Index - Windows Server 2003 Network Security Design Study Guide (Exam 70-298) [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Windows Server 2003 Network Security Design Study Guide (Exam 70-298) [Electronic resources] - نسخه متنی

Brian Reisman, Mitch Ruebush

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
توضیحات
افزودن یادداشت جدید










Index




A






access control design for network resources, 158–192,


See also security analysis


access control, defined, 158


access control entries, 159


access control lists, 158–159


Active Directory objects,


See also permissions


access tokens, 159–160


delegation of control, 167–168


design scenarios, 163–164, 165–166


group access, 164–166


overview, 159–160


permissions, 161–164, 166–167


real world scenarios, 162, 165


security descriptors, 159–160


availability statements, 9


case study, 187–189


case study answers, 192


case study questions, 190–191


exam essentials, 182


files and folders


audit policies, 174–177, 178


audit review procedures, 178


backup and recovery, 179–181


design scenarios, 172, 178


file encryption, 173–174, 173


NTFS permissions, 169, 171–172


overview, 19


real world scenario, 176


Share permissions, 169–172, 171


key terms, 182


object ownership and, 158


overview, 19, 158, 181


permission inheritance and, 159


permissions assigned to objects and, 158


review question answers, 186


review questions, 183–185


security descriptors, 158–159


Windows Registry, 174, 175




access to operating systems, restricting,


See also client


design scenario, 338, 341


via administrative templates, 338–341, 339–340


via predefined groups, 336–338


access points, 99


access points, designing open, 105, 105


Account Mappings dialog box, 263, 264


ACEs (access control entries), 159


ACLs (access control lists), 158–159, 244


Active Directory,


See also authentication design


OU/Group Policy model for clients,


See also client


based on computer function, 326, 327


based on computer type, 326, 326


based on operating system, 325–326, 325


design scenario, 328–329


filtering GPO application, 327, 327


overview, 324–325, 328


storing certificates in, 217


ad hoc mode of communication, 99


administrative accounts, 131, 133


administrative templates, 338–341, 339–340


Advanced Attributes dialog box, 173, 173


AG(G)DLP permission assignments, 134–135


AG(G)UDLP permission assignments, 164


AH (Authenticated Header) headers, 75


anonymous access in IIS, 259


Application Layer Gateway service, 250


Application Management service, 250


Application Server dialog box, 254–255, 254, 256


ASP.NET forms-based authentication, 261–262


ASP.NET service, 254, 257


assets at risk, 2–3


attacks. See security threats


auditing


audit data locations, 177


audit statements, 177


certificate authorities, 218, 221–224, 222


before defining baselines, 289–290


designing audit policies


and audit review procedures, 178


for client security, 330


design scenario, 178


for IIS security, 268–269, 269


for network resource access, 176–177


importance of, 174–175


overview, 18


real world scenario, 176


Registry access, 222


remote management tool use, 375


resources to audit, 177


security update patches, 352–354, 353




authenticating users on websites,


See also IIS


ASP.NET forms-based authentication, 261–262


certificate authentication, 262–264, 263–264


IIS authentication methods


anonymous access, 259


basic authentication, 259


design scenario, 261


digest authentication, 260


integrated Windows authentication, 260


Microsoft .NET Passport authentication, 260


overview, 258


setting, 258, 259


overview, 257–258


RADIUS authentication, 264–265


authentication,


See also network


defined, 120, 158


in demand-dial routing, 94–96


MMC snap-ins and, 381


in remote management, 373–374


in securing VPNs, 89–90


in smart cards, 217


authentication design for Active Directory, 120–156


analyzing account/password requirements


account scope, 134


administrative accounts, 131, 133


design scenarios, 136, 138, 141


external accounts, 131, 133


group membership, 134–135


internal accounts, 131, 133


overview, 131


permissions assignment, 134


Principle of Least Privilege and, 135, 136


setting account password policies, 137, 139–141


user rights assignment, 133, 133


vulnerabilities, 135–137


authentication requirements, 124–126


case study, 148–151


case study answers, 155–156


case study questions, 152–154


client authentication, 128–129


design scenarios, 125, 128–129, 132


exam essentials, 142


forest/domain trust models, 127, 129–131, 130, 132


key terms, 142


overview, 120, 124, 141–142


real world scenarios, 122–124


review question answers, 146–147


review questions, 143–145


selecting authentication protocols, 126–127


vulnerabilities


compatibility, 124


encryption, 124


evaluating cost of, 137, 138


excessive privileges, 136


passwords, 121–124, 122, 135, 137


Authentication Methods dialog box, 258, 259


authentication policy, 9


authentication protocols


in demand-dial routing, 95–96


for local area networks, 126–127


in remote access infrastructures, 83–86


in wireless networks, 103–104, 103–104


authorization, 120, 158


Authorization Manager, 246–247



/ 168