Index - MCSE Designing Security for a Windows Server 2003 Network Exam 70-298 Study Guide [Electronic resources] نسخه متنی

Index

N

name, CA, 174–175

namespace, DNS, 295–296

naming conventions, 522–523, 646

NAT. see Network Address Translation

Native mode, 494, 495

NAT-T (Network Address Translation traversal), 281

Negotiate security, 276

nesting groups, 493–494, 524–525

NetIQ Security Manager, 216

Netscape Communications Corporation, 304

netsh command-line utility, 668

netsh ipsec dynamic mode, 273

netsh ipsec static importpolicy command, 277

netsh ipsec static mode, 273

netsh ras add registeredserver command, 412

netsh.exe command

to configure IPSec policy, 285

has IPSec contect, 281

IPSec context, 272–273

for IPSec driver, 280

for IPSec driver state, 279

for IPSec policy, 276

network “audit” tools, 315

Network Access Quarantine Control

getting started with, 674

overview of, 673

remote access and, 670

Server 2003, 439

Network Address Translation (NAT)

L2TP and, 447

Server 2003 and, 447

Network Address Translation traversal (NAT-T), 281

network baseline, 27

network communications. see Virtual Private Networks

network framework

business requirements analysis, 3–13

design overview, 2

security incidents, responding to, 26–31

technical constraints, analyzing, 31–38

threat prediction, 13–26

network infrastructure security

attacks, types of, 247–249

data transmission security, designing, 303–313

DNS clients, 303

DNS namespace, 295–296

DNS resource records, 302–303

DNS, securing, 293–295

DNS Server Service, 297–300

DNS zones, 300–302

elements of, 243

important points for, 340–341

IP filtering, designing, 289–293

IPSec modes, 256–257

IPSec overview, 251

IPSec policies, applying, 273–284

IPSec policies, default, 264–273

IPSec policies, designing, 284–289

IPSec process, 263–264

IPSec protocols, 257–263

IPSec security associations, 252–256

overview of, 242

physical security, 342

PKI and RADIUS/IAS, 319–321

risk for network services, assessing, 249–251

steps for, 243–247

wireless access infrastructure, 336–338

wireless networks, authentication for, 328–336

wireless networks security, designing, 313–316

wireless networks, threats to, 317–318

WLAN network infrastructure, 321–328

of WLAN, designing, 321–328

network infrastructure servers, 118–119

Network Interface Card (NIC), 414

network management process

administrative tools, securing, 200–208

administrators and, 195–200

EMS, designing security for, 208–210

overview of, 194–195, 231

security update infrastructure, 210–217

trust relationships, 217–230

Network Monitor, 42

Network News Transfer Protocol (NNTP), 384

network services

post-attack recovery, 31

risk assessment, 249–251

securing. see network infrastructure security

network switches, 312

network traffic security, RAS, 126

network trust hierarchy

for CAs, 164–165, 189

root CA and, 188

networks

addressing risks to, 23–25

authentication, 641–645

communication security overview, 411

extranets, 443

policy management of, 200

resources, providing access to, 662

routing between internal, 442

segmented networks, 313

Next Header, 261, 262

NIC (Network Interface Card), 414

Nimda worm, 21

NNTP (Network News Transfer Protocol), 384

No Terminal Server User SID template, 63

nonrepudiation, 153

nontechnical attacks, 20

nontransitive trust, 221

normal backup, 593

notssid.inf template, 63

NT Lan Manager (NTLM) authentication, 57–59, 367–368, 648–650, 672

NT Lan Manager (NTLM) v2, 46, 74

NTFS file system

access control and, 509

for CA, 190

on DNS servers, 300

EFS and, 553

on file/print/member servers, 123

on IIS, 116

Server 2003 upgrades and, 406

NTFS permissions

access control lists and, 496

access control security with, 455, 456

Ntldr, 604

NTLM. see NT Lan Manager

Ntoskrnl.exe, 604

numbered connections, 421–422