لطفا منتظر باشید ...
If you''''re a working Windows administrator, security is your #1
challenge. Now there''''s a single-source reference you can rely on
for authoritative, independent help with every Windows Server
security feature, tool, and option: Windows Server 2003
SecurityRenowned Windows security expert Roberta Bragg has brought
together information that was formerly scattered through dozens of
books and hundreds of online sources. She goes beyond facts and
procedures, sharing powerful insights drawn from decades in IT
administration and security. You''''ll find expert implementation tips
and realistic best practices for every Windows environment, from
workgroup servers to global domain architectures. Learn how to:
Reflect the core principles of information security throughout
your plans and processes
Establish effective authentication and passwords
Restrict access to servers, application software, and
data
Make the most of the Encrypting File System (EFS)
Use Active Directory''''s security features and secure Active
Directory itself
Develop, implement, and troubleshoot group policies
Deploy a secure Public Key Infrastructure (PKI)
Secure remote access using VPNs via IPSec, SSL, SMB
signing,
LDAP signing, and more
Audit and monitor your systems, detect intrusions, and respond
appropriately
Maintain security and protect business continuity on an ongoing
basis"Once again, Roberta Bragg proves why she is a leading authority
in the security field! It''''s clear that Roberta has had a great deal
of experience in real-world security design and implementation. I''''m
grateful that this book provides clarity on what is often a
baffling subject!"James I. Conrad, MCSE 2003, Server+, Certified Ethical
Hacker
James@accusource.net"Full of relevant and insightful information. Certain to be a
staple reference book for anyone dealing with Windows Server 2003
security. Roberta Bragg''''s Windows Server 2003 Security is a
MUST read for anyone administering Windows Server 2003."Philip Cox, Consultant, SystemExperts Corporation
phil.cox@systemexperts.com"Few people in the security world understand and appreciate
every aspect of network security like Roberta Bragg. She is as
formidable a security mind as I have ever met, and this is
augmented by her ability to communicate the concepts clearly,
concisely, and with a rapier wit. I have enjoyed working with
Roberta more than I have on any of the other 20 some odd books to
which I have contributed. She is a giant in the field of network
security."Bob Reinsch
bob.reinsch@fosstraining.com"Windows Server 2003 Security explains why you should do
things and then tells you how to do it! It is a comprehensive guide
to Windows security that provides the information you need to
secure your systems. Read it and apply the information."Richard Siddaway, MCSE
rsiddaw@hotmail.com"Ms. Bragg''''s latest book is both easy to read and technically
accurate. It will be a valuable resource for network administrators
and anyone else dealing with Windows Server 2003 security."Michael VonTungeln, MCSE, CTT
mvontung@yahoo.com"I subscribe to a number of newsletters that Roberta Bragg
writes and I have ''''always'''' found her writing to be perfectly
focused on issues I ''''need'''' to know in my workplace when dealing
with my users. Her concise writing style and simple solutions bring
me back to her columns time after time. When I heard she had
written a guide on Windows 2003 security, I ''''had'''' to have it.Following her guidance on deployment, her advice on avoiding
common pitfalls, and her easy to follow guidelines on how to lock
down my network and user environments (those darned users!) has me
(and my clients) much more comfortable with our Win2k3 Server
deployments. From AD to GPO''''s to EFS, this book covers it all."Robert Laposta, MCP, MCSA, MCSE, Io Network Services, Sierra
Vista
AZrob.laposta@cox.net"Roberta Bragg has developed a ''''must have'''' manual for
administrators who manage Microsoft Windows 2003 servers in their
organizations. The best practices for strengthening security
controls are well organized with practical examples shared
throughout the book. If you work with Windows 2003, you need this
great resource."Harry L. Waldron, CPCU, CCP, AAI, Microsoft MVP - Windows
Security Information Technology Consultant
harrywaldronmvp@yahoo.com"Roberta Bragg''''s Windows Server 2003 Security offers more
than just lucid coverage of how things work, but also offers sound
advice on how to make them work better."Chris Quirk; MVP Windows shell/user
cquirke@mvps.org"This book is an invaluable resource for anyone concerned about
the security of Windows Server 2003. Despite the amount and
complexity of the material presented, Roberta delivers very
readable and clear coverage on most of the security-related aspects
of Microsoft''''s flagship operative system. Highly recommended
reading!"Valery Pryamikov, Security MVP, Harper Security Consulting
valery.pryamikov@harper.no"As long as you have something to do with Windows 2003, I have
four words for you: ''''Order your copy now.''''"Bernard Cheah, Microsoft IIS MVP, Infra Architect, Intel
Corp.
bernard@mvps.org"Roberta Bragg has developed a ''''must have'''' manual for
administrators who manage Microsoft Windows 2003 servers in their
organizations. The best practices for strengthening security
controls are well organized, with practical examples shared
throughout the book. If you work with Windows 2003, you need this
great resource."Harry L. Waldron
CPCU, CCP, AAI Microsoft MVPWindows Security Information
Technology Consultant
Windows Server 2003 Security: A Technical ReferenceBy Table of Contents
| Index
CopyrightPraise for Windows Server 2003 SecurityAcknowledgmentsAbout the AuthorAbout the Technical EditorPrefaceShould You Buy This Book?What''''s Inside and What''''s NotAn Unusual Approach to ProductionBibliographyPart I. Security Basics
Chapter 1.
