List of Scenarios

Chapter 1: Analyzing Security Policies, Procedures, and Requirements

Design Scenario: Analyzing Security Risks

Real World Scenario: Adjusting Security Policies to Comply with Government Regulations

Real World Scenario: Pencils and Server Room Doors

Design Scenario: Analyzing Security Policies and Procedures

Design Scenario: Analyzing the Requirements for Securing Data

Real World Scenario: Exchange 2000 and Active Directory Distribution List

Design Scenario: Technical Constraints when Designing Security

Chapter 2: Identifying and Designing for Potential Security Threats

Design Scenario: Predicting Internal Threats to Your Network

Design Scenario: Predicting External Threats to Your Network

Real World Scenario: A Incident Response Procedure Will Prevent Mistakes

Design Scenario: Designing a Response to an Incident

Real World Scenario: Recovering Services by Making Hard Decisions

Real World Scenario: The Importance of Perimeter Security

Design Scenario: Segmenting Networks for Security

Chapter 3: Designing Network Infrastructure Security

Design Scenario: Designing for SSL on a Windows Server 2003 Network

Design Scenario: Designing for PPTP on a Windows Server 2003 Network

Real World Scenario: A W32.Slammer Worm Attack Prevented Because of Filters

Design Scenario: Designing for Filtering

Design Scenario: Choosing an Authentication Strategy

Design Scenario: Designing a VPN Solution

Design Scenario: Designing a Demand-Dial Solution for a Branch Office

Design Scenario: Designing a Connection Strategy with an External Organization

Design Scenario: Designing Wireless Security

Chapter 4: Designing an Authentication Strategy for Active Directory

Real World Scenario: Cleartext Passwords Across a Network.

Real World Scenario: Stored Credentials Are Easy to Exploit

Design Scenario: Evaluating Windows Authentication Methods

Design Scenario: Designing Client Authentication

Design Scenario: Designing Trust Models

Design Scenario: Analyzing Accounts

Design Scenario: Analyzing Account Risks by Cost Analysis

Design Scenario: Analyzing and Securing Accounts with Account Policies

Chapter 5: Designing an Access Control Strategy for Network Resources

Real World Scenario: Avoiding Deny Permissions

Design Scenario: Designing an Access Control Strategy for Active Directory Objects

Real World Scenario: Taking Advantage of Universal Groups

Design Scenario: Planning an Appropriate Group Strategy

Design Scenario: Delegating Permissions

Design Scenario: Designing an Access Control Strategy for Files and Folders

Real World Scenario: Preventing Internal Attacks through Auditing

Design Scenario: Designing an Audit Policy

Chapter 6: Designing a Public Key Infrastructure with Certificate Services

Design Scenario: Choosing Where to Host Certificates

Design Scenario: Choosing a CA Hierarchy

Real World Scenario: Establishing a Cross-Certificate Trust

Design Scenario: Designing an Enrollment and Distribution Strategy

Design Scenario: Designing a Renewing and Revocation Strategy

Design Scenario: Designing Security for a CA

Chapter 7: Designing Security for Internet Information Services

Design Scenario: Designing a Baseline Based on Business Requirements

Real World Scenario: Code Red Worm

Design Scenario: Designing for Minimum Services with IIS

Design Scenario: Designing an Authentication Strategy with IIS Authentication

Design Scenario: Designing an Authentication Strategy with Forms-Based Authentication

Design Scenario: Designing an Authentication Strategy with Certificate Authentication

Design Scenario: Designing an Authentication Strategy with RADIUS

Design Scenario: Designing a Monitoring and Auditing Strategy for IIS

Design Scenario: Designing a Content Update Strategy

Chapter 8: Designing Security for Servers with Specific Roles

Design Scenario: Determining the Security Environment

Design Scenario: Defining Custom Templates for Servers with Specific Roles

Real World Scenario: Preventing Attacks by Securing DNS Updates

Design Scenario: Securing the DNS Infrastructure

Chapter 9: Designing an Infrastructure for Updating Computers

Design Scenario: Designing an OU Model

Design Scenario: Designing Software Restriction Policies

Design Scenario: Using Groups to Restrict Access to the Operating System

Design Scenario: Selecting the Appropriate Template Setting

Design Scenario: Designing a Patch Management Solution

Design Scenario: Auditing Your Security Patch Solution

Chapter 10: Designing Secure Network Management Infrastructure

Design Scenario: Evaluating Remote Management Needs

Real World Scenario: Designing for Remote Access

Design Scenario: Evaluating Remote Management Security Needs

Design Scenario: Risks of Managing Networks

Real World Scenario: Using MMC to Manage Windows Server 2003

Real World Scenario: Designing for Secure Server Management with MMC

Real World Scenario: Using Remote Desktop for Administration

Design Scenario: Designing for Secure Server Management with Remote Desktop for Administration

Real World Scenario: Using Remote Assistance to Support Users

Design Scenario: Designing for Secure Remote Assistance

Real World Scenario: Using EMS to Manage Servers

Design Scenario: Designing for Emergency Management Services