MCTS Guide to Microsoft Windows Vista Chapter 7 Windows Vista Security Features.

Slides:



Advertisements
Similar presentations
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
Advertisements

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Lesson 17: Configuring Security Policies
Chapter 13 Securing Windows Server 2008
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Maintaining and Updating Windows Server 2008
1 Chapter Overview Managing Compression Managing Disk Quotas Increasing Security with EFS Using Disk Defragmenter, Check Disk, and Disk Cleanup.
Ch 11 Managing System Reliability and Availability 1.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
Securing Windows Servers Using Group Policy Objects
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Hands-On Microsoft Windows Server 2008 Chapter 10 Securing Windows Server 2008.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Troubleshoot Access, Authentication, and User Account Control Issues Lesson 8.
Windows Server 2008 Chapter 10 Last Update
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2008
September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.
Using Windows Firewall and Windows Defender
Networking Security Chapter 8 powered by dj. Chapter Objectives  Explain various security threats  Monitor security in Windows Vista  Explain basic.
Microsoft ® Official Course Module 8 Securing Windows 8 Desktops.
Hands-On Microsoft Windows Server 2008
Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Week #7 Objectives: Secure Windows 7 Desktop
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.
Troubleshooting Windows Vista Security Chapter 4.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1.
Module 14: Configuring Server Security Compliance
Module 7: Fundamentals of Administering Windows Server 2008.
11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Module 3 Configuring File Access and Printers on Windows ® 7 Clients.
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 7 Windows 7 Security Features.
Section 11: Implementing Software Restriction Policies and AppLocker What Is a Software Restriction Policy? Creating a Software Restriction Policy Using.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Module 3: Configuring File Access and Printers on Windows 7 Clients
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.
Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.
Ch 17 Securing the File System. Three Ways to Protect Files NTFS Permissions Encrypting File Service BitLocker full-disk encryption – BitLocker ToGo.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 11: Group Policy for Corporate Policy.
Module 7: Implementing Security Using Group Policy.
NetTech Solutions Security and Security Permissions Lesson Nine.
Managing Applications, Services, Folders, and Libraries Lesson 4.
May 30 th – 31 st, 2007 Chateau Laurier Ottawa. Getting it Done: Understanding the Security Features of Windows Vista Kai Axford, CISSP, MCSE-Security.
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 7 Windows 7 Security Features.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
Maintaining and Updating Windows Server 2008 Lesson 8.
Windows Vista Configuration MCTS : Network Security.
Windows Vista Configuration MCTS : NTFS Security Features and File Sharing.
Configuring Windows Firewall with Advanced Security
Securing Windows 7 Lesson 10.
Presentation transcript:

MCTS Guide to Microsoft Windows Vista Chapter 7 Windows Vista Security Features

MCTS Guide to Microsoft Windows Vista2 Objectives Describe Windows Vista Security Improvements Use the local security policy to secure Windows Vista Enable auditing to record security events Describe and configure User Account Control

MCTS Guide to Microsoft Windows Vista3 Objectives (continued) Describe the Internet security features in Windows Vista Use the data security features in Windows Vista Secure Windows Vista by using Windows Update

MCTS Guide to Microsoft Windows Vista4 Windows Vista Security Improvements Major security improvements in Windows Vista are: –Malware protection –Easier deployment of alternative authentication methods –Enhanced network protection –Data protection for stolen hard drives

MCTS Guide to Microsoft Windows Vista5 Malware Protection Malware –Malicious software designed to perform unauthorized acts on your computer User Account Control (UAC) –Feature implemented in Windows Vista to control malware –Prompts users when software attempts to take administrative control Windows Defender –A real-time spyware monitor to prevent the installation of and remove spyware

MCTS Guide to Microsoft Windows Vista6 Malware Protection (continued) Spyware –A threat to privacy that often makes systems unstable Internet Explorer has been modified to run in a limited state, called protected mode –In which user files cannot be modified A phishing filter has also been added –To prevent unauthorized Web sites from stealing log- on credentials and other personal information Windows service hardening –Most Windows exploits that are used to install malware are the result of flaws in Windows services

