows Server 2003
Trust Types
Trust Relationships
External Trust Creation Procedures
Forest Trust
Group Policy in Forest and Multiforest Scenarios
Piercing Security BoundariesThe Ultimate Forest Design Issue
Best Practices for Trusts
Summary
Chapter 9.
Troubleshooting Group Policy
Determining If the Policy Has Been Applied
Determine If the Group Policy Design Is Correctly Implemented
Troubleshooting Networking Problems
Troubleshooting Active Directory and FRS Replication
Troubleshooting Group Policy Object Design
Monitor GPO Health
Summary
Chapter 10.
Securing Active Directory
Physically Secure Domain Controllers
Establish Security Configuration
Additional Security Configuration
Establish Secure Administration Practices
Deploying Secure Domain Controllers
Summary
Chapter 11.
Securing Infrastructure Roles
Security Templates
How to Use Security Templates to Secure Computers by Role
Apply Security Templates
Summary
Part IV.
Public Key Infrastructure
Chapter 12.
PKI Basics
Introduction to PKI
PKI Architecture in Windows Server 2003
Certificate Services Processing
Summary
Chapter 13.
Implementing a Secure PKI
Install an Offline Root CA
Install and Configure a Subordinate CA
Use Custom Templates to Configure Key Archival for EFS
Summary
Part V.
Securing the Virtual Network
Chapter 14.
Securing Remote Access
Securing Traditional Remote Access Portals
Securing Wireless Access Using IAS
Securing Web ServerBased Access to Internal Resources
Summary
Chapter 15.
Protecting Data in Flight
Use Server Message Block Signing
Use Session Security for NTLM
Use Internet Protocol Security Policies
Use Secure Sockets Layer
Use LDAP Server Signing
Summary
Part VI.
Maintenance and Recovery
Chapter 16.
Maintenance Strategies and Administrative Practices
Maintenance Strategies for Change Management
Maintenance Strategies for Patch Management
Management Practices
Summary
Chapter 17.
Basics of Data Backup and Restore
Backup Policy, Standards, and Procedures
How to Use Ntbackup
Automated Systems Recovery
Volume Shadow Copy Service
Miscellaneous Backup Tools
Reanimating Users from the Deleted Objects Store
Active Directory Restore
IIS Backup Process
Certification Authority Backup
Summary
Part VII.
Monitoring and Audit
Chapter 18.
Auditing
Establishing a Windows Server 2003 Audit Policy for the Forest
Auditing the Standalone Windows Server 2003 Computer
Auditing Server Applications and Services
Auditing Security Controls: Policy Compliance, Vulnerability Assessment, and Pen Testing
Auditing Physical Security
Auditing Policy, Standards, and Procedures
Reviewing Security Awareness
Auditing Outsiders: The Impact of Others on Your Organization''''s Information Security
Summary
Chapter 19.
Monitoring and Assessment
Establish Baselines
Monitor Basic Services
Monitor Active Directory and Group Policy
Monitor Event Logs
Introduction to Incident Response
Summary
Index