3:07 AM
Kinsz
This chapter covers the following Microsoft-specified goals for the Configuring and Troubleshooting Users and Groups, Configuring and Troubleshooting Users and System Policies, and Investigating, Configuring, and Monitoring Security bits of the Supporting and Maintaining a Microsoft Windows NT Server 4.0 Network exam:
Configure troubleshoot account policy. Points to consider include password uniqueness, password length, password age, and account lockout.
Not all users are born equal. As a consequence, you must be ready to adjust account authorizations and limitations (at a domain, not a resource, level) to suit individuals or groups. Account policy assists you to control the password difficulty and change policy to ensure that security is maintained in your domain.
Configure and rectify system policies. Concerns include client computer operating systems, file locations and names, and interaction between local security policy and system policies.
Configure user-specific system policies.
Configure PC policies.
Often you will find a wish to customize the environment in which users work. This might include logon banners, wallpaper available, icons on the desktop, and Start menus. System policies assist you to simply apply these sorts of environmental restrictions to a user without having to run scripts or to configure each machine by hand.
Implement verifying and monitor security. Implementation includes configuring audit policy, enabling verifying on objects, and analyzing audit logs.
Auditing assists you to track resource access and to check for possible attempts to access banned resources. Configuring audit policies, enabling verifying, and doing analysis will enable you to get a good picture of resource access (both successful and failed) in your domain.
Analyze and configure the OS environment and the user environment by employing Security Configuration Boss.
Apply the appropriate security template based mostly on server function.
Research the current environment and customize existing security templates to meet organizational security necessities.
The Safety Configuration Executive enables you to create security configurations that you can use to make certain that all your machines meet a particular minimum-security standard. It also allows you to audit the configurations of your Windows NT machines to see where changes are needed. Additionally, it also enables you to just apply the standard configuration to each machine.
Configure and troubleshoot trust relations. Considerations include cross-domain resource access and one-way trusts versus two-way trusts.
In a multidomain environment, the issue of permitting users from one domain to use the resources in another comes to the front. Trusts are the number one mechanism for allowing such access. This objective introduces you to the creation, maintenance, and troubleshooting of trusts and the resource access issues that they solve.
Study Secrets
The account policy section might appear easy. On the exam, you won't get tripped up by the mechanics of the settings. Nonetheless you might get tripped up by the significance of them. Make sure that you have a good experience of why certain settings are important, and when you would utilize them. That way, if you are given questions with allegedly immaterial information about the minimum or maximum password length, you can resolve whether the data provided is crucial to the query or just marginal data.
When studying for the parts of the exam applying to system policy, it is difficult for you to avoid opening the policy editor and making a policy file. You will need to know the greatest difference between creating a policy file for Windows NT machines (NTCONFIG.POL) and for non-NT machines (CONFIG.POL) as well as the trail in which to save them. You also should play with the policy editor in both Policy mode and Registry mode.
As the Security Configuration Manager is new, expect a number of questions on it. You must know the GUI as well as command-line versions and what each will do. Know at least the 4 main switches to be used in the command-line editor. In addition, be acquainted with the major sections you can modify in the GUI version and how a template becomes a database and then how it's possible for you to use that database to research and configure a Windows NT system.
For the trust part of the examination, you have got to understand the language of trusts. This cannot be exaggerated. Make sure you understand which is the dependable and. Trusting domain in an one-way trust relationship. Be sure you understand what's meant when you're told that A trusts B. Know about the intransitivity of trust relations. Also , know the five trust models and what the basic configuration is (users in trusted domains, resources in trusting domains).
Introduction
As you can see by the chapter outline, this chapter covers a variety of advanced subjects. The postulate that ties them all together is that of security. In a safe environment, the following are true:
Users are asked to change their password often (account policy).
Users obtain access only to the system resources that they need to access (system policy).
Continual checks ensure that attempts at unapproved access to resources are discovered and corrected/prevented (checking).
All servers are maintained at an identifiable standard of security (Security Configuration Executive).
The interaction between domains is controlled and done in a way so as not to reach a compromise on the security of either domain (trusts).
