Microsoft ® Virtual Academy Module 3 Understanding Security Policies Christopher Chapman | Content PM, Microsoft Thomas Willingham | Content Developer,

Slides:

Advertisements

Similar presentations

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.

Advertisements

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Microsoft Technology Associate

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

Authentication, Authorization and Accounting

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.

Securing Windows Servers Using Group Policy Objects

Hardening Small Business Server 2003 Published: July 2005 Dana Epp Computer Security Software Architect Scorpion Software Corp. SBS Security HOWTO.

Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.

Password Management PA Turnpike Commission

Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Managing Network Security ref: Overview Using Group Policy to Secure the User Environment Using Group Policy to Configure Account Policies.

Chapter 13 – Network Security

Designing Active Directory for Security

Managing User and Service Accounts

Windows Server 2003 Overview 1 Windows 2003 Server Overview Ayaz

CIS 450 – Network Security Chapter 8 – Password Security.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1.

Securing AD DS Module A 3: Securing AD DS

Profiles, Password Policies, Privileges, and Roles

1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.

8.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 8: Planning.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

September 18, 2002 Windows 2000 Server Active Directory By Jerry Haggard.

Session 7 LBSC 690 Information Technology Security.

Breno de MedeirosFlorida State University Fall 2005 Windows servers The NT security model.

Understanding Group Policy James Michael Stewart CISSP, TICSA, CIW SA, CCNA, MCSE NT & W2K, iNet+

Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.

1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.

1 Chapter Overview Understanding User Accounts Planning New User Accounts Creating, Modifying, and Deleting User Accounts Setting Properties for User Accounts.

LockoutGuard Protect AD accounts from Extranet attacks Copyright ©2008 Collective Software, LLC.

Password Security. Overview What are passwords, why are they used? Different types of attacks Bad password practices to avoid Good password practices.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

November 19, 2008 CSC 682 Do Strong Web Passwords Accomplish Anything? Florencio, Herley and Coskun Presented by: Ryan Lehan.

Module 7: Implementing Security Using Group Policy.

NetTech Solutions Security and Security Permissions Lesson Nine.

Module 10: Windows Firewall and Caching Fundamentals.

Building Structures. Building Relationships. Passwords February 2010 Marshall Tuck.

Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.

SCSC 455 Computer Security Chapter 3 User Security.

CHAPTER 5 MANAGING USER ACCOUNTS & GROUPS. User Accounts Windows 95, 98 & Me do not need a user account like Windows XP Professional to access computer.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

Access The L Line The Express Line to Learning 2007 L Line L © Wiley Publishing All Rights Reserved.

Chapter 7 Server Management Policies –User accounts –Groups Rights and permissions Examples.

Password Security Module 8. Objectives Explain Authentication and Authorization Provide familiarity with how passwords are used Identify the importance.

Module 7: Designing Security for Accounts and Services.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

Understanding Security Policies Lesson 3. Objectives.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Remote Authentication Dial-In User Service (RADIUS)

Understanding Security Policies

Managing User and Service Accounts

Configuring Windows Firewall with Advanced Security

Big Picture How many ways can a system be attacked? What can we do about it?

NTC 328 Great Wisdom/tutorialrank.com. NTC 328 All Assignments For more course tutorials visit NTC 328 Assignment Week 1 Practice.

Greta Mameniskyte IV course 3rd group

Understanding Security Policies

PLANNING A SECURE BASELINE INSTALLATION

Managing Passwords with Group Policy

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

Microsoft ® Virtual Academy Module 3 Understanding Security Policies Christopher Chapman | Content PM, Microsoft Thomas Willingham | Content Developer, Microsoft

Module Overview Common Password Attacks Password Policies

Common Password Attacks

Dictionary and Brute Force Attacks A dictionary attack uses a dictionary containing an extensive list of potential passwords that the attacker then tries in conjunction with a user ID in an attempt to guess the appropriate password. Another, more crude type of attack—called a brute force attack— doesn’t rely on lists of passwords, but rather tries all possible combinations of permitted character types.

Physical Attacks Anytime your computer can be physically accessed by an attacker, that computer is at risk. Physical attacks on your computer can completely bypass almost all security mechanisms, such as by capturing the passwords and other critical data directly from the keyboard when a software or hardware keylogger is used. In fact, if your encryption key passes through a keylogger, you might find that even your encrypted data is jeopardized.

Network Sniffers Sniffers are specially designed software (and in some cases hardware) applications that capture network packets as they traverse a network, displaying them for the attacker. Sniffers are valid forms of test equipment, used to identify network and application issues, but the technology has been rapidly co- opted by attackers as an easy way to grab logon credentials.

Password Policies

Password Complexity Password complexity involves the characters used to make up a password. A complex password uses characters from at least three of the following categories: English uppercase characters (A through Z) English lowercase characters (a through z) Numeric characters (0 through 9) Non-alphanumeric characters #, $, %, ^, &, etc.)

Password Length, Age, and History Password length is the number of characters used in a password. Time between password changes can be defined by two settings: Minimum Password Age Maximum Password Age Password history prevents users from recycling the same passwords through a system.

View and Create a Password Policy

Account Lockout Account lockout settings allow you to specify when to lock an account if incorrect logon attempts happen. Microsoft provides three separate settings with respect to account lockout: Account lockout duration Account lockout threshold Reset account lockout counter after

View and Create Account Lockout Policy

Additional Resources & Next Steps Books Exam Security Fundamentals Exam : MTA Networking Fundamentals Exam Ref : Installing and Configuring Windows Server 2012 Instructor-Led Courses 40349A: Windows Operating System Fundamentals: MTA Exam A: Networking Fundamentals: MTA Exam A: Windows Server Administration Fundamentals: MTA Exam C: Installing and Configuring Windows Server 2012 Exams & Certifications Exam : Security Fundamentals Exam : Windows Operating System Fundamentals Exam : Networking Fundamentals Exam : Windows Server Administration Fundamentals Exam : Installing and Configuring Windows Server 2012