Understanding Security Policies

Slides:



Advertisements
Similar presentations
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
Advertisements

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Microsoft Technology Associate
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.
Securing Windows Servers Using Group Policy Objects
Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.
Password Management PA Turnpike Commission
Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Managing Network Security ref: Overview Using Group Policy to Secure the User Environment Using Group Policy to Configure Account Policies.
Chapter 13 – Network Security
Designing Active Directory for Security
Windows Server 2003 Overview 1 Windows 2003 Server Overview Ayaz
CIS 450 – Network Security Chapter 8 – Password Security.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1.
Securing AD DS Module A 3: Securing AD DS
Microsoft ® Virtual Academy Module 3 Understanding Security Policies Christopher Chapman | Content PM, Microsoft Thomas Willingham | Content Developer,
20 21 Remote Wipe.
Profiles, Password Policies, Privileges, and Roles
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
8.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 8: Planning.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
September 18, 2002 Windows 2000 Server Active Directory By Jerry Haggard.
Understanding Group Policy James Michael Stewart CISSP, TICSA, CIW SA, CCNA, MCSE NT & W2K, iNet+
Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
LockoutGuard Protect AD accounts from Extranet attacks Copyright ©2008 Collective Software, LLC.
Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Administering User Accounts and Groups 1.
November 19, 2008 CSC 682 Do Strong Web Passwords Accomplish Anything? Florencio, Herley and Coskun Presented by: Ryan Lehan.
Module 7: Implementing Security Using Group Policy.
NetTech Solutions Security and Security Permissions Lesson Nine.
Building Structures. Building Relationships. Passwords February 2010 Marshall Tuck.
Module 10: Implementing Administrative Templates and Audit Policy.
Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.
SCSC 455 Computer Security Chapter 3 User Security.
CHAPTER 5 MANAGING USER ACCOUNTS & GROUPS. User Accounts Windows 95, 98 & Me do not need a user account like Windows XP Professional to access computer.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Access The L Line The Express Line to Learning 2007 L Line L © Wiley Publishing All Rights Reserved.
Chapter 7 Server Management Policies –User accounts –Groups Rights and permissions Examples.
Password Security Module 8. Objectives Explain Authentication and Authorization Provide familiarity with how passwords are used Identify the importance.
Module 7: Designing Security for Accounts and Services.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
Understanding Security Policies Lesson 3. Objectives.
Understanding Security Policies
Monitoring Windows Server 2012
Managing User and Service Accounts
Assignment # 8.
Chapter One: Mastering the Basics of Security
Configuring Windows Firewall with Advanced Security
Chapter 5 : Designing Windows Server-Level Security Processes
Big Picture How many ways can a system be attacked? What can we do about it?
Lesson 16-Windows NT Security Issues
NTC 328 Great Wisdom/tutorialrank.com. NTC 328 All Assignments For more course tutorials visit NTC 328 Assignment Week 1 Practice.
Greta Mameniskyte IV course 3rd group
Windows Active Directory Environment
PLANNING A SECURE BASELINE INSTALLATION
Managing Passwords with Group Policy
Designing IIS Security (IIS – Internet Information Service)
Security Planning and Administrative Delegation
Preparing for the Windows 8. 1 MCSA Module 6: Securing Windows 8
Presentation transcript:

Understanding Security Policies Module 3 Understanding Security Policies Christopher Chapman | Content PM , Microsoft Thomas Willingham | Content Developer, Microsoft

Module Overview Common Password Attacks Password Policies

Common Password Attacks

Dictionary and Brute Force Attacks A dictionary attack uses a dictionary containing an extensive list of potential passwords that the attacker then tries in conjunction with a user ID in an attempt to guess the appropriate password. Another, more crude type of attack—called a brute force attack— doesn’t rely on lists of passwords, but rather tries all possible combinations of permitted character types.

Physical Attacks Anytime your computer can be physically accessed by an attacker, that computer is at risk. Physical attacks on your computer can completely bypass almost all security mechanisms, such as by capturing the passwords and other critical data directly from the keyboard when a software or hardware keylogger is used. In fact, if your encryption key passes through a keylogger, you might find that even your encrypted data is jeopardized.

Network Sniffers Sniffers are specially designed software (and in some cases hardware) applications that capture network packets as they traverse a network, displaying them for the attacker. Sniffers are valid forms of test equipment, used to identify network and application issues, but the technology has been rapidly co-opted by attackers as an easy way to grab logon credentials.

Password Policies

Password Complexity Password complexity involves the characters used to make up a password. A complex password uses characters from at least three of the following categories: English uppercase characters (A through Z) English lowercase characters (a through z) Numeric characters (0 through 9) Non-alphanumeric characters (!, @, #, $, %, ^, &, etc.)

Password Length, Age, and History Password length is the number of characters used in a password. Time between password changes can be defined by two settings: Minimum Password Age Maximum Password Age Password history prevents users from recycling the same passwords through a system.

View and Create a Password Policy Demo 1 – Create a password policy on the domain controller and assign password complexity, length, age, and history 2 –Try to change the password for a user to test the policy View and Create a Password Policy

Account Lockout Account lockout settings allow you to specify when to lock an account if incorrect logon attempts happen. Microsoft provides three separate settings with respect to account lockout: Account lockout duration Account lockout threshold Reset account lockout counter after

View and Create Account Lockout Policy Demo 1 – Create an account lockput policy 2 – Test it by locking an account by typing the password incorrectly View and Create Account Lockout Policy

Additional Resources & Next Steps Books Exam 98-367 Security Fundamentals Exam 98-366: MTA Networking Fundamentals Exam Ref 70-410: Installing and Configuring Windows Server 2012 Instructor-Led Courses 40349A: Windows Operating System Fundamentals: MTA Exam 98-349 40366A: Networking Fundamentals: MTA Exam 98-366 40365A: Windows Server Administration Fundamentals: MTA Exam 98-365 20410C: Installing and Configuring Windows Server 2012 Exams & Certifications Exam 98-367: Security Fundamentals Exam 98-349: Windows Operating System Fundamentals Exam 98-366: Networking Fundamentals Exam 98-365: Windows Server Administration Fundamentals Exam 70-410: Installing and Configuring Windows Server 2012

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.