Embed Size (px)
Citation preview
Managing Network Security
ref:www.microsoft.com
Overview
Using Group Policy to Secure the User Environment
Using Group Policy to Configure Account Policies
Analyzing Security Log Files to Detect Security Breaches
Securing the Logon Process
Examining Service Packs, Hotfixes, and Antivirus Software
Using Group Policy to Secure the User Environment
Applying security policiesApplying security policiesApplying security policiesApplying security policies
Select the Security Settings nodeSelect the Security Settings node
By configuring security settingsBy configuring security settingsindividuallyindividually
By configuring security settingsBy configuring security settingsindividuallyindividually
Select the security setting to configureSelect the security setting to configure
Configure the security settingConfigure the security setting
By importing the security template By importing the security template By importing the security template By importing the security template
Identify or create a security templateIdentify or create a security template
Import the security template into a Group Policy objectImport the security template into a Group Policy object
Analyze the security settingsAnalyze the security settings
Using Group Policy to Configure Account Policies
What Are Account Policies?
Configuring Password Policy Settings
Configuring Account Lockout Policy Settings
What Are Account Policies?
Use account policies to prevent unauthorized persons from gaining access to the network
Must set Group Policy at
domain level
Must set Group Policy at
domain level
Set password Set password requirements torequirements toSet password Set password
requirements torequirements toDomain controller
does not authenticate Domain controller
does not authenticate
Domain controller locks out user account
Domain controller locks out user account
Set failed logon Set failed logon attempts limit toattempts limit toSet failed logon Set failed logon attempts limit toattempts limit to
Ensure passwords are difficult to guessEnsure passwords
are difficult to guess
Stop brute force hacking programsStop brute force
hacking programs
Configuring Password Policy Settings
Password settings apply to the domain The settings to configure are:
Group Policy
Action View
Passwords [LONDON.NWTraders.msftComputer Configuration
Software SettingsWindows Settings
Security SettingsAccount Policies
Account Lockout PoliKerberos Policy
Local Policies
Allow storage of passwords under reversibl…Enforce password uniqueness by remem…Maximum Password Age
Minimum Password AgeMinimum Password Length
Passwords must meet complexity require…User must logon to change password
Not Configured24 Passwords30 Days30 Days8 CharactersEnabledEnabled
Attribute Stored Template Settin
Password Policy
The number of previous passwords Windows 2000 records
The number of previous passwords Windows 2000 records
Configuring Account Lockout Policy Settings
Account lockout policy settings apply to domains You must configure all account lockout policy settings
or none
Group Policy
Action View
Account Lockout [LONDON.NWTraders.msftComputer Configuration
Software SettingsWindows Settings
Security SettingsAccount Policies
Password PolicyAccount Lockout PolicyKerberos Policy
Local Policies
Account Lockout Policy
Attribute Stored Template Settin
Account lockout control
Lockout account for
Reset account lockout count after
5 Invalid logon attemptsForever1440 Minutes
The amount of time before the lockout counter returns to zeroThe amount of time before the lockout counter returns to zero
Limit on failed logon attemptsLimit on failed logon attemptsAmount of time that the lockout is in effectAmount of time that the lockout is in effect
Analyzing Security Log Files to Detect Security Breaches
Security Logs and Event Viewer
Common Security Events
Common Security Events
Invalid Logon Attempts and Account Lockout
Change of File Ownership
Clearing of the Security Log
System Shutdown
Securing the Logon Process
Examining Smart Cards
Enabling Smart Card Authentication
Examining Smart Cards
Interactive Logon Process
Remote Access
Examining Service Packs, Hotfixes, and Antivirus Software
Hotfixes and Service Packs
Antivirus Software
Viruses AttacksAntivirusSoftware
SecurityHotfixes
Review
Using Group Policy to Secure the User Environment
Using Group Policy to Configure Account Policies
Analyzing Security Log Files to Detect Security Breaches
Securing the Logon Process
Examining Service Packs, Hotfixes, and Antivirus Software
![[Webinar] PowerShell Series 2 - Using PowerShell to manage Group Policy](https://img.pdfslide.us/doc/110x75/559b62721a28ab025f8b482f/webinar-powershell-series-2-using-powershell-to-manage-group-policy.jpg)
