Outcome 3: Implement secure network administration procedures

Table of Contents

1. Windows Server 2003 Security Features
   1. Physical Access
   2. Principle of Least Privilege
   3. Develop a Security Policy
   4. Security Baseline Settings
   5. Microsoft Baseline Security Analyzer
   6. Using the GUI Version of MBSA
   7. Security Templates
   8. Built-in Security Templates
   9. Group Membership and Privileges
   10. Secure Local PC Systems
   11. Securing the SAM Database
   12. Enforce a Strong Password Policy
   13. Do Not Run Unknown programs
   14. Keep Virus Software up-to-date
   15. Keep Operating System Current
2. NTFS File and Folder Permissions
3. Software Update Infrastructure
4. Network Protocol Security
5. Self Assessment Questions (SAQs)
6. Summary: Implementing secure network administration procedures
7. Summary: Software Update infrastructure

Physical Access

Limit access to servers as much as possible by locking down computer rooms, the network room and wiring closets. The most important servers to secure are domain controllers as they contain all the domain's username and passwords and these items are the keys to all network resources.

Only the most trusted systems/network administrators should have physical access to the servers. Once this is obtained, access to the software can be accomplished. For example, the server can be rebooted and an intruder could use the console to access hard disks from the command line.

You should log entry, exit and other actions electronically, as well as implementing video and/or security systems.

Next: Principle of Least Privilege