Windows Server 2003 Security: A Technical Reference
Praise for Windows Server 2003 Security
An Unusual Approach to Production
Chapter 1. Principles of Information Security
Principle Number One: There Is No Such Thing as a Secure Computer
Classic Security Principles: Confidentiality, Integrity, and Accounting
Corollaries: Principles That Spring from the Classics
Part II: Securing the Server Itself
Chapter 2. Authentication: Proof of Identity
Network Authentication Processes
Computer Accounts and Authentication Controls
Authentication Management via Group Policy
Forest and Interforest Authentication
Best Practices for Securing Authentication
Chapter 3. Authorization-Limiting System Access and Controlling User Behavior
Windows Security Architecture and the Authorization Process
Rights, Privileges, and Permissions
Using Object Permissions to Control Access
Rule-Based Versus Role-Based Access Control Systems
Default Operating System User Roles
Authorization Using Security Options and Registry Settings
Protect the Account Database with Syskey
Chapter 4. Restricting Access to Software; Restricting Software's Access to Resources
Authorization Manager Framework
Securing COM, COM+, and DCOM Applications Using Component Services
Chapter 5. Controlling Access to Data
Controlling Access to Files and Folders Using NTFS Permissions
Controlling Access to Web Folders Using WebDAV
Controlling Access to Registry Keys
What Is the Encrypting File System?
Implementation Differences Between Windows Versions
Effect of Normal Operations on Encrypted Files
Avoiding Data Loss-Planning for Recovery
Part III: Securing Domain Services
Chapter 7. Active Directory's Role in Domain Security
Active Directory: Organization, Structure, and Function
Active Directory Installation: Changes During dcpromo
Managing Computers and Users Using Active Directory
Difference in Managing Windows 2000 GPOs
Best Practices for Group Policy
New Trust Features in Windows Server 2003
External Trust Creation Procedures
Group Policy in Forest and Multiforest Scenarios
Piercing Security Boundaries-The Ultimate Forest Design Issue
Chapter 9. Troubleshooting Group Policy
Determining If the Policy Has Been Applied
Determine If the Group Policy Design Is Correctly Implemented
Troubleshooting Networking Problems
Troubleshooting Active Directory and FRS Replication
Troubleshooting Group Policy Object Design
Chapter 10. Securing Active Directory
Physically Secure Domain Controllers
Establish Security Configuration
Additional Security Configuration
Establish Secure Administration Practices
Deploying Secure Domain Controllers
Chapter 11. Securing Infrastructure Roles
How to Use Security Templates to Secure Computers by Role
Part IV: Public Key Infrastructure
PKI Architecture in Windows Server 2003
Certificate Services Processing
Chapter 13. Implementing a Secure PKI
Install and Configure a Subordinate CA
Use Custom Templates to Configure Key Archival for EFS
Part V: Securing the Virtual Network
Chapter 14. Securing Remote Access
Securing Traditional Remote Access Portals
Securing Wireless Access Using IAS
Securing Web ServerBased Access to Internal Resources
Chapter 15. Protecting Data in Flight
Use Server Message Block Signing
Use Internet Protocol Security Policies
Part VI: Maintenance and Recovery
Chapter 16. Maintenance Strategies and Administrative Practices
Maintenance Strategies for Change Management
Maintenance Strategies for Patch Management
Chapter 17. Basics of Data Backup and Restore
Backup Policy, Standards, and Procedures
Reanimating Users from the Deleted Objects Store
Certification Authority Backup
Part VII: Monitoring and Audit
Establishing a Windows Server 2003 Audit Policy for the Forest
Auditing the Standalone Windows Server 2003 Computer
Auditing Server Applications and Services
Auditing Security Controls: Policy Compliance, Vulnerability Assessment, and Pen Testing
Auditing Policy, Standards, and Procedures
Auditing Outsiders: The Impact of Others on Your Organization's Information Security
Chapter 19. Monitoring and Assessment
Monitor Active Directory and Group Policy