Syngress - Creating Security Policies And Implementing Identity Management With Active Directory.pdf
(
2878 KB
)
Pobierz
32306241 UNPDF
Chapter 1
Architecting the Human Factor
Solutions in this chapter:
•
Balancing Security and Usability
•
Managing External Network Access
•
Managing Partner and Vendor Networking
•
Securing Sensitive Internal Networks
•
Developing and Maintaining Organizational Awareness
Chapter 2
Creating Effective Corporate Security
Policies
Solutions in this Chapter:
• The Founding Principles of a Good Security Policy
• Safeguarding Against Future Attacks
• Avoiding Shelfware Policies
• Understanding Current Policy Standards
• Creating Corporate Security Policies
• Implementing and Enforcing Corporate Security Policies
• Reviewing Corporate Security Policies
Chapter 3
Planning and Implementing an Active
Directory Infrastructure
Solutions in this chapter:
• Plan a strategy for placing global catalog servers.
• Evaluate network traffic considerations when placing global
catalog servers.
• Evaluate the need to enable universal group caching.
• Implement an Active Directory directory service forest and
domain structure.
• Create the forest root domain.
• Create a child domain.
• Create and configure Application Data Partitions.
• Install and configure an Active Directory domain controller.
• Set an Active Directory forest and domain functional level based
on requirements.
• Establish trust relationships. Types of trust relationships might
include external trusts, shortcut trusts, and cross-forest trusts.
Chapter 4
Managing and Maintaining an Active
Directory Infrastructure
Solutions in this chapter:
• Manage an Active Directory forest and domain structure.
• Manage trust relationships.
• Manage schema modifications.
• Managing UPN Suffixes.
• Add or remove a UPN suffix.
• Restore Active Directory directory services.
• Perform an authoritative restore operation.
• Perform a nonauthoritative restore operation.
Chapter 5
Managing User Identity and
Authentication
Solutions in this chapter:
Identity Management
Identity Management with Microsoft’s Metadirectory
MMS Architecture
Password Policies
User Authentication
Single Sign-on
Authentication Types
Internet Authentication Service
Creating a User Authorization Strategy
Using Smart Cards
Implementing Smart Cards
Create a password policy for domain users
Chapter 1
Architecting
the Human
Factor
Architecting the Human Factor
Solutions in this chapter:
•
Balancing Security and Usability
•
Managing External Network Access
•
Managing Partner and Vendor Networking
•
Securing Sensitive Internal Networks
•
Developing and Maintaining Organizational Awareness
Introduction
Developing, implementing, and managing enterprise-wide security is a multiple
discipline project. As an organization continues to expand, management’s
demand for usability and integration often takes precedence over security
concerns. New networks are brought up as quickly as the physical layer is in
place, and in the ongoing firefight that most administrators and information
security staff endure every day, little time is left for well-organized efforts to
tighten the “soft and chewy center” that so many corporate networks exhibit.
In working to secure and support systems, networks, software packages,
disaster recovery planning, and the host of other activities that make up most of
our days, it is often forgotten that all of this effort is ultimately to support only
one individual: the user. In any capacity you might serve within an IT
organization, your tasks (however esoteric they may seem) are engineered to
provide your users with safe, reliable access to the resources they require to do
their jobs.
Users are the drivers of corporate technology, but are rarely factored
when discussions of security come up. When new threats are exposed, there is a
rush to seal the gates, ensuring that threats are halted outside of the
organization’s center. It is this oversight that led to massive internal network
disruptions during events as far back as the Melissa virus, and as recently as
Nimda, Code Red, and the SQL Null Password worm Spida.
In this chapter, I provide you with some of the things I’ve learned in
assisting organizations with the aftermath of these events, the lessons learned in
post-mortem, and the justification they provide for improved internal security. By
exploring common security issues past and present and identifying common
elements, I lay the foundation for instituting effective internal security, both
through available technical means and organizational techniques.
Balancing Security and Usability
The term “security” as it is used in this book refers to the process of ensuring the
privacy
,
integrity
,
ownership
, and
accessibility
of the intangibles commonly
referred to as data. Any failure to provide these four requirements will lead to a
situation perceived as a security breach. Whether the incident involves disclosure
of payroll records (privacy), the unauthorized alteration of a publicly
Plik z chomika:
darekisap
Inne pliki z tego folderu:
Syngress - Building Multi Protocol Label Switching Networks (2003).chm
(20098 KB)
Syngress - Cell Phones And Wireless Service Plans (2002).pdf
(4269 KB)
Syngress - CheckPoint Next Generation Security (2002).pdf
(8714 KB)
Syngress - C# for Java Programmers (2002).pdf
(7306 KB)
Syngress - Cisco Security Specialist's Guide to PIX Firewall (2002).pdf
(11031 KB)
Inne foldery tego chomika:
156 database ebooks
Ajax
Apache & Tomcat
Apress
ASP.NET
Zgłoś jeśli
naruszono regulamin