MCTS Guide to Microsoft Windows Vista7 Malware Protection (continued) Windows service hardening (continued) –Windows services have been changed as follows: Each service is given a SID number Services run with a lower privilege level by default Unnecessary privileges for services have been removed Windows Firewall can control network access based on service SIDs Services are isolated and cannot interact with users

MCTS Guide to Microsoft Windows Vista8 Alternative Authentication Methods Username and password –Most common method for authentication Windows Vista makes smart cards easier to manage Development of additional authentication methods for Windows, such as biometrics, has been simplified

MCTS Guide to Microsoft Windows Vista9 Network Protection Windows Vista is protected on networks by: –Enhanced firewall –Network Access Protection (NAP) Firewall can control both inbound and outbound network packets NAP prevents unhealthy computers from accessing the network –An unhealthy computer is one that has outdated antivirus signatures or is missing security updates

MCTS Guide to Microsoft Windows Vista10 Data Protection NTFS file system provides data protection by using permissions on files and folders –NTFS permissions can be easily circumvented when you have physical access to a computer BitLocker Drive Encryption –Encrypts the contents of a partition and protects the system partition

MCTS Guide to Microsoft Windows Vista11 Security Policies Windows Vista includes a local security policy –Which can be used to control many facets of Windows –You can access the Local Security Policy in Administrative Tools Local security policy categories –Account policies –Local policies –Software restriction policies –Windows Firewall with Advanced Security –Public Key Policies

MCTS Guide to Microsoft Windows Vista12 Security Policies (continued) Local security policy categories (continued) –Software Restriction Policies –IP Security Policies on Local Computer The local security policy is part of a larger Windows management system called Group Policy –Can be implemented on a local computer, but is typically part of a domain-based network

MCTS Guide to Microsoft Windows Vista13 Security Policies (continued)

MCTS Guide to Microsoft Windows Vista14 Account Policies Contain the password policy and the account lockout policy Do not affect domain accounts Must be configured at the domain level Password policy –Controls password characteristics for local user accounts –Available settings Enforce password history Maximum password age Minimum password age

MCTS Guide to Microsoft Windows Vista15 Account Policies (continued) Password policy (continued) –Available settings (continued) Minimum password length Password must meet complexity requirements Store passwords using reversible encryption Account lockout policy –Prevents unauthorized access to Windows Vista –Can configure an account to be temporarily disabled after a number of incorrect log-on attempts

MCTS Guide to Microsoft Windows Vista16 Account Policies (continued) Account lockout policy (continued) –Available settings Account lockout duration Account lockout threshold Reset account lockout counter after

MCTS Guide to Microsoft Windows Vista17 Local Policies Local policies are for: –Auditing system access –Assigning user rights –Configuring specific security options Auditing lets you track when users log on and which resources are used User rights control what system task a particular user or group of users can perform Specific security options are a variety of settings that can be used to make Windows Vista more secure

MCTS Guide to Microsoft Windows Vista18 Local Policies (continued)

MCTS Guide to Microsoft Windows Vista19 Local Policies (continued) User rights assignment settings –Allow log on locally –Back up files and directories –Change the system time –Load and unload device drivers –Shut down the system Security options settings –Devices: Prevent users from installing printer drivers –Interactive logon: Do not display last username –Interactive logon: Message text for users attempting to log on –Shutdown

MCTS Guide to Microsoft Windows Vista20 Software Restriction Policies Used to define which programs are allowed or disallowed in the system Used in corporate environments where parental controls are not able to be used Default security level for applications –Disallowed –Basic User –Unrestricted

MCTS Guide to Microsoft Windows Vista21 Software Restriction Policies (continued)

MCTS Guide to Microsoft Windows Vista22 Software Restriction Policies (continued) Software not affected by software restriction policies –Drivers or other kernel mode software –Programs run by the SYSTEM account –Macros in Microsoft Office 2000 or Microsoft Office XP documents –NET programs that use the common language runtime (alternate security is used) Software restriction rules –Certificate rules –Hash rules

