Download presentation
Presentation is loading. Please wait.
Published byWill Tidd Modified over 9 years ago
1
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security Policy
2
Guide to MCDST 70-2712 Objectives Understand the local security policy Understand group policies Use the Security Configuration and Analysis tool and secedit Perform troubleshooting for group policy
3
Guide to MCDST 70-2713 Local Security Policy Windows XP Professional is only subject to security restrictions of local security policy when it is a stand-alone system or member of a workgroup Group policy object –A collection of Registry settings that are applied to the system upon startup and user logon
4
Guide to MCDST 70-2714 Local Security Policy (continued) Contents of local security policy –Determined during installation Custom policies –Can be created through the use of.adm files.adm files used by group policy editors –Reside in the \inf subfolder of the main Windows XP directory
5
Guide to MCDST 70-2715 Local Security Policy (continued)
6
Guide to MCDST 70-2716 Local Security Policy (continued)
7
Guide to MCDST 70-2717 Password Policy Defines the restrictions on passwords Items in policy include: –Enforce password history: 0 passwords –Maximum password age: 42 days –Minimum password age: 0 days –Minimum password length: 0 characters
8
Guide to MCDST 70-2718 Account Lockout Policy Defines conditions that result when a user account is locked out Used to prevent brute force attacks against user accounts Items in policy include –Account lockout duration –Account lockout threshold: 0 invalid logon attempts –Reset account lockout counter after: Not Applicable
9
Guide to MCDST 70-2719 Account Lockout Policy (continued)
10
Guide to MCDST 70-27110 Audit Policy Defines events recorded in the Security log of the Event Viewer Auditing –Used to track resource usage Items in policy include: –Audit account logon events: No auditing –Audit account management: No auditing –Audit directory service access: No auditing
11
Guide to MCDST 70-27111 User Rights Assignment Defines which groups or users can perform the specific privileged action Troubleshooting user rights –A process of test, reconfigure, and retest
12
Guide to MCDST 70-27112 User Rights Assignment (continued)
13
Guide to MCDST 70-27113 Security Options Defines and controls various security features, functions, and controls Items in this policy include: –Accounts―Administrator account status: Enabled –Accounts―Guest account status: Disabled –Devices―Allow undock without having to logon: Enabled
14
Guide to MCDST 70-27114 Security Options (continued)
15
Guide to MCDST 70-27115 Public Key Policies Used to: –Offer additional controls over the Encrypting File System (EFS) –Enable the issuing of certificates –Allow you to establish trust in a certificate authority
16
Guide to MCDST 70-27116 Public Key Policies (continued)
17
Guide to MCDST 70-27117 Software Restriction Policies Used to restrict the programs and applications allowed to execute on a system Software restriction policies can be one of these: –“Deny all but the exceptions” method –“Allow all but the exceptions” method
18
Guide to MCDST 70-27118 Software Restriction Policies (continued)
19
Guide to MCDST 70-27119 IP Security Policies on Local Computer Used to define policies that control the function of IPSec Negotiates a secure encrypted communications link between a client and server through public and private encryption key management
20
Guide to MCDST 70-27120 IP Security Policies on Local Computer (continued) IPSec offers protection against: –Eavesdropping –Data modification –Identity spoofing –Password attacks –Denial-of-service attacks –Man-in-the-middle attacks
21
Guide to MCDST 70-27121 IP Security Policies on Local Computer (continued) Predefined IPSec policies –The Client (Respond Only) policy –The Server (Request Security) policy –The Secure Server (Require Security) policy Authentication methods –Kerberos version 5 –Public key certificate authentication –Preshared key
22
Guide to MCDST 70-27122 Group Policies An expanded version of the local security policy Divisions –Computer Configuration –User Configuration
23
Guide to MCDST 70-27123 Group Policies (continued)
24
Guide to MCDST 70-27124 Computer Configuration Used to define and regulate security-related features and functions Subnodes –Software Settings –The Windows Settings folder –The Administrative Templates folder
25
Guide to MCDST 70-27125 User Configuration Subfolders –Software Settings―empty by default –The Windows Settings folder―contains Internet Explorer Maintenance, Scripts (Logon/Logoff), and Security Settings –The Administrative Templates folder―contains a multilevel collection of user-specific, Registry- based controls
26
Guide to MCDST 70-27126 Application of Group Policies Applied in the following order: –Any existing legacy Windows NT 4.0 ntconfig.pol files are applied –Any unique local security policy is applied –Any site group policies are applied –Any domain group policies are applied –Any organizational units (OUs) group policies are applied
27
Guide to MCDST 70-27127 Security Configuration and Analysis Tool An MMC snap-in that can be used to analyze, configure, export, and validate system security based on a security template Security template –A predefined group policy file with specific levels of security Predefined security templates –compatws –hisecdc –hisecws
28
Guide to MCDST 70-27128 Using Secedit Used to analyze, configure, export, and validate security based on a security template Parameters of secedit –analyze –db FileName –cfg FileName –log FileName
29
Guide to MCDST 70-27129 Troubleshooting Policies If change does not seem to take effect on a system –Log out then back on –Reboot the system –If change still fails to take effect, examine the RSoP for the local system or access the Help and Support Center
30
Guide to MCDST 70-27130 Summary Local Security Policy tool –Used to manage passwords, account lockout parameters, audits, user rights Group policies –Domain-level versions of the local security policy Local computer policy (RSoP of applied GPOs) –Controls many aspects of the security system Troubleshooting GPOs includes discovering the RSoP
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.