1 / 18

IS3340 Windows Security Unit 5 Maintaining Windows System Security with Group Policy Controls

IS3340 Windows Security Unit 5 Maintaining Windows System Security with Group Policy Controls. Learning Objective and Key Concepts. Learning Objective Apply Group Policy controls and profile and audit tools to keep Windows systems secure. Key Concepts Group policy controls

brian-cabrera
Download Presentation

IS3340 Windows Security Unit 5 Maintaining Windows System Security with Group Policy Controls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IS3340 Windows Security Unit 5 Maintaining Windows System Security with Group Policy Controls

  2. Learning Objective and Key Concepts Learning Objective • Apply Group Policy controls and profile and audit tools to keep Windows systems secure. Key Concepts • Group policy controls • Microsoft Baseline Security Analyzer (MBSA) • Performing a security audit

  3. EXPLORE: CONCEPTS

  4. Group Policy • Some Group Policy features include: • Centralized location for settings • Useful to deploy security settings • Automatic settings distribution • Options to apply standard settings

  5. Common Group Policy Object (GPO) Settings

  6. Common GPO Settings (Continued)

  7. Group Policy Strategies • Create GPOs for closely-related settings. • Avoid making GPOs too specific. • Create organizational units (OUs) for logical groups of computers.

  8. Group Policy Strategies (Continued) • Use Microsoft resources for effective GPOs: • Group Policy best practices analyzer • Security compliance management toolkit • GPO accelerator

  9. Auditing Group Policy • Two main tools to audit Group Policy • Resultant Set of Policy (RSOP) • Included in Windows • Shows what settings apply to a specific user on a specific computer

  10. Auditing Group Policy (Continued) • Group Policy Inventory • You must download from Microsoft • Provides an inventory list of GPO and other settings

  11. MBSA • Evaluates the current state of a Windows computer • Compares the state to a known baseline • Reports any differences as issues • Ranks issues based on severity • Recommends methods to fix each issue

  12. EXPLORE: PROCESS

  13. Steps to Deploying a GPO

  14. MBSA Procedure

  15. EXPLORE: CONTEXT

  16. When to run MBSA • MBSA is a convenient tool for any organization. • MBSA is most helpful in following scenarios: • After adding new computers • To verify compliance • To ensure you haven’t missed important vulnerabilities

  17. MBSA Benefits • Visibility of multiple computers’ security • Comparing of multiple computers’ security • Comparing settings is difficult with stand-alone computers • Identifying differences from standards • Scanning large and small groups of computers becomes easy

  18. Summary In this presentation, the following topics were covered: • Group Policy • Group Policy strategies • MBSA and its benefits

More Related