MCTS Guide to Microsoft Windows Vista23 Software Restriction Policies (continued) Software restriction rules (continued) –Network zone rules –Path rules Software restriction rule evaluation –Rule types precedence Hash rules Certificate rules Path rules Network zone rules Default rule –All rule types except path rules are exclusive

MCTS Guide to Microsoft Windows Vista24 Software Restriction Policies (continued) Software restriction configuration options –Policies are evaluated each time an executable file is accessed –Executable files are identified by file extension You can customize the list of extensions –Many Windows applications use DLL files when they are executing –DLL files are considered a lower risk than executable files and are not evaluated by default –Administrators often want to be unrestricted when they are accessing workstations

MCTS Guide to Microsoft Windows Vista25 Software Restriction Policies (continued)

MCTS Guide to Microsoft Windows Vista26 Software Restriction Policies (continued)

MCTS Guide to Microsoft Windows Vista27 Software Restriction Policies (continued) Software restriction configuration options (continued) –You can enforce or ignore certificate rules –You can control how the trusted publishers used for certificate rules are managed –When trusted publisher certificates are added You can configure system to verify that they are valid

MCTS Guide to Microsoft Windows Vista28 Software Restriction Policies (continued)

MCTS Guide to Microsoft Windows Vista29 Other Security Policies Windows Firewall with Advanced Security –Used to configure the new firewall in Windows Vista –Lets you configure both inbound and outbound rules –Configure specific computer-to-computer rules –Can be used to configure IP Security (IPsec) rules Public Key Policies has a single setting for the Encrypting File System (EFS) IP Security Policies on Local Computer are used to control encrypted network communication

MCTS Guide to Microsoft Windows Vista30 Security Templates Security templates are.inf files that contain: –Settings that correspond with the Account Policies and Local Policies in the local security policy –Settings for the event log, restricted groups, service configuration, registry security, and file system security Edited by using the Security Templates snap-in Security templates are used by Security Configuration and Analysis tool and Secedit

MCTS Guide to Microsoft Windows Vista31 Security Templates (continued)

MCTS Guide to Microsoft Windows Vista32 Security Templates (continued) Tasks you can perform with the Security Configuration and Analysis tool –Analyze –Configure –Export

MCTS Guide to Microsoft Windows Vista33 Auditing –Security process that records the occurrence of specific operating system events in the Security log Every object in Windows Vista has audit events related to it Auditing is enabled through the local security policy or by using Group Policy Once the audit policy is configured –The audited events are recorded in the Security log that is viewed by using Event Viewer

MCTS Guide to Microsoft Windows Vista34 Auditing (continued)

MCTS Guide to Microsoft Windows Vista35 Auditing (continued)

MCTS Guide to Microsoft Windows Vista36 Auditing (continued)

MCTS Guide to Microsoft Windows Vista37 User Account Control User Account Control (UAC) –New feature in Windows Vista that makes running applications more secure Security is enhanced by reducing the need to log on and run applications using administrator privileges When UAC is enabled and an administrative user logs on –The administrative user is assigned two access tokens Standard user privileges Administrative privileges

MCTS Guide to Microsoft Windows Vista38 User Account Control (continued) Standard user access token is used to launch the Windows Vista user interface Admin Approval Mode –Ensures that the access token with administrative privileges is used only when required Application Information Service –Responsible for launching programs by using the access token with administrative privileges

MCTS Guide to Microsoft Windows Vista39 Application Manifest Application manifest –Describes the structure of an application –Includes required DLL files and whether they are shared Applications that are not designed for Windows Vista and which require administrative privileges –Do not properly request elevated privileges –Fix it by using the Application Compatibility Toolkit Repackage applications to make them compliant with UAC by using FLEXnet AdminStudio 7 SMS Edition

