Troubleshooting Windows Vista Security Chapter 4.

Slides:



Advertisements
Similar presentations
Chapter Five Users, Groups, Profiles, and Policies.
Advertisements

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
KX-NS1000 Initial Set Up For step by step : 16 May,
Configuring Windows Internet Explorer 7 Security Lesson 5.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Operating System Customization
Chapter 13 Securing Windows Server 2008
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Changes in Windows XP Service Pack 2
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
Chapter 7: Configuring Disks. 2/24 Objectives Learn about disk and file system configuration in Vista Learn how to manage storage Learn about the additional.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
1 Chapter Overview Managing Compression Managing Disk Quotas Increasing Security with EFS Using Disk Defragmenter, Check Disk, and Disk Cleanup.
STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES Windows Encryption File System (EFS) Tech Briefing July 18 th 2008
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Installing and Troubleshooting Hardware Device and Drivers Chapter 6 powered by dj.
Ch 11 Managing System Reliability and Availability 1.
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Troubleshoot Access, Authentication, and User Account Control Issues Lesson 8.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features.
Hands-On Microsoft Windows Server 2008
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
Tutorial 11 Installing, Updating, and Configuring Software
Using Windows Firewall and Windows Defender
Networking Security Chapter 8 powered by dj. Chapter Objectives  Explain various security threats  Monitor security in Windows Vista  Explain basic.
Microsoft ® Official Course Module 8 Securing Windows 8 Desktops.
Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Week #7 Objectives: Secure Windows 7 Desktop
Chapter Six Windows XP Security and Access Controls.
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
MCTS Guide to Microsoft Windows Vista Chapter 7 Windows Vista Security Features.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
Module 7: Fundamentals of Administering Windows Server 2008.
Course ILT Internet/intranet support Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV.
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Windows XP Professional Features ©Richard L. Goldman February 5, 2003.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 7 Windows 7 Security Features.
Module 15 Managing Windows Server® 2008 Backup and Restore.
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
Ch 17 Securing the File System. Three Ways to Protect Files NTFS Permissions Encrypting File Service BitLocker full-disk encryption – BitLocker ToGo.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 11: Group Policy for Corporate Policy.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Managing Applications, Services, Folders, and Libraries Lesson 4.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 7 Windows 7 Security Features.
1 Lesson 10 Operating System Customization Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Windows Vista Configuration MCTS : NTFS Security Features and File Sharing.
Windows Vista Configuration MCTS : User Account Security.
Windows Tutorial 5 Protecting Your Computer
Chapter Objectives In this chapter, you will learn:
Configuring Windows Firewall with Advanced Security
Securing Windows 7 Lesson 10.
Designing IIS Security (IIS – Internet Information Service)
Bethesda Cybersecurity Club
Presentation transcript:

Troubleshooting Windows Vista Security Chapter 4

Troubleshooting IE7 Policy- Setting Issues Features of IE7 now managed through Group Policy –Previously some features managed through the IE admin kit Internet Explorer Maintenance (IEM) extension controls certain settings –Advantageous for settings that cannot wait for a Group Policy refresh –Preference mode allows a setting to be changed –Example: Setting for proxy server so it cannot be temporarily overwritten –Example: Proxy server set but can be changed by someone who travels outside the office

Troubleshooting IE7 Protected Mode Issues Custom web applications may expect access to areas of the machine that are now restricted Application shims deal with some of these issues, redirecting calls to restricted areas to default unrestricted areas Identify if protected mode is enabled –Lower-right area of IE will list “Protected Mode: On” or “Protected Mode: Off” Protected mode is not used if: –Protected Mode is disabled on the Security tab –The web page is local to the machine –IE7 was launched using “Run As Administrator” –UAC is disabled –The website is parts of the Trusted Sites zone

Troubleshooting IE7 Certificate Issues When a certificate error is encountered, the display will look like the following

Troubleshooting IE7 Certificate Issues (continued) Valid reasons to encounter a certificate error include: –The certificate has expired –The certificate is not configured properly to the website’s identity –The certificate is not on a list of trusted CA’s –Accessing the website by IP instead of by name Click the “Certificate Error” drop down in the address bar for details If the error is from a truly trusted source, you can bypass the error by clicking “continue to this website” You can bypass the error depending upon the source issue –Add a CA to your trusted CA list –Disable the check for revocation Any bypass of certificate errors has risk associated

Troubleshooting Windows Firewall Issues If you are prevented from accessing network resources, use the built-in exceptions on the Exceptions tab Application problem are usually related to specifics ports, which can be unblocked Use the NETSH FIREWALL command line utility to also configure the Firewall –Use this when scripting your configuration –Example: When several hundred ports need to be defined, using the GUI is impractical

Troubleshooting Windows Defender Issues Defender is designed to deal with spyware in real time and with periodic scans Can quarantine software suspected as spyware When real software is quarantine as spyware, use the Quarantine Items option to restore the program Keep definitions updated using Windows Update and enable recommended updates

Troubleshooting EFS and BitLocker Issues EFS Issues –The volume must be formatted as NTFS –If unable to access encrypted files, check for certificate issues –Import the certificate from backup if necessary BitLocker Issues –Any tampering will cause BitLocker to go into Recovery Mode –Hardware failures may require the drive be recovered in another computer with BitLocker available –Recovery Mode requires the recovery password which, if not setup individually, may be stored in AD and accessible by the domain admin –BitLocker protection can be disabled temporarily to make changes that might trip it’s tamper detection

Troubleshooting Auditing Issues If auditing using subcategories, these apply over regular GPO categories –To allow use of GPO categories, do not use the setting “Force Audit Policy Subcategory Settings (Windows Vista or later) to Overrise Audit Policy Category Settings

Troubleshooting Access Denied Messages When attempting to access a resource, Access Denied implies the user is not part of the ACL of that resource –Check ACLs of the resource –Check for EFS encryption You can Take Ownership of files and folder to gain access You can use CIPHER.EXE to decrypt EFS files

Troubleshoot Authentication Username and password issues –Check for proper rights –Reset password –Create a password reset disk or USB key to use when admin access is lost Certificates –When a user roams between machines and need certificates to work, setup credential roaming in the domain Smart Cards –Two-factor authentication requires a smart card and a PIN to logon. Make sure the smart ard is being used correctly. Public Keys –Errors from public key infrastructure issues is stored in the CAPI2 event log

Troubleshooting UAC UAC depends on the Application Information service –Make sure the service is running UAC Virtualization –The policy setting “Virtualize File and Registry Write Failures to Per-User Locations” can cause errors for some apps that write to protected areas if turned off User experience issues with UAC –Adjust settings if the UAC prompts are too intrusive and your security policy allows it

Troubleshooting Windows Updates When encountering errors, you will only receive an error code –80072efd – Problem Connecting to website: check connection to Internet – Problem with temporary files: delete Windows Update temp files –800f020b – Downloading a driver for a device not connected: connect the device – – Background Intelligent Transfer Service issue: check that the service is running

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.