is 4506 windows ntfs and iis security features
DESCRIPTION
IS 4506 Windows NTFS and IIS Security Features. Overview. Windows NTFS Server security Internet Information Server security features Securing communication with IIS Configuring SSL Digital Certificates. Windows 2000 Server Security Recommendations. Securing User Accounts and Groups - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/1.jpg)
IS 4506
Windows NTFS and IIS Security Features
![Page 2: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/2.jpg)
Overview
Windows NTFS Server security
Internet Information Server security features
Securing communication with IIS
Configuring SSL
Digital Certificates
![Page 3: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/3.jpg)
Windows 2000 Server Security Recommendations
Securing User Accounts and Groups
Allow anonymous access with Internet guest account
Require users to choose difficult passwords
Limit administrator accounts
Applying Strict Account Policies
Securing Resource Access - NTFS Permissions
IIS Security Checklist
![Page 4: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/4.jpg)
File Systems Operations
Access Permissions
(Page 134)
![Page 5: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/5.jpg)
NTFS Permissions (Page 134)
Five standard types of permissions:
Full Control No Access
Read Change
Special Access
![Page 6: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/6.jpg)
![Page 7: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/7.jpg)
![Page 8: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/8.jpg)
![Page 9: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/9.jpg)
![Page 10: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/10.jpg)
Other Windows NTFS Security Measures
Limit the number of protocols the network adapter cards use.
Use the Bindings tab in the Network Program in Control Panel to unbind any unnecessary services or protocols.
Turn off the Windows NT Server Service on the IIS Server to prevent users from viewing shares.
Use NT Filtering
![Page 11: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/11.jpg)
Access Control with IIS
Web access control
IP access and domain name restrictions
Anonymous access and authentication control
Authentication methods
Web Server permissions for files and directories
NTFS permissions
![Page 12: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/12.jpg)
Security Requirements for Internet Servers
Authentication of users
Resource access control
Encrypted communication
Auditing and logging
![Page 13: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/13.jpg)
Web Server Permissions for Files and Directories
![Page 14: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/14.jpg)
Authentication Methods
![Page 15: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/15.jpg)
Anonymous Access and Authentication Control
Anonymous Access has user-applied restrictions
Authentication Control denies access and then queries the user for authentication
Name:
Password:
Name:
Password:Xxxx
xxxxxxxx
![Page 16: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/16.jpg)
IP Access and Domain Name Restrictions
![Page 17: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/17.jpg)
Web Access Control
Access deniedAccess deniedAccess grantedAccess granted
IP address permitted?IP address permitted?
User permitted?User permitted?
Webserver permissions allow
access?
Webserver permissions allow
access?
NTFSpermissions allow
access?
NTFSpermissions allow
access?
Web server receives requestWeb server receives requestNo
No
No
No
No
Yes
Yes
Yes
Yes
Yes
![Page 18: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/18.jpg)
Review
Windows NT Server security recommendations
Security requirements for Internet servers
Access control with IIS
Securing communication with IIS
![Page 19: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/19.jpg)
Lab 9: Restricting Access to a Web Site
![Page 20: IS 4506 Windows NTFS and IIS Security Features](https://reader033.vdocument.in/reader033/viewer/2022050819/568148b8550346895db5cf6b/html5/thumbnails/20.jpg)
Review
Windows 2000 Server security recommendations
Security requirements for Internet servers
Access control with IIS
Securing communication with IIS