Book Image

Windows Server Security Essentials

Book Image

Windows Server Security Essentials

Overview of this book

Table of Contents (16 chapters)
Getting Started with Windows Server Security
Credits
About the Author
Acknowledgments
About the Reviewers
www.PacktPub.com
Preface
Index

Index

A

  • Active Directory
    • GPO, exporting from / Exporting GPO from Active Directory
    • security policies, importing into / Importing a policy into Active Directory
  • Active Directory Administrative Center (ADAC)
    • about / Enabling the KDC support
  • Advanced Encryption Standard (AES)
    • about / Server Message Block
  • application control
    • about / Application control and management
  • application management
    • with AppLocker / Application control and management
  • AppLocker
    • about / Application control and management
    • URL / Application control and management
    • policy, creating / Creating a policy
    • policy, auditing / Auditing a policy
    • policy, implementing / Implementing the policy
    • PowerShell support / AppLocker and PowerShell
  • ASA
    • about / Maintaining and monitoring the integrity of a baseline policy, Managing servers using Server Manager
    • reference link / Maintaining and monitoring the integrity of a baseline policy
    • using / Microsoft ASA
  • attack surface
    • reference link / Server types and roles
  • auditing
    • about / Auditing
    • default policies / Default auditing policies
  • auditing policies
    • Object Access-Audit File System / Enabling Global Object Access Auditing – filesystem
    • Object Access-Audit Handle Manipulation / Enabling Global Object Access Auditing – filesystem
    • Global Object Access Auditing-filesystem / Enabling Global Object Access Auditing – filesystem
  • Authorization Manager (Azan) tool
    • about / Securing the access mechanism

B

  • backup or rollback plan
    • in SCW / A backup or rollback plan
  • baseline
    • about / Baseline and security
  • baseline policies
    • about / Baseline policies
    • RODC / Read-only Domain Controllers
    • DNS / Domain Name System
  • baseline policy
    • integrity, maintaining / Maintaining and monitoring the integrity of a baseline policy
    • integrity, monitoring / Maintaining and monitoring the integrity of a baseline policy
    • monitoring, with ASA / Microsoft ASA
  • BitLocker
    • used, for data encrypting / Data encryption using BitLocker encryption
    • installing / Installing BitLocker
    • data encryption status, verifying / Verifying the encryption status
    • data volume, encrypting / Encrypting data volume
    • volume, managing / Managing BitLocker volume
    • URL / Managing BitLocker volume
  • BPA
    • about / Microsoft Best Practice Analyzer
  • bring your own devices (BYOD)
    • about / Controlling and segregating IP address allocation
  • Brute Force attack
    • about / Adding dynamic IP restrictions
    • reference link / Adding dynamic IP restrictions

C

  • cache poisoning attacks
    • about / Cache poisoning attacks
  • Center for Internet Security (CIS)
    • URL / Baseline and security
    • about / Baseline and security
  • Central Access Policy
    • reference link / Creating a central access policy
  • Cluster Aware Updates (CAU) / Microsoft Windows Server Update Services
    • URL / Managing the group membership