MCTS Guide to Microsoft Windows Vista40 UAC Prompts

MCTS Guide to Microsoft Windows Vista41 UAC Configuration Options UAC is configured by using either: –Windows Vista Local Security Policy For small environments –Group Policy For larger environments

MCTS Guide to Microsoft Windows Vista42 Internet Security Windows Vista includes the following features to secure Internet access: –Internet Explorer security options –Phishing filter –Windows Defender

MCTS Guide to Microsoft Windows Vista43 Internet Explorer Security Options Zones for Internet Explorer security options –Internet –Local intranet –Trusted sites –Restricted sites Predefined categories with groups of security settings –High –Medium-high –Medium

MCTS Guide to Microsoft Windows Vista44 Internet Explorer Security Options (continued) Predefined categories with groups of security settings –Medium-low –Low Internet Explorer Protected Mode –Internet Explorer zones can be configured to run in Protected Mode –Works in conjunction with UAC to prevent malicious software from installing

MCTS Guide to Microsoft Windows Vista45 Internet Explorer Security Options (continued)

MCTS Guide to Microsoft Windows Vista46 Internet Explorer Security Options (continued) Internet Explorer Protected Mode (continued) –Integrity levels Low (untrusted) Medium (user) High (administrative) –A process can only modify files and registry keys with the same or lower integrity level Intranet Zone Configuration –In a domain-based network Internet Explorer assumes that all Web sites in the local domain are part of the Intranet zone

MCTS Guide to Microsoft Windows Vista47 Internet Explorer Security Options (continued)

MCTS Guide to Microsoft Windows Vista48 Internet Explorer Security Options (continued) Intranet Zone Configuration –Options to detect intranet sites Include all local (intranet) sites not listed in other zones Include all sites that bypass the proxy server Include all network paths (UNCs)

MCTS Guide to Microsoft Windows Vista49 Phishing Filter Phishing –A very organized and deliberate attempt by individuals to steal personal and business information Phishing Web site is a fake Web site designed to look just like a legitimate Web site –Asks you to enter personal information Internet Explorer 7 includes a phishing filter –Provides a level warning for suspected phishing sites And a red warning for confirmed phishing sites Microsoft maintains a list of confirmed phishing sites

MCTS Guide to Microsoft Windows Vista50 Windows Defender –Antispyware software included with Windows Vista Spyware –Software that is silently installed on your computer, monitors your behavior, and performs actions based on your behavior Windows Defender provides two levels of protection: –On-demand scanning –Real-time scanning Both types of scanning use signatures to identify known and potential spyware

MCTS Guide to Microsoft Windows Vista51 Windows Defender (continued)

MCTS Guide to Microsoft Windows Vista52 Windows Defender (continued) On-Demand Scanning –Windows Defender can perform ad hoc scanning When you suspect that spyware is present on your computer –Windows Defender can also perform scheduled scans Real-Time Scanning –Constantly monitors your computer and alerts you when spyware attempts to install –Better than on-demand scanning because you are preventing the problem rather than fixing it

MCTS Guide to Microsoft Windows Vista53 Windows Defender (continued) Real-Time Scanning (continued) –Protects the following areas: Auto Start System Configuration (settings) Browser Add-ons Internet Explorer Configurations (settings) Internet Explorer Downloads Services and Drivers Application Execution Application Registration Windows Add-ons

MCTS Guide to Microsoft Windows Vista54 Windows Defender (continued) Windows Defender Alert Levels –Severe –High –Medium –Low –Not yet classified

MCTS Guide to Microsoft Windows Vista55 Data Security NTFS permissions –Most basic level of data security in Windows Vista –Stop logged-on users from accessing files and folders that they are not assigned read or write permission to Relatively easy to work around NTFS permissions –When you have physical access to the computer To secure data on desktop computers and laptops, encryption is required –Vista includes Encrypting File System (EFS) and BitLocker Drive Encryption

