Presented by: CMS Consulting Inc. Visit us online at

Slides:



Advertisements
Similar presentations
Auditing Microsoft Active Directory
Advertisements

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
The System Center Family Microsoft. Mobile Device Manager 2008.
Microsoft Server 2008 R2 Group Policies & AD. Group Policies-Refresher  Policies are “all or nothing”  You cannot selectively choose within a policy.
{ Best Practice Why reinvent the wheel?.   Domain controllers   Member servers   Client computers   User accounts   Group accounts   OUs 
Module 5: Creating and Configuring Group Policy
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Chapter 7 HARDENING SERVERS.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Principles for securing a corporate network, with a look at the some of the Microsoft technologies available Nick Clark.
7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
SOE and Application Delivery Gwenael Moreau, Abbotsleigh.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.
Windows 2000 Security Policies & Practices: How to build your plan Mandy Andress, CISSP President ArcSec Technologies.
Managing Active Directory Domain Services Objects
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
W2k Security At FNAL Jack Schmidt FNAL W2K Migration Working Group Chair April 16.
Module 14: Configuring Server Security Compliance
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
Securing AD DS Module A 3: Securing AD DS
SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
Microsoft ® Official Course Module 3 Managing Active Directory Domain Services Objects.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Presented by: Christopher Diachok, CMS Consulting Inc.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
Section 11: Implementing Software Restriction Policies and AppLocker What Is a Software Restriction Policy? Creating a Software Restriction Policy Using.
Note1 (Admi1) Overview of administering security.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
Module 5: Creating and Configuring Group Policies.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Microsoft Management Seminar Series SMS 2003 Change Management.
Exchange Deployment Planning Services Exchange 2010 Complementary Products.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Frontline Enterprise Security
Module 7: Implementing Security Using Group Policy.
Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.
Managing and Monitoring the Microsoft Application Platform Damir Bersinic Ruth Morton IT Pro Advisor Microsoft Canada
Implementing a Group Policy Infrastructure
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
Ed Tech Audit Case Study Pete Reilly. Process Meetings with the Superintendent Extended meetings with the technology coordinator Meeting with each administrator.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Importance of Physical Security Common Security Mistakes 1.Security Awareness 2.Incident Response 3.Poor Password Management 4.Bad administrative.
11 DESIGNING AN ADMINISTRATIVE SECURITY STRUCTURE Chapter 7.
Module 8 Implementing Security Using Group Policy.
GROUP POLICY. Group Policy is a hierarchical infrastructure which allows systems administrators to configure computer and user settings from a central.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Configuring Windows Firewall with Advanced Security
Unit 27: Network Operating Systems
11/11/2018 Desktop Virtualization Corey Hynes Kyle Rosenthal President Technical Lead HynesITe Inc Spider Consulting @windowspcguy.
Implementing Client Security on Windows 2000 and Windows XP Level 150
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
PLANNING A SECURE BASELINE INSTALLATION
Designing IIS Security (IIS – Internet Information Service)
6. Application Software Security
Presentation transcript:

Presented by: CMS Consulting Inc. Visit us online at

The contents of this presentation are the property of CMS Consulting Inc. No portion, in whole or in part can be used without the express written consent of CMS. You may for permission to re-post or re-use any of this content.

Brian Bourne CMS Consulting Inc, President Toronto Area Security Klatch, Co-Founder Black Arts Illuminated Inc., Director Fancy Credentials CISSP, MCT, MCSE:Security

Microsoft Infrastructure and Security Experts Active Directory - Windows Server - Exchange - SMS - ISA MOM - Clustering - Office – Desktop Deployment - SQL – Terminal Services - Security Assessments - Lockdown – Wireless Training by Experts for Experts MS Infrastructure – Security - Vista and Office Deployment Visit us online: Downloads – Resources – White Papers For Security Solutions For Advanced Infrastructure For Network Solutions For Information Worker For Mobility Solutions

