Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1.

Published byRuth Gibson Modified over 9 years ago

Similar presentations

Presentation on theme: "Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1."— Presentation transcript:

1 Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1

2 Overview Introducing Local Security Policies Four Categories Configuring Password Policy Account Lockout Policy Security Options IP Security Policies Fall 2011 2 Nassau Community College ITE153 – Operating Systems

3 Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Windows 7 Professional Local Security Policies 3

4 Local Security Policies A Group Policy object contains an extensive profile of security permissions that apply primarily to the security settings of a domain or a computer (rather than to users) Group policies for local computers that do not use the Active Directory are set using Local Security Policies Because a computer can have more than one policy setting applied to it, security policy settings can conflict with each other. The order of precedence from highest to lowest is: OU => domain => local computer Fall 2011 Nassau Community College ITE153 – Operating Systems 4

5 Local Security Policies Local Security Policies apply to a computer and contain these subsets: Audit policy. Determines whether security events are written to the security log in Event Viewer on the computer. Also determines whether to log successful attempts, failed attempts, or both User rights assignment. Determines which users or groups have logon rights or privileges on the computer Security options. Enables or disables security policy settings for the computer, such as digital signing of data, Administrator and Guest account names, floppy disk drive and CD drive access, driver installation, and logon prompts Fall 2011 Nassau Community College ITE153 – Operating Systems 5

6 Local Security Policies There are four categories of local security policies: Account Policies Local Policies Public Key Policies IP Security Policies Fall 2011 Nassau Community College ITE153 – Operating Systems 6

7 Local Security Policies Two ways to get to it: Control Panel => Systems and Security =>Administrative Tools => Local Security Policy mmc secpol.msc Fall 2011 Nassau Community College ITE153 – Operating Systems 7

8 Account Policies Password and account lockout policies Set number of invalid logon attempts Lock account indefinitely Fall 2011 Nassau Community College ITE153 – Operating Systems 8

9 Local Policies Fall 2011 Nassau Community College ITE153 – Operating Systems 9 Prevents last user name logged on from appearing Shutdown without being logged on Lock account indefinitely Force logoffs

10 Public Key Policies Fall 2011 Nassau Community College ITE153 – Operating Systems 10 Deals mainly with recovery and encryption

11 IP Security Policies Fall 2011 Nassau Community College ITE153 – Operating Systems 11 Network security rules IP Filtering

12 … And More Policies Fall 2011 Nassau Community College ITE153 – Operating Systems 12

13 Lab A: Local Security Policies Fall 2011 13 Nassau Community College ITE153 – Operating Systems

14 Configuring Password Policy Enforce password history – how many old passwords Maximum password age – days to keep a particular password Minimum password age – prevents changing the password back Minimum password length - # of characters Password complexity requirements – disabled by default Fall 2011 Nassau Community College ITE153 – Operating Systems 14

15 Lab B: Configuring Password Policy Fall 2011 15 Nassau Community College ITE153 – Operating Systems

16 Account Lockout Policy Prevents users from guessing passwords Account lockout duration – minutes account is locked out Account lockout threshold – number of invalid logons Reset account lockout counter after – number of minutes that must elapse after a failed logon attempt Fall 2011 Nassau Community College ITE153 – Operating Systems 16

17 Lab C: Account Lockout Policy Fall 2011 17 Nassau Community College ITE153 – Operating Systems

18 Security Options Fall 2011 Nassau Community College ITE153 – Operating Systems 18

19 Security Options Interactive logon: Do not display last user name This security setting determines whether the name of the last user to log on to the computer is displayed in the Windows logon screen. Fall 2011 Nassau Community College ITE153 – Operating Systems 19

20 User Rights Assignment Change the Time Zone This user right determines which users and groups can change the time zone used by the computer for displaying the local time, which is the computer's system time plus the time zone offset. Fall 2011 Nassau Community College ITE153 – Operating Systems 20

21 Lab D: Security Options Fall 2011 21 Nassau Community College ITE153 – Operating Systems

22 IP Security Policies Used for building firewalls Uses a wizard and IP filters Fall 2011 Nassau Community College ITE153 – Operating Systems 22

23 Important URLS Local Users and Groups - use Local Users and Groups to create and manage users and groups that are stored locally on a computerLocal Users and Groups Local Users and Groups - similar to link above but for Windows 7, Windows Server 2008, Windows Server 2008 R2Local Users and Groups Local Users and Groups best practices - excellent tipsLocal Users and Groups best practices Microsoft Security Administrators Guide - security administrators guide. Also available in PDF format.Microsoft Security Administrators GuidePDF Microsoft Security TechCenter - links to technical bulletins, advisories, updates, tools, and prescriptive guidance. This is a very good site to visit frequentlyMicrosoft Security TechCenter Fall 2011 Nassau Community College ITE153 – Operating Systems 23

24 Homework Review the Slides Review Lesson 12 In The Text Fall 2011 Nassau Community College ITE153 – Operating Systems 24

Download ppt "Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1."

Similar presentations

Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Chapter 13 Securing Windows Server 2008

Chapter 13 Securing Windows Server 2008
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
Guide to MCSE 70-290, Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Similar presentations

Ads by Google