MCTS Guide to Microsoft Windows Vista56 Encryption Algorithms Encryption makes data unreadable –Decryption makes data readable again Symmetric encryption –Same key to encrypt data and decrypt data –The key is a long number that is very hard to guess –Symmetric encryption is strong and fast Good for encrypting large volumes of data such as files –Used by both EFS and BitLocker Drive Encryption –Biggest problem is securing the key

MCTS Guide to Microsoft Windows Vista57 Encryption Algorithms (continued)

MCTS Guide to Microsoft Windows Vista58 Encryption Algorithms (continued) Asymmetric encryption –Uses two keys to encrypt and decrypt data Data encrypted by one key is decrypted by the other –Keys are part of a digital certificate –Digital certificates are obtained from certificate authorities –Asymmetric encryption requires more processing power and is less secure than symmetric encryption –Use symmetric encryption to encrypt the data and then use asymmetric encryption to protect just the symmetric key

MCTS Guide to Microsoft Windows Vista59 Encryption Algorithms (continued)

MCTS Guide to Microsoft Windows Vista60 Encryption Algorithms (continued) Hash encryption –One-way encryption It encrypts data, but the data cannot be decrypted –Used to uniquely identify data rather than prevent access to data –Sometimes hash values for data are called fingerprints –Used for storing passwords –When passwords are stored as only a hash value, it is impossible to decrypt the password

MCTS Guide to Microsoft Windows Vista61 Encryption Algorithms (continued)

MCTS Guide to Microsoft Windows Vista62 Encrypting File System Encrypting File System (EFS) –First included with Windows 2000 Professional –Encrypts individual files and folders on a partition –Suitable for protecting data files and folders on workstations and laptops –Can also be used to encrypt files and folders on network servers File or folder must be located on an NTFS-formatted partition

MCTS Guide to Microsoft Windows Vista63 Encrypting File System (continued)

MCTS Guide to Microsoft Windows Vista64 Encrypting File System (continued) To use EFS, users must have a digital certificate with a public key and a private key –Windows Vista can generate one for you From the user perspective, encryption is a file attribute Files can also be encrypted using the command-line utility Cipher Lost encryption keys –If a user loses the EFS key, then an encrypted file is unrecoverable with the default configuration

MCTS Guide to Microsoft Windows Vista65 Encrypting File System (continued)

MCTS Guide to Microsoft Windows Vista66 Encrypting File System (continued) Lost encryption keys –Some ways EFS keys may be lost The user profile is corrupted The user profile is deleted accidentally The user is deleted from the system The user password is reset –Backing up your EFS key is done by using the Certificates MMC snap-in Only you can back up your own key –Creating a recovery certificate allows the files encrypted by all users to be recovered if required

MCTS Guide to Microsoft Windows Vista67 Encrypting File System (continued) Lost encryption keys (continued) –Steps for creating and using a recovery certificate Create the recovery certificate Install the recovery certificate Update existing encrypted files Sharing Encrypted Files –Steps to work with encrypted files on multiple computers Encrypt the file on the first computer Export the EFS certificate, including the private key from the first computer

MCTS Guide to Microsoft Windows Vista68 Encrypting File System (continued) Sharing Encrypted Files (continued) –Steps to work with encrypted files on multiple computers (continued) Import the EFS certificate, including the private key on the second computer Open the encrypted file on the second computer –Steps to share encrypted files with other users Export the EFS certificate of the first user, but do not include the private key Import the EFS certificate of the first user into the profile of the second user as a trusted person Second user encrypts file and shares it with first user

MCTS Guide to Microsoft Windows Vista69 Encrypting File System (continued) Moving and Copying Encrypted Files –Encrypted files behave differently when copied or moved –Rules for moving and copying encrypted files An unencrypted file copied or moved to an encrypted folder becomes encrypted An encrypted file copied or moved to an unencrypted folder remains encrypted An encrypted file copied or moved to a FAT partition, FAT32 partition, or floppy disk becomes unencrypted –If you have access to decrypt the file

