Download presentation
Presentation is loading. Please wait.
Published byLeo Johnston Modified over 9 years ago
1
2851A_C01
2
Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada
3
Session Prerequisites Experience managing Windows XP Professional desktops An understanding of the deployment tools that are used to deploy Windows XP and updates to the desktop Experience using Group Policy to manage desktops Level 200
4
Session Prerequisites (cont.) OR The skills represented by taking: Course 2285 (covering Windows XP) Course 2297 (designing Active Directory ® and networking)
5
Introduction to Windows XP Service Pack 2 Introduction to Windows XP Service Pack 2 Windows XP SP2 Network Protection Features Reducing Applications Failures by Using Windows XP SP2 Memory Protection Features Exploring SP2 E-Mail Handling Security Features Browsing Securely by Using SP2
6
The Need for SP2 Security attack trends include: Increased uses of automation - tools for Scanning, Compromising and Propagation. Asymmetric threats - distributed systems to attack single targets Increased complexity - Tool signatures more complex and difficult to detect. Infrastructure attacks - denial of service and worms Faster detection of vulnerabilities and faster exploits. Firewall intrusions - harnessing ‘firewall friendly’ and ‘mobile’ code
7
What Is New in SP2? New and Improved Features: Enhanced Network Protection New Memory Protection More Secure E-Mail Handling Enhanced Browser Security Improved Computer Maintenance Enhanced Network Protection New Memory Protection More Secure E-Mail Handling Enhanced Browser Security Improved Computer Maintenance SP2 provides several built-in security technologies that reduce computer vulnerabilities.
8
How SP2 Minimizes the Attack Surface SP2 Features Security Technologies Network Protection Windows Firewall Remote procedure call (RPC) Distributed-component object model (DCOM) Memory Protection NX (Intel and AMD 64 bit processors currently) Sandboxing (buffer overruns) & Cookies (stack overruns) More Secure E-Mail Handling Multipurpose Internet mail extension (MIME) type restrictions Attachment handling Enhanced Browser Security Pop-up management and crash detection Download prompt Improved Computer Maintenance Security Center Automatic updates & Anti Virus Monitoring
9
Your instructor will demonstrate how to resolve a remote connectivity issue with the netsh command-line tool. Demonstration 1: Resolving Remote Connectivity Issues by Using the Netsh Command-Line Tool You will see how to: Allow access to MMC with the firewall enabled Unblock a specific port via command line / script
10
SP2 Security Management Using Windows Security Center Windows Firewall Configuration Internet Options Configurations Antivirus Configuration Automatic Update Configuration Computer Running Security Center
11
Your instructor will demonstrate how to manage SP2 by using Security Center. Demonstration 2: Managing SP2 by Using Windows Security Center Specifically, you will learn to configure: The Automatic Updates option The Virus Protection option
12
Windows XP SP2 Network Protection Features Introduction to Windows XP Service Pack 2 Windows XP SP2 Network Protection Features Reducing Applications Failures by Using Windows XP SP2 Memory Protection Features Exploring SP2 E-Mail Handling Security Features Browsing Securely by Using SP2
13
New Security Features in Windows Firewall Boot-time security On by default Global configuration and restore defaults On with no exceptions Command-line support Unattended setup support RPC Support for system services Multiple profiles Windows firewall exceptions list Local subnet restrictions
14
Windows Firewall Advanced Security Features Advanced options include: Basic configuration ICMP options Ability to enable specific network interfaces Connection and packet logging improvements
15
Demonstration 3: Exploring Windows Firewall New Security Features You instructor will demonstrate: The On by Default feature The On with No Exceptions feature The Windows Firewall Exceptions List The Restore Defaults feature (advanced options)
16
Enhanced DCOM Security Remote Client DCOM Server Specific COM Permissions Able to restrict rights that are available to users to individual COM servers Computer-wide Restrictions Restrictions that apply to DCOM call, activation and launch privileges and that differentiate between local and remote clients
17
More Secure Remote Procedure Calls Remote, Anonymous Client Firewall RPC Servers Processes running on Local System, Network Service, Local Service security context Open port Allowed Processes claiming to be RPC Services e.g. Trojan Horses Other acceptedrestricted Open port Blocked Local Client and/or Authenticated client Group Policy
