Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 3: Planning Administrative Access. Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning.

Published byEustacia Willis Modified over 9 years ago

Similar presentations

Presentation on theme: "Module 3: Planning Administrative Access. Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning."— Presentation transcript:

1 Module 3: Planning Administrative Access

2 Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning Local Administrative Access Planning Remote Administrative Access

3  Determining the Appropriate Administrative Model Choosing Centralized Administrative Models Choosing Decentralized and Hybrid Administrative Models Identifying Network Resource Administrative Tasks Identifying Administrative Tasks Defining Security Management Tasks

4 Choosing Centralized Administrative Models Centralized Administration ! ! ? ? i i

5 Choosing Decentralized and Hybrid Administrative Models Decentralized Resource Administration Human Resources Dept. Centralized User Account Administration Decentralized Administration Hybrid Administration

6 Identifying Network Resource Administration Tasks Network Resources Account Administration ! ! ? ? i i Resource Administration Backup Administration

7 Identifying Administrative Tasks Storage Management Batch/Output Management Problem Management Performance Management Security Management Change and Configuration Management Change and Configuration Management Event Management

8 Defining Security Management Tasks Secure Physical Systems and Devices Manage Users, Groups, and Policies Define and Implement Authentication and Data Transmission Security Control and Monitor Access to Shared Resources Create and Implement an Audit Policy Create and Implement a Backup and Recovery Plan Create and Implement Desktop Policies Storage Management Batch/Output Management Problem Management Performance Management Change and Configuration Management Event Management Security Management

9  Designing Administrative Group Strategies Creating Custom Groups Nesting Groups Managing Administration Memberships

10 Custom Groups Default Group Rights: Backup Restore Rights: Backup Rights: Restore Backup Operators Backup Only Restore Only Creating Custom Groups

11 Nesting Groups Employee Reviewers (Universal Group) Employee Records (Domain Local Group) Sales Mgrs (Global Group) IS Mgrs (Global Group) Product Mgrs (Global Group) All Managers (Global Group) Human Resources (Global Group) Rights and permissions to modify employee records allocated to group Rights and permissions to modify employee records allocated to group

12 Managing Administration Memberships Using Restricted Groups Monitoring Memberships

13  Planning Local Administrative Access Controlling Physical Administration Points Planning Logical Security Settings Using the RunAs Service

14 Controlling Physical Administration Points Physical Security Smart Card Logon Access Cert ReaderReader Smart Card

15 Planning Logical Security Settings Restrictive Logon Hours Xy!2#Hv*j Strong Passwords Workstation Restrictions Active Directory User Account Options Smart Card

16 Running Applications Providing Alternate Credentials Using the RunAs Service User Account Process User Account Process User Account Process Administrative Account Process

17 Demonstration: Using the RunAs Service

18  Planning Remote Administrative Access Encrypted Authentication and Data Transmission Customizing Microsoft Management Console Using Terminal Services for Remote Administration Using Telnet for Remote Administration

19 Encrypted Authentication and Data Transmission Securing Authentication Securing PPP and PPTP Connections Securing L2TP Connections Design Decisions

20 Customizing Microsoft Management Console Save As RemoteAdminConsole.msc Restricting Access to MMC Distributing MMC

21 Using Terminal Services for Remote Administration Server Running Terminal Services Administrator Computer Running Terminal Services Client Encrypted Screen Data Encrypted Keyboard and Mouse Data User Rights Administrator Security Data Encryption Additional Security Considerations

22 Using Telnet for Remote Administration

23 Lab A: Planning Secure Administrative Access

24 Review Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning Local Administrative Access Planning Remote Administrative Access

Download ppt "Module 3: Planning Administrative Access. Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning."

Similar presentations

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Module 3: Planning Administrative Access

Module 3: Planning Administrative Access
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.

11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.
HalFILE 3.0 Active Directory Integration. halFILE 3.0 AD – What is it? Centralized organization of network objects and security – servers, computers,

HalFILE 3.0 Active Directory Integration. halFILE 3.0 AD – What is it? Centralized organization of network objects and security – servers, computers,
Guide to MCSE 70-290, Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Module 2: Managing User and Computer Accounts

Module 2: Managing User and Computer Accounts
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.

Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.

Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.
Module 1: Introduction to Administering Accounts and Resources

Module 1: Introduction to Administering Accounts and Resources
Working with Workgroups and Domains

Working with Workgroups and Domains
Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.

Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.

Similar presentations

Ads by Google