MCTS Guide to Microsoft Windows Vista70 Encrypting File System (continued) Moving and Copying Encrypted Files (continued) –Rules for moving and copying encrypted files (continued) If you do not have access to decrypt a file, then you get an access-denied error –If you attempt to copy or move the file to a FAT partition, FAT32 partition, or floppy disk

MCTS Guide to Microsoft Windows Vista71 BitLocker Drive Encryption –Data encryption feature included with Windows Vista An entire volume is encrypted when you use BitLocker Drive Encryption –Also protects the operating system Designed to be used with a Trusted Platform Module (TPM) –Part of the motherboard in your computer and used to store encryption keys and certificates

MCTS Guide to Microsoft Windows Vista72 BitLocker Drive Encryption (continued)

MCTS Guide to Microsoft Windows Vista73 BitLocker Drive Encryption (continued) BitLocker Drive Encryption modes –TPM only –Startup key BitLocker Hard Drive Configuration –Hard drive must be divided into two partitions Encrypted partition: the operating system volume Unencrypted system partition: contains necessary files to boot the operating system

MCTS Guide to Microsoft Windows Vista74 BitLocker Drive Encryption (continued) BitLocker Encryption Keys –Volume Master Key (VMK) Encrypt data on the operating system volume –Full Volume Encryption Key (FVEK) Used to encrypt the VMK Recovering BitLocker-Encrypted Data –A recovery password is generated automatically –You can save it to a USB drive or folder, display on the screen, or print

MCTS Guide to Microsoft Windows Vista75 BitLocker Drive Encryption (continued)

MCTS Guide to Microsoft Windows Vista76 BitLocker Drive Encryption (continued) Recovering BitLocker-Encrypted Data (continued) –Recovery password is required when the normal decryption process is unable to function –Most common reasons include: Modified boot files Lost encryption keys Lost or forgotten startup PIN Disabling BitLocker Drive Encryption –Decrypts all of the data on the hard drive and makes it readable again

MCTS Guide to Microsoft Windows Vista77 Windows Update Scheduling automatic updates with Windows Update –The most important security precaution you can take with Windows Vista When a Windows security flaw is found, the flaw is reported to Microsoft –Microsoft releases a patch to fix the problem Windows Update settings –Install updates automatically (recommended) –Download updates but let me choose whether to install them

MCTS Guide to Microsoft Windows Vista78 Windows Update (continued) Windows Update settings (continued) –Check for updates but let me choose whether to download and install them –Never check for updates (not recommended) Microsoft has improved the quality of their patches Windows Update process can be modified to use Windows Server Update Services (WSUS) –WSUS allows corporations to test patches before releasing them

MCTS Guide to Microsoft Windows Vista79 Windows Update (continued)

MCTS Guide to Microsoft Windows Vista80 Windows Update (continued) Windows Update categories –Important –Recommended –Optional

MCTS Guide to Microsoft Windows Vista81 Windows Security Center –Control Panel applet that lets you quickly check important security settings in Windows Vista Settings monitored by Windows Security –Firewall –Automatic updating –Malware protection –Other security settings

MCTS Guide to Microsoft Windows Vista82 Windows Security Center (continued)

MCTS Guide to Microsoft Windows Vista83 Summary Windows Vista has new improved security features Windows Vista supports various security policies including local security and account policies Security templates can be used to configure or analyze Windows Vista security options Analyzing and applying security templates is done with Secedit or the Security Configuration and Analysis MMC snap-in Auditing is used to record specific operating system events to the security log

MCTS Guide to Microsoft Windows Vista84 Summary (continued) UAC increases security by allowing users to log on and perform their jobs with standard user accounts Internet Explorer divides Web sites into zones Internet Explorer uses a new protected mode with limited permissions to enhance security A phishing filter is included with Internet Explorer to safeguard private information Windows Defender is antispyware software

MCTS Guide to Microsoft Windows Vista85 Summary (continued) EFS protects individual files by encrypting them BitLocker Drive Encryption encrypts an entire partition Windows Update ensures that patches are applied to Windows Vista as they are made available