D

  • DAC
    • about / Dynamic Access Control
    • reference link / Dynamic Access Control
    • configuring / Dynamic Access Control
  • DAC configuration
    • KDC support, enabling / Enabling the KDC support
    • claim type, creating / Creating claim types
    • Resource Properties, enabling / Creating and enabling resource properties
    • Resource Properties, creating / Creating and enabling resource properties
    • Central Access Rule, creating / Creating a central access rule
    • Central Access Policy, creating / Creating a central access policy
    • Central Access Policy, deploying / Deploying a central access policy
    • folder permissions, configuring on file server / Configuring folder permissions on a file server
    • access control configuration, verifying / Verifying access the control configuration and permission
    • permission, verifying / Verifying access the control configuration and permission
  • data protection
    • about / Data protection
    • unwanted shares, removing / Removing unwanted shares
    • data encrypting, BitLocker used / Data encryption using BitLocker encryption
  • Denial of Service (DoS)
    • about / Monitoring the performance
    • URL / Monitoring the performance
  • Denial Of Service (DoS) attack
    • about / Adding dynamic IP restrictions
    • reference link / Adding dynamic IP restrictions
  • Desired Configuration Management (DCM)
    • about / Microsoft SCM
  • DHCP
    • about / Dynamic Host Configuration Protocol
    • security task lists / Dynamic Host Configuration Protocol
    • baseline policy, applying / Applying a DHCP baseline policy
    • IP address allocation, controlling / Controlling and segregating IP address allocation
    • IP address allocation, segregating / Controlling and segregating IP address allocation
    • Policy Based Assignment (PBA), configuring / Configuring PBA
    • administration, securing / Securing DHCP administration
    • IP address, management / IP address and DNS management and monitoring
    • IP address, monitoring / IP address and DNS management and monitoring
    • DNS management / IP address and DNS management and monitoring
    • DNS, monitoring / IP address and DNS management and monitoring
  • Distributed DoS (DDoS)
    • about / Monitoring the performance
  • DNS
    • about / Domain Name System
    • task list / Domain Name System
    • baseline policy, applying / Applying a DNS baseline policy
    • Scavenging, enabling on DNS server / Enabling Scavenging on a DNS server
    • Scavenging, enabling on DNS zone / Enabling Scavenging on a DNS zone
    • dynamic update, securing / Securing DNS dynamic updates
    • cache poisoning attacks / Cache poisoning attacks
  • Domain Controllers (DCs)
    • about / Baseline policies
  • Domain Name System Security Extensions (DNSSEC)
    • about / Cache poisoning attacks
    • reference link / Cache poisoning attacks

E

  • EMET
    • about / Enhanced Mitigation Experience Toolkit
    • technologies / Enhanced Mitigation Experience Toolkit
    • URL, for technologies / Enhanced Mitigation Experience Toolkit
    • installing / Installing Enhanced Mitigation Experience Toolkit
    • configuring / Configuring Enhanced Mitigation Experience Toolkit
  • Encrypting File System (EFS)
    • about / Encrypting Hyper-V host servers
  • event forwarding
    • about / Event forwarding
    • source computer, configuring / Configuring the source computer
    • target (collector) computer, configuring / Configuring the target (collector) computer
    • troubleshooting / Troubleshooting event forwarding
  • Event Log Readers / Configuring the target (collector) computer
  • Event Viewer / Event forwarding, Configuring the target (collector) computer

F

  • file or data server
    • about / File or data server
    • baseline security, applying / Applying baseline security
    • access mechanism / The access mechanism
    • data protection / Data protection
  • Forest Functional Level (FFL)
    • about / Dynamic Access Control
  • Fully Qualified Domain Name (FQDN)
    • about / Configuring PBA

G

  • Global Object Access Auditing / Default auditing policies
  • Global Object Access Auditing - directory services
    • enabling / Enabling Global Object Access Auditing – directory services
  • Global Object Access Auditing - filesystem
    • enabling / Enabling Global Object Access Auditing – filesystem
  • gMSA
    • about / Service accounts
    • configuring / Group Managed Service Accounts, Configuring Group Managed Service Accounts
    • KDS root key, creating / Creating a KDS root key
    • creating / Creating Group Managed Service Accounts
    • installing / Installing Group Managed Service Accounts
  • GPO
    • about / Microsoft SCM
  • group membership, WSUS
    • managing / Managing the group membership
  • Group Policy Management Console (GPMC)
    • about / Importing a policy into Active Directory, The printer driver security and installation
  • Group Policy Object (GPO)
    • about / Baseline and security, Policy implementation
  • Group Policy Preference (GPP)
    • about / Print server and share permissions
  • groups, WSUS
    • creating / Creating groups
  • guard protection
    • about / Guard protection
    • enabling / Enabling the guard protection

H

  • Hyper-V Administrators
    • about / Securing the access mechanism
  • Hyper-V Security V1.0
    • about / Applying baseline security
  • Hyper-V server
    • about / Hyper-V servers
    • baseline security, applying / Applying baseline security
    • access mechanism, securing / Securing the access mechanism
    • guard protection / Guard protection
    • host servers, encrypting / Encrypting Hyper-V host servers

