Ing. Ondřej Ševeček MCSM:Directory | MVP:Enterprise Security | Certified Ethical Hacker | MCSE:SharePoint | Passwords.

Slides:



Advertisements
Similar presentations
Ljubomir Ivaniš CPU d.o.o.
Advertisements

Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | CEH | | |
Ing. Ondřej Ševeček | GOPAS a.s. | MCSM:Directory | MVP:Enterprise Security | CEH:Certified Ethical Hacker | CHFI:Computer Hacking Forensic Investigator.
Module 3 Windows Server 2008 Branch Office Scenario.
Chapter 7 HARDENING SERVERS.
Security and Policy Enforcement Mark Gibson Dave Northey
Problem Statement AD DB App1 DB App2 AD App4 App6 AD App5 Intranet Extranet Cloud AD App3 DB SSO Separate Sign-in Separate Sign-in Separate Sign-in.
Kerberos Underworld Ondrej Sevecek | MCM: Directory | MVP: Security |
Ing. Ondřej Ševeček MCSM:Directory | MVP:Enterprise Security | Certified Ethical Hacker | MCSE:SharePoint | Smart card.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
DPM v1 Disk-based replication of files End-user Restore without Help Desk Centralized Backup of Branch Office DPM v2 Seamless Disk- and Tape-protection.
Ing. Ondřej Ševeček | GOPAS a.s. MCM:Directory | MVP:Security | CEHv7 | Evolution.
Walter Pitrof Technology Solution Professional Microsoft Switzerland Backup, Restore und Disaster Recovery mit Data Protection Manager 2012 Philipp Witschi.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | Certified Ethical Hacker | |
Supporting Infrastructure (AD, Certs, DNS, WSUS) Monitoring (SCOM, Other, Custom) Remote Desktop Gateway Dev/StageProduction CI & Deployment.
Clinic Security and Policy Enforcement in Windows Server 2008.
Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.
By Isaac Parenteau. Agenda  What is the certification?  What are the courses required for it?  Future Careers  Cost?
Welcome Thank you for taking our training. Collection 6421: Configure and Troubleshoot Windows Server® 2008 Network Course 6690 – 6709 at
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
ENAM ENAM - INFRA Project 2013.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Bezpečnost Windows pro pokročilé: uživatelské účty GOPAS: | | Ing. Ondřej Ševeček | GOPAS a.s. |
What would a real hacker do to your AD GOPAS: | | Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory.
Ing. Ondřej Ševeček MCSM:Directory | MVP:Enterprise Security | Certified Ethical Hacker | MCSE:SharePoint | PowerShell.
Securing AD DS Module A 3: Securing AD DS
Philadelphia Area SharePoint User Group Building Customer/Partner Extranets Designing a Secure Extranet with Sharepoint 2007 Russ Basiura RJB Technical.
20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,
Passwords Everywhere GOPAS: | | Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP:
What is new in security in Windows 2012 or Dynamic Access Control Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security.
Project Server 2003: DC340: Security (Part 1 of 2): How to securely deploy Project Server in an enterprise environment Pradeep GanapathyRaj (PM), Karthik.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
FORESEC Academy FORESEC Academy Security Essentials (V)
Craig A. Brown Practice Leader – Microsoft Global Knowledge MCT, Since 1996 MCSA/MCSE NT/2000/2003 MCDST MCITP: ES / CS.
Ing. Ondřej Ševeček | | | MCM:Directory | MVP:Security | MCSE:Windows2012 | MCSE:SharePoint | MCT | Certified Ethical.
Bezpečnost Windows pro pokročilé: přístup do sítě GOPAS: | | Ing. Ondřej Ševeček | GOPAS a.s. | MCM:Directory.
Module 7 : Configuration I Jong S. Bok
Designing Secure SharePoint External Access Ondrej Sevecek | MCM: Directory | MVP: Security |
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | CEH | | |
Bezpečnost Windows pro pokročilé: zajímavosti a UAC GOPAS: | | Ing. Ondřej Ševeček | GOPAS a.s. |
Ing. Ondřej Ševeček MCSM:Directory | MVP:Enterprise Security | Certified Ethical Hacker | MCSE:SharePoint | Event Filtering.
Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.
SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
Yaniv Feldman Senior Infrasec Architect Microsoft Security Regional Director
Module 3: Planning Administrative Access. Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning.
Managing and Monitoring the Microsoft Application Platform Damir Bersinic Ruth Morton IT Pro Advisor Microsoft Canada
Be Microsoft’s first and best customer Enabling world-class and predictable customer, client, and partner experience Protecting Microsoft’s physical and.
Bezpečnost Windows pro pokročilé: protokoly a sledování přihlášení GOPAS: | | Ing. Ondřej Ševeček.
Designing a Secure Extranet with Sharepoint Russ Basiura Principal Consultant RJB Technical Consulting
Ondrej Sevecek | GOPAS a.s. MCSM:Directory Services | MVP:Enteprise Security | CISA | CEH | CHFI | facebook: ondrej.sevecek.official.
Implementing SSTP VPN and 802.1x with RADIUS on Windows 2012 Ing. Ondřej Ševeček | Product Manager Windows Server | GOPAS a.s. MCM: Directory | MVP: Security.
Ondrej Sevecek | GOPAS a.s. MCSM:Directory Services | MVP:Enteprise Security | CISA | CEH | CHFI | Enterprise certification.
Ondřej Ševeček | GOPAS a.s. MCSM:Directory Services | MVP:Enteprise Security | CISA | CEH | CHFI | facebook: ondrej.sevecek.official.
Ing. Ondrej Sevecek MCSM:Directory2012 | MVP:Security | CEH | MCSE:Windows2012 | What would a real hacker do to your AD.
Basharat Institute of Higher Education
Secure Connected Infrastructure
What is new in security in Windows 2012 or Dynamic Access Control
Module Overview Installing and Configuring a Network Policy Server
Module 1: Identity is the New Perimeter
Passwords Everywhere Ing. Ondřej Ševeček | GOPAS a.s. |
Microsoft Ignite /21/2018 5:56 PM
SharePoint and IIS core integration
{ Security Technologies}
Test Lab Guides for SharePoint Server 2013
GOPAS TechEd 2012 Kerberos Delegation
Presentation transcript:

Ing. Ondřej Ševeček MCSM:Directory | MVP:Enterprise Security | Certified Ethical Hacker | MCSE:SharePoint | Passwords everywhere aka why use smart cards instead

Agenda  Why are workstations doomed  Why not type strong accounts' passwords on insecure computers  Why use separate administrative accounts and thus limit attack surface  Why use smart cards instead of passwords wherever possible

Separate administrators (basic physical security principle) PC ForestA DomainB DC SRV ForestA DomainA DC1 SRV NTB ForestA DomainA DC2

Separate administrators (better physical security principle) PC open- space ForestA DomainB DC ForestA DomainA DC1 SRV in datacente r NTB no BitLocker ForestA DomainA DC2 PC in-office SRV in branche1 SRV in branche2 NTB with BitLocker

NTB no BitLocker NTB with BitLocker Separate administrators (server role principle) PC open- space ForestA DomainB DC ForestA DomainA DC1 SRV FS ForestA DomainA DC2 PC in-office SRV SQL SRV Web SRV Share Point SRV Exchange SRV RDP SRV Remote Access

Symantec Backup SQL Share Point Farm Intranet Share Point Farm Intranet Separate administrators (application principle) ForestA DomainB DC ForestA DomainA DC1 ForestA DomainA DC2 DPM Backup SQL Share Point Farm Intranet SRV Exchange SQL Share Point Farm Intranet Share Point Farm Intranet DPM Backup SQL Share Point Farm Extranet RDP farm AD FS NPS RADIUS RDP Gateway SRV FS

Kurzy Počítačové školy Gopas na GOC169 - Auditing ISO/IEC 2700x GOC170 - AD Monitoring with SCOM and ACS GOC171 - Active Directory Troubleshooting GOC172 - Kerberos Troubleshooting GOC173 - Enterprise PKI GOC174 - SharePoint Architecture and Troubleshooting GOC175 - Advanced Security Získejte tričko TechEd 2014 za vyplněný hodnotící dotazník. Počítačová škola Gopas – Vaše IT škola života

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.