Common Security Mistakes

Slides:



Advertisements
Similar presentations
Server 2012 R2 Essentials - What’s new ? Bart #techninebe Technine Group.
Advertisements

Login dan Permission dfd, Jenis Login dfd, 2012 SQL Server Authentication Membutuhkan password Windows Authentication Mode Tidak membutuhkan password.
Chapter 9 Security. Endpoints  A SQL Server endpoint is the point of entering into SQL Server.  It is implemented as a database object that defines.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Chapter 5 Database Application Security Models
Virtual techdays INDIA │ august 2010 Secure Collaboration: All You Need to Know about Extending Active Directory Rights Management Services (AD RMS)
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Delivering Excellence in Software Engineering ® EPAM Systems. All rights reserved. ASP.NET Authentication.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Securing Microsoft® Exchange Server 2010
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.
Module 7: Fundamentals of Administering Windows Server 2008.
Chapter 6 : Designing SQL Server Service-Level Security MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design Study Guide.
Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.
Chokchai Junchey Microsoft Product Specialist Certified Technical Training Center.
September 18, 2002 Windows 2000 Server Active Directory By Jerry Haggard.
MICROSOFT SQL SERVER 2005 SECURITY  Special Purpose Logins and Users  SQL Server 2005 Authentication Modes  Permissions  Roles  Managing Server Logins.
Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Module 4 : Installation Jong S. Bok
Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.
Module 13 Implementing Business Continuity. Module Overview Protecting and Recovering Content Working with Backup and Restore for Disaster Recovery Implementing.
Grid Chemistry System Architecture Overview Akylbek Zhumabayev.
Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.
Module 11: Securing a Microsoft ASP.NET Web Application.
Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.
Module 6 Securing Content. Module Overview Administering SharePoint Groups Implementing SharePoint Roles and Role Assignments Securing and Auditing SharePoint.
Module 3: Managing a Microsoft ® Windows ® Small Business Server Environment.
Securing SQL Server 2005 Anil Desai. Speaker Information Anil Desai –Independent consultant (Austin, TX) –Author of several SQL Server books –Instructor,
Windows SharePoint Services Managing users and rights.
Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Search Overview Search Features: WSS and Office Search Architecture Content Sources and.
Inventory & Monitoring Program SharePoint Permissions Who has access? What can they do with the access? What is the easiest way to manage the permissions?
Module 6: Data Protection. Overview What does Data Protection include? Protecting data from unauthorized users and authorized users who are trying to.
Module 5 : Security I Jong S. Bok
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
System Center Lesson 4: Overview of System Center 2012 Components System Center 2012 Private Cloud Components VMM Overview App Controller Overview.
From “Control Panel”, launch “Programs and Features” then select “Turn Windows features on or off” Lab 2: Setup Lab Environment.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
SQL Server 2005 Implementation and Maintenance Chapter 6: Security and SQL Server 2005.
Importance of Physical Security Common Security Mistakes 1.Security Awareness 2.Incident Response 3.Poor Password Management 4.Bad administrative.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 10: Internet Information Services (IIS)
Module 6: Administering Reporting Services. Overview Server Administration Performance and Reliability Monitoring Database Administration Security Administration.
Secure Data Access with SQL Server 2005 Doug Rees Associate Technologist, CM Group
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Configuring the User and Computer Environment Using Group Policy Lesson 8.
Productivity Architect Meet Chris Bortlik Author, Blogger, Speaker.
Chapter 5 : Designing Windows Server-Level Security Processes
Securing the Network Perimeter with ISA 2004
A Technical Overview of Microsoft® SQL Server™ 2005 Beta 2
Designing Database Solutions for SQL Server
IIS.
Lesson 16-Windows NT Security Issues
Configuring Internet-related services
Information Security Awareness
Managing Services with VMM and App Controller
8.1 Active Directory Rights Management Services (AD RMS)
AD RMS Templates Active Directory Rights Management Services (AD RMS)
Windows Active Directory Environment
(Authentication / Authorization)
Designing IIS Security (IIS – Internet Information Service)
Boston Code Camp – April 2019 Jason Haley
Fast-Track UiPath Developer Module 10: Sensitive Data Handling
08 | Configuring SharePoint Online
We Need To Talk Security
Presentation transcript:

Common Security Mistakes Security Awareness Incident Response Poor Password Management Bad administrative practices Over-privileged Users Unused Services Unsecured Servers Mis-configured Edge Devices Poor Auditing/Logging Practices Poor Data Access Control

Internal Users External Users SharePoint Server Anonymous

Windows Authentication Anonymous Access Access to users without server accounts Enabled in IIS Disabled in SharePoint 2007 Windows Authentication Pluggable authentication Independent identity Custom code ASP .NET Authentication Pluggable authentication Independent identity Custom code

Administrator: Full Control over logs Ability to restore from backup Administrator: Full Control over data Full Control over logs Ability to restore from backup Busy Content Owner: Full Control over data Responsible for data Ability to restore from Recycle Bin Content Owner: Responsible for data

Second-level Recycle Bin Site Collection Administrators Central Administrators Default full access Fix lockouts Second-level Recycle Bin Grant self-access Logged-on Event Log Unremoveable permissions

Owners Visitors Members Full control access Visitors Read-only access Members Lists and libraries

Permission Levels Full Control Design Contribute Read Fine Grained Owners Full Control Design Contribute Read Fine Grained Visitors Members

Author defines permissions to file. Recipient Author defines permissions to file. Document is encrypted with symmetric key. RMS server encrypts the file with a public key and adds it to publishing license. Author distributes the file. Recipient opens a protected file RMS server validates permission and issues license to decrypt the file. File is opened. Recipient is limited to tasks defined by permissions Windows Server 2003 with RMS Database Server Active Directory Server

User Downloads Document Role Matched to Library License to Decrypt Issued Permissions Granted

SQL Server 2005 Security Windows Server SQL Server Database Monitoring Domain Policies SQL Server Connections Logins Database Schema Catalog Monitoring Triggers Notification SQL Server 2005 Security

Schema Object Permissions

ALTER ANY LINKED SERVER Object SELECT Database CREATE TABLE Schema ALTER

Secure by default Surface Area Configuration Encryption HTTP Endpoints

Services and features off by default Local connections only SAC to enable services / features Windows Server 2003 SQL Server 2005 Upgrade preserves settings Other services / features disabled SAC to enable services / features Windows Server 2003 SQL Server 2000 SQL Server 2005

“An Endpoint is a point of entry into SQL Server” Shared Memory Named Pipes TCP Virtual Interface Adapter HTTP (Windows 2003 Only) HTTP Transport is not created by default HTTP Endpoints support 4 authentication types for web methods Anonymous access is not allowed Communications can be secured with SSL

Single shared key Very fast Not for module signing Symmetric Individual keys Slower than symmetric Used for module signing Asymmetric Includes Certificate Authority Validates encryption keys Used for module signing Certificate

Login and DDL Triggers Eventdata Function Login triggers fire after login DDL triggers fire on alteration Server or database level Logging and auditing Login and DDL Triggers What fired a trigger Type, SPID, User, Time, Code Returns XML data Eventdata Function

Re-think content ownership and permissions Understand changes in SharePoint data access Inventory applications using a database Secure connectivity to servers Virtual machines need the same attention

Daily Bi-Weekly Monthly 1. IT Pro Blogs http://blogs.technet.com/canitpro/ Bi-Weekly 2. TechNet Flash Newsletter microsoft.ca/technet/tnflash/default.aspx Monthly 3. TechNet Security Newsletter microsoft.ca/technet/securitynewsletter

Q & A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.