I

  • IIS
    • about / Internet Information Services
    • baseline security, applying / Applying baseline security
    • web server components, securing / Securing web server components
    • access mechanisms, securing / Securing the access mechanisms
    • dynamic IP restrictions, adding / Adding dynamic IP restrictions
  • installation, BitLocker
    • about / Installing BitLocker
  • installation, EMET / Installing Enhanced Mitigation Experience Toolkit
  • installation, gMSA
    • about / Installing Group Managed Service Accounts
  • installation, RODC
    • about / Installing RODCs
  • installation, SCM
    • about / Installing Microsoft SCM
  • Internet Protocol Security (IPSEC/IPsec)
    • about / Configuring and implementing SMB
  • IP Address Management (IPAM)
    • about / IP address and DNS management and monitoring
    • URL / IP address and DNS management and monitoring

K

  • Kerberos Key Distribution Center (KDC)
    • about / Dynamic Access Control
  • Key Distribution Service (KDS)
    • about / Group Managed Service Accounts

L

  • Least Privilege principle
    • reference link / Server types and roles
    • about / Server types and roles

M

  • Man-In-the-Middle attack
    • about / Print server access mechanisms
  • Managed Service Accounts (MSA)
    • about / Service accounts
  • Microsoft BitLocker Administration and Monitoring (MBAM)
    • about / Encrypting data volume
  • Microsoft Infrastructure Planning and Design (IPD) guides
    • URL / Installing RODCs
  • Microsoft Message Analyzer
    • URL / Monitoring the performance
  • Microsoft Security Baselines
    • about / Baseline and security
  • Microsoft System Center
    • URL / Managing servers using Server Manager
  • Microsoft System Center 2012 Process Pack, for IT GRC
    • about / Microsoft SCM
  • Microsoft Windows Server
    • about / Microsoft Windows Server
  • monitoring
    • about / Monitoring
    • performance / Monitoring the performance

N

  • National Institute of Standards and Technology (NIST)
    • URL / Baseline and security
    • about / Baseline and security
  • National Security Agency (NSA) Configuration Guides
    • URL / Baseline and security
    • about / Baseline and security

O

  • Organizational Unit (OU)
    • about / Policy implementation

P

  • Policy Based Assignment (PBA)
    • about / Controlling and segregating IP address allocation
    • configuring / Configuring PBA
  • PowerShell
    • using / Monitoring and securing server roles
  • PowerShell cmdlets
    • URL / Managing the group membership
  • PowerShell support
    • in AppLocker / AppLocker and PowerShell
  • Printing and Documenting service
    • about / The print server role security
  • print server
    • about / Print server
    • GPO, applying / Print server
    • baseline security, applying / Applying baseline security
    • role security / The print server role security
    • access mechanisms / Print server access mechanisms
    • Digitally Sign Communication, enabling / Print server access mechanisms
    • printer driver, installing / The printer driver security and installation
    • printer driver, security / The printer driver security and installation
    • share permission / Print server and share permissions

R

  • Remote Server Administration Tool (RSAT)
    • about / IP address and DNS management and monitoring
  • RODC
    • about / Read-only Domain Controllers
    • reference link / Read-only Domain Controllers
    • installing / Installing RODCs
    • configuring / Configuring RODCs

S

  • SAMBA 4
    • about / Identifying the client and server operating system
    • reference link / Identifying the client and server operating system
  • Schema / Default auditing policies
  • SCM
    • about / Microsoft SCM, Baseline policies
    • installing / Installing Microsoft SCM
    • URL, for downloading / Installing Microsoft SCM
    • administering / Administering Microsoft SCM
    • GPO, importing / Importing GPO into SCM
  • SCW
    • about / Baseline and security, Security Configuration Wizard
    • business security policy, translating into technical policy / Translating your policy into a technical policy
    • policy template, creating / Creating a policy template
    • policy review / Policy review and validation
    • policy validation / Policy review and validation
    • policy implementation / Policy implementation
    • backup or rollback plan / A backup or rollback plan
  • SCW, sections
    • Role-Based Service Configuration / Security Configuration Wizard
    • Network Security / Security Configuration Wizard
    • Registry Settings / Security Configuration Wizard
    • Auditing Policy / Security Configuration Wizard
  • SCWCMD
    • about / Policy review and validation
    • analyze / Policy review and validation
    • configure / Policy review and validation
    • register / Policy review and validation
    • rollback / Policy review and validation
    • transform / Policy review and validation
    • view / Policy review and validation
    • used, for troubleshooting / Analyzing the result and troubleshooting
    • used, for analyzing result / Analyzing the result and troubleshooting
  • security
    • about / Baseline and security
    • SCW / Baseline and security, Security Configuration Wizard
  • Security Content Automation Protocol (SCAP)
    • about / Microsoft SCM
  • security policies
    • implementing / Creating and implementing security policies
    • GPO, exporting from Active Directory / Exporting GPO from Active Directory
    • GPO, importing into SCM / Importing GPO into SCM
    • imported GPO, merging with SCM baseline / Merging imported GPO with the SCM baseline policy
    • SCM baseline policy, exporting / Exporting the SCM baseline policy
    • importing, into Active Directory / Importing a policy into Active Directory
  • Security Technical Implementation Guides (STIGs)
    • URL / Baseline and security
    • about / Baseline and security
  • Server Core
    • about / Microsoft Windows Server, Server types and roles
    • reference link / Microsoft Windows Server
    • URL, for supported services / Microsoft Windows Server
  • Server Manager
    • used, for managing servers / Managing servers using Server Manager
    • server roles, securing / Monitoring and securing server roles
    • server roles, monitoring / Monitoring and securing server roles
    • server role baseline report, creating / Creating a server role baseline report
    • production servers, analyzing / Analyzing production servers
  • server roles
    • adding / Server types and roles
    • removing / Server types and roles
  • server types
    • selecting / Server types and roles
  • service accounts
    • about / Service accounts
  • Service Principle Name (SPN)
    • about / Service accounts
  • Simplified Authorization
    • about / Securing the access mechanism
    • reference link / Securing the access mechanism
  • SMB
    • about / Server Message Block, The access mechanism
    • implementing / Configuring and implementing SMB
    • configuring / Configuring and implementing SMB
    • client and server operating system, identifying / Identifying the client and server operating system
    • configuration, verifying / Verifying the current SMB configuration
    • encryption, enabling / Enabling or disabling the SMB encryption
    • encryption, disabling / Enabling or disabling the SMB encryption
    • communication, verifying / Verifying SMB communication
  • source computer
    • configuring / Configuring the source computer
  • System Access Control List (SACL) / Default auditing policies
  • System Center Virtual Machine Manager (SCVMM)
    • about / Encrypting Hyper-V host servers
  • System Centre Operations Manager (SCOM)
    • about / Monitoring
    • URL / Monitoring

T

  • target (collector) computer
    • configuring / Configuring the target (collector) computer
  • Task Scheduler / Monitoring
  • Time To Live (TTL)
    • about / Cache poisoning attacks
  • troubleshooting
    • with SCWCMD / Analyzing the result and troubleshooting
  • Trusted Platform Module (TPM)
    • about / Encrypting data volume

U

  • updates, WSUS
    • managing / Managing updates

W

  • Web Server, best practice recommendations
    • reference link / Internet Information Services
  • Web Server Security V1.0
    • about / Applying baseline security
  • Web Services on Devices (WSD)
    • about / The printer driver security and installation
  • Windows Server Manager
    • about / Managing servers using Server Manager
  • WSUS
    • about / Microsoft Windows Server Update Services
    • Server Role / Microsoft Windows Server Update Services
    • Database / Microsoft Windows Server Update Services
    • Group Policy Objects / Microsoft Windows Server Update Services
    • web role, installing / Installing the WSUS web role
    • configuring / Configuring WSUS
    • automatic updates, configuring / Configuring and deploying automatic updates
    • automatic updates, deploying / Configuring and deploying automatic updates
    • administering / Administering WSUS
    • updates, managing / Managing updates
    • group membership, managing / Managing the group membership
  • WSUS, administering
    • groups, creating / Creating groups