Windows 2003 Server

Chapter 14

Windows 2003 Security Features


Home | Chapters | Homework | Grades | Calendar | Forums | Syllabus

Forum Policy | Assignment Policy | E-Mail Mr Hull | FTP


Main | Chapter 1 | Chapter 2 | Chapter 3 | Chapter 4 | Chapter 5 | Chapter 6 | Chapter 7

Chapter 8 | Chapter 9 | Chapter 10 | Chapter 11 | Chapter 12 | Chapter 13 | Chapter 14


Summary

At the end of this chapter you should be able to:

  • Identify the various elements and techniques that can be used to secure a Windows Server 2003 system

  • Use Security Configuration and Analysis tools to configure and review security settings

  • Audit access to resources and review Security log settings


Securing Your Windows 2003 System

Windows Server 2003 has features that allow you to secure your network.  We will be some of them in this chapter.

 

Authentication

Authentication is the process of providing a username and password in order to gain access to a resource.  This was discussed in more detail in chapter 3, and IIS authentication was discussed in chapter 13.

 

Access Control

Access control allows you to control what level of permissions a user has on a resource.  NTFS Permissions were discussed in chapter 5, printer access was discussed in chapter 8, and Active Directory object permissions were discussed in chapter 10.

 

Encryption

Encryption allows you to secure your data and is a feature of NTFS.  If you want to secure data going between the server and the client you can use IPSec.  IPSec is beyond the scope of the 70-290 test.

 

Security Policies

Windows Server 2003 includes tools to easily change the security settings in your server.  We will be looking at these in this chapter.

 

Service Packs and Hot Fixes

Service packs are a collection of hot fixes.  These fix problems in your operating system.  You can use Software Update Services, or Windows Update Services.  Both were covered briefly in chapter 10.


Using Security Configuration Manager Tools

You can use the Security Configuration Manager tools to create a Security Policy template.  This template can be used to apply settings in the policy to a computer.  Using the templates you can make sure all your servers, workstations, and domain controllers have the same security settings.

 

Security Templates

Security templates are text files that contain the settings of a security policy.  These files should not be edited with a text editor, they should only be edited with the Security Templates snap in.

 

LAB ACTIVITY - Do the lab on page 589. (10 Minutes)

 

Analyzing the Pre-configured Security Templates

The default template is called Setup Security.inf.  All of the other templates are incremental templates.  They only change some of the settings.

 

Applying Security Templates

You can apply a template to the computer at the local security policy, or with a group policy.  The local policy can be opened by running SECPOL.MSC.

 

LAB ACTIVITY - Do the lab on page 593. (10 Minutes)

LAB ACTIVITY - Do the lab on page 595. (10 Minutes)

 

Security Configuration and Analysis

You can use the Security Configuration and Analysis snap in to compare the setting in a template against the settings on the computer. 

 

LAB ACTIVITY - Do the lab on page 596. (15 Minutes)

 

SECEDIT.EXE is a command line tool that you can use to change security settings.


Auditing Access to Resources and Analyzing Security Logs

You can audit resources in Windows Server 2003.  This can be useful if you want to find out if a user has tried to delete a file or folder, and other items on your computer.  In order to use auditing you have to turn it on at the group policy level then turn it on at the resource.  You can choose to monitor successful or failure events.

 

LAB ACTIVITY - Do the lab on page 600. (10 Minutes)

 

Configuring Auditing

On a Domain Control you would change the audit settings in the Default Domain Controller Policy.  For a member server you would make the change in the group policy applied to the OU that contained the server.  In a stand alone server you would make the change in the Local Security Policy.

 

LAB ACTIVITY - Do the lab on page 603. (10 Minutes)

 

Once you have turned on auditing in the policy, you have to turn it on at the resource.

 

LAB ACTIVITY - Do the lab on page 606. (10 Minutes)

 

Analyzing Security Logs

Once you are auditing a resource you can go to the Security event viewer to see any events.

 

LAB ACTIVITY - Do the lab on page 611. (10 Minutes)

 

Configuring Event Viewer

With Windows Server 2003 there is some auditing already turned on by default.  If you have a lot of security events it can become difficult to find the ones you want.  You can configure the event log to assist you in finding events.

 

LAB ACTIVITY - Do the lab on page 614. (10 Minutes)


More Information

 

Click Here to download the slides for this chapter

(NOTE: You must have PowerPoint or PowerPoint Viewer if you don't have  either Click Here to download PowerPoint Viewer.)


Home | Chapters | Homework | Grades | Calendar | Forums | Syllabus

Forum Policy | Assignment Policy | E-Mail Mr Hull | FTP