This chapter debates all these subjects.
Configure troubleshoot account policy. Points to consider include password uniqueness, password length, password age, and account lockout.
Not all users are born equal. As a consequence, you must be ready to adjust account authorizations and limitations (at a domain, not a resource, level) to suit individuals or groups. Account policy assists you to control the password difficulty and change policy to ensure that security is maintained in your domain.
Configure and rectify system policies. Concerns include client computer operating systems, file locations and names, and interaction between local security policy and system policies.
Configure user-specific system policies.
Configure PC policies.
Often you will find a wish to customize the environment in which users work. This might include logon banners, wallpaper available, icons on the desktop, and Start menus. System policies assist you to simply apply these sorts of environmental restrictions to a user without having to run scripts or to configure each machine by hand.
Implement verifying and monitor security. Implementation includes configuring audit policy, enabling verifying on objects, and analyzing audit logs.
Auditing assists you to track resource access and to check for possible attempts to access banned resources. Configuring audit policies, enabling verifying, and doing analysis will enable you to get a good picture of resource access (both successful and failed) in your domain.
Analyze and configure the OS environment and the user environment by employing Security Configuration Boss.
Apply the appropriate security template based mostly on server function.
Research the current environment and customize existing security templates to meet organizational security necessities.
The Safety Configuration Executive enables you to create security configurations that you can use to make certain that all your machines meet a particular minimum-security standard. It also allows you to audit the configurations of your Windows NT machines to see where changes are needed. Additionally, it also enables you to just apply the standard configuration to each machine.
Configure and troubleshoot trust relations. Considerations include cross-domain resource access and one-way trusts versus two-way trusts.
In a multidomain environment, the issue of permitting users from one domain to use the resources in another comes to the front. Trusts are the number one mechanism for allowing such access. This objective introduces you to the creation, maintenance, and troubleshooting of trusts and the resource access issues that they solve.
Study Secrets
The account policy section might appear easy. On the exam, you won't get tripped up by the mechanics of the settings. Nonetheless you might get tripped up by the significance of them. Make sure that you have a good experience of why certain settings are important, and when you would utilize them. That way, if you are given questions with allegedly immaterial information about the minimum or maximum password length, you can resolve whether the data provided is crucial to the query or just marginal data.
When studying for the parts of the exam applying to system policy, it is difficult for you to avoid opening the policy editor and making a policy file. You will need to know the greatest difference between creating a policy file for Windows NT machines (NTCONFIG.POL) and for non-NT machines (CONFIG.POL) as well as the trail in which to save them. You also should play with the policy editor in both Policy mode and Registry mode.
As the Security Configuration Manager is new, expect a number of questions on it. You must know the GUI as well as command-line versions and what each will do. Know at least the 4 main switches to be used in the command-line editor. In addition, be acquainted with the major sections you can modify in the GUI version and how a template becomes a database and then how it's possible for you to use that database to research and configure a Windows NT system.
For the trust part of the examination, you have got to understand the language of trusts. This cannot be exaggerated. Make sure you understand which is the dependable and. Trusting domain in an one-way trust relationship. Be sure you understand what's meant when you're told that A trusts B. Know about the intransitivity of trust relations. Also , know the five trust models and what the basic configuration is (users in trusted domains, resources in trusting domains).
Introduction
As you can see by the chapter outline, this chapter covers a variety of advanced subjects. The postulate that ties them all together is that of security. In a safe environment, the following are true:
Users are asked to change their password often (account policy).
Users obtain access only to the system resources that they need to access (system policy).
Continual checks ensure that attempts at unapproved access to resources are discovered and corrected/prevented (checking).
All servers are maintained at an identifiable standard of security (Security Configuration Executive).
The interaction between domains is controlled and done in a way so as not to reach a compromise on the security of either domain (trusts).
This chapter debates all these subjects.
About the Author:
Welcome to visit my blog and leave you comment. mcse-70-297.com That's a good blog about the IT certification article and exam reports, Q&A and so on!
0 comments:
Post a Comment