Bring Your Own Device
Demo Maak een Windows to Go stick
User Environment Virtualization
Demo User Environment Virtualization
User Account Control
The Administrator The Administrator The account named ‘administrator’ The account named ‘administrator’ An Administrator An Administrator Your name with administrator privileges Your name with administrator privileges Protected Administrator Protected Administrator AKA: ‘Administrator in Admin Approval Mode’ AKA: ‘Administrator in Admin Approval Mode’ Standard User Standard User Your name without administrator privileges Your name without administrator privileges
Create a token object Act as part of the operating system Take ownership of files and other objects Load and unload device drivers Back up files and directories Restore files and directories Impersonate a client after authentication Modify an object label Debug programs Create a token object Act as part of the operating system Take ownership of files and other objects Load and unload device drivers Back up files and directories Restore files and directories Impersonate a client after authentication Modify an object label Debug programs Administrators Backup Operators Power Users Network Configuration Operators Administrators Backup Operators Power Users Network Configuration Operators Group Policy Creator Owners Schema Admins Enterprise Admins Denied RODC Password Replication Group
Demo Analyse van het User Access Token
SystemHigh Medium (Default) Low Services AdministratorsStandard Users IE Protected Mode
Integrity level: High (Elevated Token) Integrity level: Medium
Internet Explorer 8 Internet Explorer 9
iexplore.exe Protected-mode Broker Object UI frame Favorites Bar Command Bar iexplore.exe (tab process 1) Browser Helper Objects Toolbar Extensions ActiveX Controls Tab 1 Tab n iexplore.exe (tab process n) Browser Helper Objects Toolbar Extensions ActiveX Controls Tab 1 Tab n
Demo Integrity Levels
documentLibrary musicLibrary videoLibrary picturesLibrary microphone Webcam removableStorage Location Proximity internetClient internetClientServer textMessaging privateNetworkClient privateNetworkClientServer certificates
Demo Enhanced Protected Mode
Samenvatting
Form factors Metro Interface Security Apps
Client Operating System (Windows 8) Hardware Drivers IE HD-encrHD-encr F i r e w a ll Office Middle ware Layered apps Busi ness apps Base apps AV Mgt Agents LANWifi3G Remote Access Internet Access SCCM AV Mgt Remote Deskto p App- V Mail Intranet Unified Comms AD PKI File Svc Print Svc Deploy Infra Services Werkplek Profile Mgt Config