18
Services Disabled by Default in Windows XP SP2 Disabled Service Before SP2 After SP2 Alerter Set to Start Manually Disabled by Default Windows Messenger Set to Start Automatically Disabled by Default Alternative options: Recommended resolution; rewrite application to use another method to communicate with the user Start the Alerter or Messenger service programmatically
19
Reducing Application Failures Introduction to Windows XP Service Pack 2 Windows XP SP2 Network Protection Features Reducing Application Failures by Using Windows XP SP2 Memory Protection Features Exploring SP2 E-Mail Handling Security Features Browsing Securely by Using SP2
20
Execution Protection (NX) and How It Works NX features: Memory locations tagged as nonexecutable unless location explicitly contains executable code Buffer overrun attach protection Currently available on some 64-bit CPUs CPU-aided memory protection
21
Exploring SP2 E-Mail Handling Security Features Introduction to Windows XP Service Pack 2 Windows XP SP2 Network Protection Features Reducing Applications Failures by Using Windows XP SP2 Memory Protection Features Exploring SP2 E-Mail Handling Security Features Browsing Securely by Using SP2
22
Attachment Manager in Outlook Express and Windows Messenger New e-mail with attachment User Running Outlook Express User Running Windows Messenger Different actions taken for: Safe attachments Unsafe attachments Suspicious attachments AES API
23
HTML Content Blocking in Outlook Express Content Blocking Feature: Blocks external images New “Don’t Download External HTML Content” feature Users Running Outlook Express Web Server Internet Preserves the user's privacy and prevents future attacks Web Server
24
Demonstration 4: Demonstrating and configuring Attachment Handling in Outlook Express You instructor will demonstrate: How Outlook Express Handles attachements How to configure attachment handling in Outlook Express
25
Browsing Securely by Using SP2 Introduction to Windows XP Service Pack 2 Windows XP SP2 Network Protection Features Reducing Applications Failures by Using Windows XP SP2 Memory Protection Features Exploring SP2 E-Mail Handling Security Features Browsing Securely by Using SP2
26
Managing Internet Explorer Browser Security Security feature Illustrate with MIME security improvements Consistency checks Stricter rules Better security management Add-on control and management features Better prompts New script-initiated window restrictions Local machine zone A list of steps that make up the procedure An interface or a GUI diagram with callout labels Feature control security zone MIME sniffing Security elevation Windows restriction Group Policy settings Administrative control for Feature Control Security Zones
27
Making the Local Computer More Secure Internet Explorer information bar Internet Explorer add-on installation prompt Internet Explorer download prompt New file handler icon New security information area Executable files are checked for publisher information Outlook Express prompts
28
Blocking Annoying Pop- Up Windows FeatureDescription Pop-Up Manager Blocks unwanted pop-ups Window Restrictions Controls script-initiated repositioning Controls script-initiated resizing Window Placement Governs the placement of pop-up windows
29
Managing Add-Ons AddOn Management and Crash Detection: Better add-on detection New add-on management features
30
Demonstration 5: Popups, Scripts and Configuring Add-On Management You instructor will demonstrate: The Information Bar with popups and scripts How to view information about how often the add- ons have been used by Internet Explorer
31
Session Summary Introduction to Windows XP Service Pack 2 Windows XP SP2 Network Protection Features Reducing Application Failures by Using Windows XP SP2 Memory Protection Features Exploring SP2 E-Mail Handling Security Features Browsing Securely by Using SP2
32
Next Steps Microsoft Canada Technet http://www.microsoft.com/technet/canada/ http://www.microsoft.com/technet/canada/ http://www.microsoft.com/technet/canada/ Find additional Technet events: http://www.microsoft.com/technet/canada/ events/ http://www.microsoft.com/technet/canada/ events/ Share information and get community- based support for SP2 http://communities.microsoft.com/newsgroup s/default.asp?icp=xpsp2&slcid=us http://communities.microsoft.com/newsgroup s/default.asp?icp=xpsp2&slcid=us Get additional information about changes to functionality in SP2 http://www.microsoft.com/technet/prodtechn ol/winxppro/maintain/winxpsp2.mspx
33
Questions and Answers
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.