Lecture Managing and maintaining a Microsoft Windows Server 2003 environment - Module 14: Securing Windows Server 2003. This module describes how to secure Microsoft Windows ServerT 2003. The module provides an overview of securing servers, core server security, hardening servers, and the Microsoft Baseline Security Analyzer tool. | Module 14: Securing Windows Server 2003 Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline Security Analyzer Lesson: Introduction to Securing Servers Security Challenges for Small and Medium-Sized Businesses Fundamental Security Trade-Offs What Is the Defense-in-Depth Model? Microsoft Windows Server Security Guidance Security Challenges for Small and Medium-Sized Businesses Servers with a Variety of Roles Limited Resources to Implement Secure Solutions Internal or Accidental Threat Older Systems in Use Physical Access Negates Many Security Measures Lack of Security Expertise Legal Consequences Fundamental Security Trade-Offs Security Trade-Offs Usability Low Cost Security What Is the Defense-in-Depth Model? Increases an attacker’s risk of detection Reduces an attacker’s chance of success Security documents, user education Policies, Procedures, & Awareness Physical Security OS hardening, authentication Firewalls Guards, . | Module 14: Securing Windows Server 2003 Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline Security Analyzer Lesson: Introduction to Securing Servers Security Challenges for Small and Medium-Sized Businesses Fundamental Security Trade-Offs What Is the Defense-in-Depth Model? Microsoft Windows Server Security Guidance Security Challenges for Small and Medium-Sized Businesses Servers with a Variety of Roles Limited Resources to Implement Secure Solutions Internal or Accidental Threat Older Systems in Use Physical Access Negates Many Security Measures Lack of Security Expertise Legal Consequences Fundamental Security Trade-Offs Security Trade-Offs Usability Low Cost Security What Is the Defense-in-Depth Model? Increases an attacker’s risk of detection Reduces an attacker’s chance of success Security documents, user education Policies, Procedures, & Awareness Physical Security OS hardening, authentication Firewalls Guards, locks Network segments, IPSec Application hardening, antivirus ACLs, encryption, EFS Perimeter Internal Network Host Application Data Microsoft Windows Server Security Guidance Threats and Countermeasures Guide Windows Server 2003 Security Guide Default Access Control Settings in Windows Server 2003 Security Innovations in Windows Server 2003 Technical Overview of Windows Server 2003 Security Services Lesson: Implementing Core Server Security Core Server Security Practices Recommendations for Hardening Servers Windows Server 2003 SP1 Security Enhancements What Is Windows Firewall? Post-Setup Security Updates What Is the Security Configuration Wizard? Practice: Implementing Core Server Security Core Server Security Practices Apply the latest service pack and all available security updates Use Group Policy to harden servers Use MBSA to scan server security configurations Restrict physical and network access to servers Rename the built-in Administrator and Guest accounts Use restricted .
