Author: Citibank N.A.,Microsoft CorporationPublish On: 1994
Guidelines for Security, Audit, and Control
Author: Citibank N.A.,Microsoft Corporation
Designed to help managers, network security specialists, auditors and users to understand the control, security and audit implications of the Microsoft Windows NT Server Operating System. The resource serves as a guide to implementing and audit capabilities of Windows NT 3.5.
A comprehensive Windows NT 4.0 server manual covers a wide range of topics, including disk management and file systems, integrated networking, remote access, BackOffice integration, Macintosh support, installing Windows NT server, and protocols. Original. (Advanced).
MCSE Designing Security for a Microsoft Windows Server 2003 Network (Exam 70-298) Study Guide and DVD Training System is a one-of-a-kind integration of text, DVD-quality instructor led training, and Web-based exam simulation and remediation. This system gives you 100% coverage of the official Microsoft 70-298 exam objectives plus test preparation software for the edge you need to pass the exam on your first try: DVD Provides a "Virtual Classroom": Get the benefits of instructor led training at a fraction of the cost and hassle Guaranteed Coverage of All Exam Objectives: If the topic is listed in Microsoft's Exam 70-298 objectives, it is covered here Fully Integrated Learning: This system includes a study guide, DVD training and Web-based practice exams
Author: Chris Ruston,Chris PeirisPublish On: 2005-12-15
Author: Chris Ruston,Chris Peiris
Windows 2003 Server is unquestionably the dominant enterprise level operating system in the industry, with 95% of all companies running it. And for the last tow years, over 50% of all product upgrades have been security related. Securing Windows Server, according to bill gates, is the company's #1 priority. While considering the security needs of your organiztion, you need to balance the human and the technical in order to create the best security design for your organization. Securing a Windows Server 2003 enterprise network is hardly a small undertaking, but it becomes quite manageable if you approach it in an organized and systematic way. This includes configuring software, services, and protocols to meet an organization’s security needs. * The Perfect Guide if "System Administrator is NOT your primary job function * Avoid "time drains" configuring the many different security standards built into Windows 2003 * Secure VPN and Extranet Communications
Too few Windows NT system administrators, security administrators, and developers have the in-depth knowledge of the NT event logs they need to troubleshoot their systems and protect the security of those systems. This book fills the gap by explaining what's in the logs and how you can use them to best advantage. In the event logs you'll find: Troubleshooting information-You can use the logs to determine whether a system or network is experiencing problems-and why. For example, the logs may show a disk drive or swap file filling to capacity, the failure of a power supply, or a device driver failing to load properly. Resource tracking information-You can use the logs to track the capacity and usage of system resources (e.g., disk space crossing a threshold, print spooler activity, the duration of specific applications, etc.). Security information-The logs are key to NT system security. You can select the security-relevant events you want audited (e.g., users logging on and off, changes to system security and user privileges, and attempts to access files, directories, and other objects). And you can track and analyze events stored in the logs as a way of determining if unauthorized users are trying to get into your system or if authorized users are exceeding their authority. This book contains extensive examples of reading, writing to, and maintaining the event logs using C, C++, Microsoft Foundation Classes, Visual Basic 5, Microsoft J++, and Perl 5 for Win32. It comes with a CD-ROM containing a wealth of sample code and third-party software tools and demos.
Author: Craig Hunt,Robert Bruce ThompsonPublish On: 1998
Author: Craig Hunt,Robert Bruce Thompson
Publisher: "O'Reilly Media, Inc."
Windows NT TCP/IP Network Administrationis a complete guide to setting up and running a TCP/IP network on Windows NT. Windows NT and TCP/IP have long had a close association, and this is the first book to focus exclusively on NT networking with TCP/IP. It starts with the fundamentals--what the protocols do and how they work, how addresses and routing move data through the network, and how to set up your network connection. Beyond that, all the important networking services provided as part of Windows NT-- including IIS, RRAS, DNS, WINS, and DHCP--are presented in detail. This book is the NT administrator's indispensable guide. Contents include: Overview Delivering the data Network services Getting started Installing and configuring NT TCP/IP Using Dynamic Host Configuration Protocol Using Windows Internet Name Service Using Domain Name Service Configuring Email Service Using Microsoft routing Using Remote Access Service Troubleshooting TCP/IP Network Security Internet Information Server Appendixes on the TCP/IP commands, PPP script language reference, and DNS resource records
This concise guide pares down installation and configuration instructions into a series of checklists for Windows administrators. Topics include: Windows NT/2000 security threats, architecture of the Windows NT/2000 operating system and typical perimeter networks, how to build a Windows NT bastion host, and configuring Windows and network services.
A Complete Guide for Performing Security Risk Assessments, Second Edition
Author: Douglas Landoll
Publisher: CRC Press
Conducted properly, information security risk assessments provide managers with the feedback needed to understand threats to corporate assets, determine vulnerabilities of current controls, and select appropriate safeguards. Performed incorrectly, they can provide the false sense of security that allows potential threats to develop into disastrous losses of proprietary information, capital, and corporate value. Picking up where its bestselling predecessor left off, The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Second Edition gives you detailed instruction on how to conduct a risk assessment effectively and efficiently. Supplying wide-ranging coverage that includes security risk analysis, mitigation, and risk assessment reporting, this updated edition provides the tools needed to solicit and review the scope and rigor of risk assessment proposals with competence and confidence. Trusted to assess security for leading organizations and government agencies, including the CIA, NSA, and NATO, Douglas Landoll unveils the little-known tips, tricks, and techniques used by savvy security professionals in the field. He details time-tested methods to help you: Better negotiate the scope and rigor of security assessments Effectively interface with security assessment teams Gain an improved understanding of final report recommendations Deliver insightful comments on draft reports The book includes charts, checklists, and sample reports to help you speed up the data gathering, analysis, and document development process. Walking you through the process of conducting an effective security assessment, it provides the tools and up-to-date understanding you need to select the security measures best suited to your organization.
In today's business environment it is no longer safe to conduct any business on the Internet without first protecting it. Small, medium, and large corporations require a massive dose of security to protect themselves and their digital assets from unwanted intruders. A managerial guide and practical technical tutorial, Securing Windows NT/2000: From Policies to Firewalls provides viable security solutions for your organization. The author presents in-depth knowledge on how, why, and where these operating systems must be tuned in order to use them securely to connect to the Internet. The book includes the steps required to define a corporate security policy, how to implement that policy, and how to structure the project plan. Tables, charts, and work templates provide a starting point to begin assessing and implementing a solution that will fit the unique needs of your organization. Part two provides the reader with practical hands-on applications for the preparation, installation, and tuning of Windows NT/2000 operating systems. Securing Windows NT/2000 provides step-by-step instructions that guide you through performing a secure installation and in preparing the system for secure operation on the Internet. Although a multitude of firewall application software can be used in conjunction with the sections detailing the securing of the operating system, Check Point FireWall-1/VPN-1 is used as it best demonstrates the effectiveness of translating the corporate security policy into a practical reality. About the Author: Michael Simonyi (www.stonewallem.com) is an IT professional working for private sector enterprise organizations. He has over 12 years of practical and theoretical experience, from mainframe systems to PC client/server networks. His areas of expertise center on practical systems management, networking, databases, and application architecture, with emphasis on quality.