Syngress - Configuring Windows 2000 Server Security (1999).pdf - Security - darekisap

Configuring Windows 2000 Server Security:Table of Contents

Configuring Windows 2000 Server Security

by Thomas W. Shinder, M.D., MCSE, MCP+I, MCT, Debra Littlejohn Shinder, MCSE, MCP+I, MCT,

D. Lynn White, MCSE, MCPS, MCP+I, MCT

Syngress Publishing, Inc.

ISBN: 1928994024 Pub Date: 06/01/99

Search Tips

Advanced Search

Search this book:

Chapter 1—The Windows 2000 Server Security Migration Path

Brief Overview of Windows 2000 Server Security

Windows 2000 Server Security White Paper

Why the Change?

Differences in Windows 2000 Server Security

Problems with and Limitations

What Is the Same?

Upgrading/Migrating Considerations

How to Begin the Process

Getting Started

Proper Analysis

Summary

FAQs

Chapter 2—Default Access Control Settings

Introduction

Administrators Group

Users Group

Power Users Group

Configuring Security During Windows 2000 Setup

Default File System and Registry Permissions

Default User Rights

http://corpitk.earthweb.com/reference/pro/1928994024/ewtoc.html (1 of 6) [8/3/2000 6:48:43 AM]

Configuring Windows 2000 Server Security:Table of Contents

Default Group Membership

Summary

FAQs

Chapter 3—Kerberos Server Authentication

Introduction

Authentication in Windows 2000

Benefits of Kerberos Authentication

Standards for Kerberos Authentication

Extensions to the Kerberos Protocol

Overview of the Kerberos Protocol

Basic Concepts

Subprotocols

Tickets

Kerberos and Windows 2000

Key Distribution Center

Kerberos Policy

Contents of a Microsoft Kerberos Ticket

Delegation of Authentication

Preauthentication

Security Support Providers

Credentials Cache

DNS Name Resolution

UDP and TCP Ports

Authorization Data

KDC and Authorization Data

Services and Authorization Data

Summary

FAQs

Chapter 4—Secure Networking Using Windows 2000 Distributed Security

Services

Introduction

The Way We Were: Security in NT

A Whole New World: Distributed Security in Windows 2000

Windows 2000 Distributed Security Services

Active Directory and Security

Advantages of Active Directory Account Management

Relationship between Directory and Security Services

Multiple Security Protocols

NTLM Credentials

Kerberos Credentials

http://corpitk.earthweb.com/reference/pro/1928994024/ewtoc.html (2 of 6) [8/3/2000 6:48:43 AM]

Configuring Windows 2000 Server Security:Table of Contents

Private/Public Key Pairs and Certificates

Other Supported Protocols

Enterprise and Internet Single Sign-on

Security Support Provider Interface

Internet Security for Windows 2000

Client Authentication with SSL 3.0

Authentication of External Users

Microsoft Certificate Server

CryptoAPI

Interbusiness Access: Distributed Partners

Summary

FAQs

Chapter 5—Security Configuration Tool Set

Introduction

Security Configuration Tool Set Overview

Security Configuration Tool Set Components

Security Configuration and Analysis Snap-in

Security Configurations

Security Configuration and Analysis Database

Security Configuration and Analysis Areas

Security Configuration Tool Set User Interfaces

Configuring Security

Account Policies

Local Policies and Event Log

Event Log

Restricted Groups

Registry Security

File System Security

System Services Security

Analyzing Security

Account and Local Policies

Restricted Group Management

Registry Security

File System Security

System Services Security

Group Policy Integration

Security Configuration in Group Policy Objects

Additional Security Policies

Using the Tools

Using the Security Configuration and Analysis Snap-in

Using Security Settings Extension to Group Policy Editor

Summary

http://corpitk.earthweb.com/reference/pro/1928994024/ewtoc.html (3 of 6) [8/3/2000 6:48:43 AM]

Configuring Windows 2000 Server Security:Table of Contents

FAQs

Chapter 6—Encrypting File System for Windows 2000

Introduction

Using a Encrypting File System

Encryption Fundamentals

How EFS Works

User Operations

File Encryption

Assessing an Encrypted File

Copying an Encrypted File

Moving or Renaming an Encrypted File

Decrypting a File

Cipher Utility

Directory Encryption

Recovery Operations

EFS Architecture

EFS Components

The Encryption Process

The EFS File Information

The Decryption Process

Summary

FAQs

Chapter 7—IP Security for Microsoft Windows 2000 Server

Introduction

Network Encroachment Methodologies

Snooping

Spoofing

Password Compromise

Denial of Service Attacks

Man-in-the-Middle Attacks

Application-Directed Attacks

Compromised Key Attacks

IPSec Architecture

Overview of IPSec Cryptographic Services

IPSec Security Services

Security Associations and IPSec Key Management Procedures

Deploying Windows IP Security

Evaluating Information

Determining Required Security Levels

Building Security Policies with Customized IPSec Consoles

http://corpitk.earthweb.com/reference/pro/1928994024/ewtoc.html (4 of 6) [8/3/2000 6:48:43 AM]

Configuring Windows 2000 Server Security:Table of Contents

Flexible Security Policies

Flexible Negotiation Policies

Filters

Creating a Security Policy

Summary

FAQs

Chapter 8—Smart Cards

Introduction

Interoperability

ISO 7816, EMV, and GSM

PC/SC Workgroup

The Microsoft Approach

Smart Card Base Components

Service Providers

Enhanced Solutions

Client Authentication

Public-Key Interactive Logon

Secure E-Mail

Summary

FAQs

Chapter 9—Microsoft Windows 2000 Public Key Infrastructure

Introduction

Concepts

Public Key Cryptography

Public Key Functionality

Protecting and Trusting Cryptographic Keys

Windows 2000 PKI Components

Certificate Authorities

Certificate Hierarchies

Deploying an Enterprise CA

Trust in Multiple CA Hierarchies

Enabling Domain Clients

Generating Keys

Key Recovery

Certificate Enrollment

Renewal

Using Keys and Certificates

Roaming

Revocation

Trust

http://corpitk.earthweb.com/reference/pro/1928994024/ewtoc.html (5 of 6) [8/3/2000 6:48:43 AM]

Syngress - Configuring Windows 2000 Server Security (1999).pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: