Hello, and welcome to Windows NT Security Step-by-step, a survival guide for Windows NT security. This presentation is based on the material from the SANS Institute Windows NT Security Step-by-step Guide, which offers a consensus document by security professionals from 87 large organizations. It helps show you what you need to do to have a secure Windows NT implementation. | Windows NT Security Security Essentials The SANS Institute Windows NT Security - SANS 2001 1 Hello and welcome to Windows NT Security Step-by-step a survival guide for Windows NT security. This presentation is based on the material from the SANS Institute Windows NT Security Step-by-step Guide which offers a consensus document by security professionals from 87 large organizations. It helps show you what you need to do to have a secure Windows NT implementation. Like any operating system an out-of-the-box installation is not secure yet that is what most companies use. By putting together the knowledge of more than 380 years of combined Windows NT experience this presentation will help you learn the techniques that the experts recommend. By following the steps in this presentation and the corresponding guide you do not have to make the same mistakes that everyone else makes - you can get it right the first time. The key thing to remember since this is an hour course is that this compliments the Step-by-step Guide it does not replace it. I still recommend that you read through the entire guide very carefully. Now lets get started with securing Windows NT. 2 - 1 Outline Phase 0 - General Security Guidelines Phase 1 - Setting Up The Machine Phase 2 - Setting Up A Safe File System and Creating Emergency Repair Disks Phase 3 - Setting Registry Keys Phase 4 - Establish Strong Password Controls and Secure Account Policies Phase 5 - Auditing Phase 6 - Other Actions Required As The System Is Setup Phase 7 - Monitoring and Updating Security and Responding to Incidents_ Windows NT Security - SANS 2001 2 Windows NT environments are constantly evolving as new applications and users are added as new threats and responses emerge as new hotfixes and Service Packs are offered and as new versions are released. Hence no prescription for setting up a secure environment can claim to be a comprehensive and timeless formula for absolute safety. Despite the presence
