Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall.

Published byShannon Strickland Modified over 9 years ago

Similar presentations

Presentation on theme: "Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall."— Presentation transcript:

1 Windows Security

2 Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall

3 Authentication Credentials Identity (username) Proof of identity (password) Graphical Identification and Authentication (GINA) DLL Authentication Managed by Local Security Authority (LSA) Security Accounts Manager (SAM) database (local) Kerberos version 5 + Active Directory (remote) Network LanMan (NTLM) + SAM database(remote) Security Support Provider Interface (SSPI)

4 Authentication process in Windows 2000/XP network. Authentication

5 Authorization Security principal Any entity that can perform an action User Group Computer Service Security identifier (SID) Uniquely identifies security principal

6 Authorization Access token Stores in security information about security principal Security principal SID All group SIDs Session ID Enables fast user switching Session ID tells which processes to run in background Inheritance Given to all processes and threads owned by security principal

7 Authorization Security descriptor Protect resources: files, programs, printers, etc. Discretionary Access Control List (DACL) Ordered list of Access Control Entries (ACEs) Stores SID What security principal with that SID may do First ACE to match access token SID determines authorization Inclusive or exclusive security policy (or both)

8 Internet Connection Firewall Internet Connection Firewall (ICF) protects Single computer Network Packet filtering Outbound traffic recorded in flow table Inbound packets permitted only if match entry in flow table Port mapping Some applications require unsolicited inbound traffic Web servers On-line games LDAP Users may explicitly open a port to unsolicited packets

9 Other Features Encrypting File System Cookie management Control software execution File hash provides extra protection Certificates Trusted Internet Zones Automatic Update Notifies users of security patches Can download and install patches automatically

Download ppt "Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall."

Similar presentations

Security Features in Microsoft® Windows® XP James Noyce, Senior Consultant Security Solutions Team, Business Critical Services Microsoft Security Solutions,

Security Features in Microsoft® Windows® XP James Noyce, Senior Consultant Security Solutions Team, Business Critical Services Microsoft Security Solutions,
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Configuring Windows to run Dr.Web scanner remotely.

Configuring Windows to run Dr.Web scanner remotely.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.
Understanding Active Directory

Understanding Active Directory
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Windows Security Mechanisms Al Bento - University of Baltimore.

Windows Security Mechanisms Al Bento - University of Baltimore.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.

MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.
Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active.

Users and Groups Security Architecture Editing Security Policies The Registry File Security Auditing/Logging Network Issues (client firewall, IPSec, Active.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Similar presentations

Ads by Google