1. ~~~~~~~~~ 2. ~~~ ~~ ~~ 3. ~~~~ Top 10 Security Mistakes Based on the results of numerous health check and assessment service offerings Top 10 Areas for Security Improvement Based on feedback from the consulting team at CMS

This is painfully obvious and still a problem at every customer. Problems include: Poor policy or poor policy enforcement Password re-use (eg. FileMaker password = Domain Password = Banking Password) User training – hey, did you know a simple sentence is complex? “My first born is Grant.” Password storage

Typical Issues: No inventory of software and hardware (no idea what to patch) No reporting of patch status or deployment Legacy software that’s simply unpatchable Software that followed the “deploy and forget” methodology Remember: All software and hardware needs patching, not just Microsoft! Especially security products!

Everyone, Full Control, Everywhere Anonymous is part of everyone! Simple Rules: Permissions are cumulative, except Deny wins. Never grant permissions to users. Grant to groups. Avoid upgrading W2K. Install W2K3 fresh. Use security templates and group policy to set/maintain security

No one seems to follow the rule of least privilege. Enumerate the following groups: Enterprise, Domain and Schema Administrators Server, Print and Backup Operators Service Accounts need special treatment Separate OU with GPO’s limiting rights Should be “Administrators”, not DA or EA! Use OU’s and delegate required administrative functions

Please don’t use a DA account for day to day activity. Better yet, don’t use a DA from anything but a designated high security, administrative workstation (think about bad things like keyloggers when logging in from untrusted machines) Guard EA accounts! Don’t share the administrator password. At minimum, you want some level of non-repudiation.

The most common installed and unneeded service? Any guesses? (IIS) Reduce the attack surface! Define Role based Templates Test, test, test Enforce by GPO! Good guide to understanding services windows2000serv/deploy/prodspecs/win2ksvc.mspx

How will we ever know if something happens? How will we ever be able to piece together “the crime scene” without any evidence? Audit only what’s important. Think beyond Windows events. Applications, firewalls, switches, etc. Consider log shipping also.

System State on all FSMO role holders. Critical data everywhere else. Remember to test procedures with restores Consider encryption/password protection to prevent unauthorized restores Offsite storage, secured fireproof vault Part of a larger Disaster Recovery plan

For IT Staff: Security Architecture Secure Operating Procedures Understanding of attack methods Defence in Depth techniques For All Staff Awareness training and Internet Usage Social Engineering awareness

Have a plan and have training! DO NOT: Touch the computer. Delete files. Or frankly react in anyway without a carefully thought out and professional approved plan!

1. ~~~~~~~~~ 2. ~~~ ~~ ~~ 3. ~~~~ Things People Need to Think More About: 1. Funding for security 2. Application filtering and layer 7 firewalls 3. Intrusion detection and prevention 4. Incident Response Planning and Training 5. Security Policy, Usage Policy 6. Log collection, management and co-relation 7. Physical controls 8. Network controls (who can plug in) 9. Firewalls should not look like swiss cheese (Hint: Use IPSec instead) 10. VPN controls and other remote access methods

November 20 – 21, 2007, MTCC, Toronto, ON, Canada

INSPIRE Infrastructure Workshop 4 days of classroom training - demo intensive AD, Exchange, ISA, Windows Server, SMS, MOM, Virtual Server Business Desktop Deployment – Deploying Vista/Office 3 days of classroom training - hands on labs (computers provide) Business Desktop Deployment Concepts, Tools, Processes, etc. Vista and Office Securing Internet Information Services Securing ActiveDirectory Securing Exchange day classroom training per topic TRAINING BY EXPERTS FOR EXPERTS

@ Brian Bourne, President – Robert Buren, VP Business Development – CMS Consulting Inc. – CMS Training – Toronto Area Security Klatch –

Thank You! Visit: CMS Consulting at Join: Toronto Area Security Klatch at Register: Security Education in Toronto at CMS Consulting Inc.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.