Principles of Information Security
Principle Number One: There Is No Such Thing as a Secure ComputerClassic Security Principles: Confidentiality, Integrity, and AccountingCorollaries: Principles That Spring from the ClassicsPart II. Securing the Server Itself
Chapter 2.
Authentication: Proof of Identity
Logon ProcessNetwork Authentication ProcessesWindows Time ServiceComputer Accounts and Authentication ControlsAnonymous AccessAuthentication Management via Group PolicyForest and Interforest AuthenticationBest Practices for Securing AuthenticationSummaryChapter 3.
AuthorizationLimiting System Access and Controlling User Behavior
Windows Security Architecture and the Authorization ProcessRights, Privileges, and PermissionsUsing Object Permissions to Control AccessRule-Based Versus Role-Based Access Control SystemsDefault Operating System User RolesCreating Custom RolesCreating Custom Group RolesThe Access Control ProcessAuthorization Using Security Options and Registry SettingsComputer RolesAnonymous AccessProtect the Account Database with SyskeySummaryChapter 4.
Restricting Access to Software; Restricting Software''''s Access to Resources
Authorization Manager FrameworkSoftware Restriction PoliciesSecuring COM, COM+, and DCOM Applications Using Component ServicesSummaryChapter 5.
Controlling Access to Data
Controlling Access to Files and Folders Using NTFS PermissionsControlling Access to SharesControlling Access to Web Folders Using WebDAVControlling Access to Registry KeysPractical Deployment IssuesSummaryChapter 6.
EFS Basics
What Is the Encrypting File System?Implementation Differences Between Windows VersionsBasic OperationsEffect of Normal Operations on Encrypted FilesEFS ArchitectureAvoiding Data LossPlanning for RecoverySpecial Operations and IssuesRemote StorageSound Enterprise StrategiesToolsTroubleshootingSummaryPart III. Securing Domain Services
Chapter 7.
Active Directory''''s Role in Domain Security
Active Directory and SecurityActive Directory: Organization, Structure, and FunctionActive Directory Installation: Changes During dcpromoManaging Computers and Users Using Active DirectoryGroup Policy ToolsDifference in Managing Windows 2000 GPOsBest Practices for Group PolicySummaryChapter 8.
Trust
New Trust Features in Windows Server 2003Trust TypesTrust RelationshipsExternal Trust Creation ProceduresForest TrustGroup Policy in Forest and Multiforest ScenariosPiercing Security BoundariesThe Ultimate Forest Design IssueBest Practices for TrustsSummaryChapter 9.
Troubleshooting Group Policy
Determining If the Policy Has Been AppliedDetermine If the Group Policy Design Is Correctly ImplementedTroubleshooting Networking ProblemsTroubleshooting Active Directory and FRS ReplicationTroubleshooting Group Policy Object DesignMonitor GPO HealthSummaryChapter 10.
Securing Active Directory
Physically Secure Domain ControllersEstablish Security ConfigurationAdditional Security ConfigurationEstablish Secure Administration PracticesDeploying Secure Domain ControllersSummaryChapter 11.
Securing Infrastructure Roles
Security TemplatesHow to Use Security Templates to Secure Computers by RoleApply Security TemplatesSummaryPart IV. Public Key Infrastructure
Chapter 12.
PKI Basics
Introduction to PKIPKI Architecture in Windows Server 2003Certificate Services ProcessingSummaryChapter 13.
Implementing a Secure PKI
Install an Offline Root CAInstall and Configure a Subordinate CAUse Custom Templates to Configure Key Archival for EFSSummaryPart V. Securing the Virtual Network
Chapter 14.
Securing Remote Access
Securing Traditional Remote Access PortalsSecuring Wireless Access Using IASSecuring Web ServerBased Access to Internal ResourcesSummaryChapter 15.
Protecting Data in Flight
Use Server Message Block SigningUse Session Security for NTLMUse Internet Protocol Security PoliciesUse Secure Sockets LayerUse LDAP Server SigningSummaryPart VI. Maintenance and Recovery
Chapter 16.
Maintenance Strategies and Administrative Practices
Maintenance Strategies for Change ManagementMaintenance Strategies for Patch ManagementManagement PracticesSummaryChapter 17.
Basics of Data Backup and Restore
Backup Policy, Standards, and ProceduresHow to Use NtbackupAutomated Systems RecoveryVolume Shadow Copy ServiceMiscellaneous Backup ToolsReanimating Users from the Deleted Objects StoreActive Directory RestoreIIS Backup ProcessCertification Authority BackupSummaryPart VII. Monitoring and Audit
Chapter 18.
Auditing
Establishing a Windows Server 2003 Audit Policy for the ForestAuditing the Standalone Windows Server 2003 ComputerAuditing Server Applications and ServicesAuditing Security Controls: Policy Compliance, Vulnerability Assessment, and Pen TestingAuditing Physical SecurityAuditing Policy, Standards, and ProceduresReviewing Security AwarenessAuditing Outsiders: The Impact of Others on Your Organization''''s Information SecuritySummaryChapter 19.
Monitoring and Assessment
Establish BaselinesMonitor Basic ServicesMonitor Active Directory and Group PolicyMonitor Event LogsIntroduction to Incident ResponseSummaryIndex
