[ Pobierz całość w formacie PDF ]
.Checklist: Chapter 4 Hardening Domain Controllers:Checklist: Chapter 4 Hardening Domain Controllers:Use the following checklists to ensure that you have properly implemented all security settings and procedures prescribed in Chapter 4.Preparing the Active Directory Domain Controllers OU:StepNotes:Create the Domain Controller Baseline Policy (DCBP).Link the DCBP to the Domain Controllers OU.Ensure the DCBP has the highest priority.GPO should be first in the list.Import the security template for the corresponding client environment into the newly created GPO.For example, Enterprise Client - Domain Controller.inf for the Enterprise Client environment.Add domain-specific groups to User Rights Assignments.Configure additional Terminal Services settings within the DCBP.Path within DCBP: Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Encryption and Security.Disable Error Reporting within the DCBP.Path within DCBP: Computer Configuration\Administrative Templates\System\Error Reporting.Domain Controller Hardening Steps:StepNotes:Relocate Active Directory Database and Log Files.Resize Active Directory Log Files.Consider Implementing Syskey.Protect DNS Servers.Configuring Secure Dynamic Updates.Limiting Zone Transfers to Authorized Systems.Resize DNS Service Log.Secure well-known accounts.Rename the Administrator account, assign a complex password.Ensure Guest account is disabled.Change default account description.Secure service accounts.Consider Implementing IPSec Filters.Verify DCBP has replicated between domain controllers.Run GPUDATE.EXE /FORCERestart the domain controllers.Check the Event Logs for errors [ Pobierz całość w formacie PDF ]
zanotowane.pl doc.pisz.pl pdf.pisz.pl centka.pev.pl
.Checklist: Chapter 4 Hardening Domain Controllers:Checklist: Chapter 4 Hardening Domain Controllers:Use the following checklists to ensure that you have properly implemented all security settings and procedures prescribed in Chapter 4.Preparing the Active Directory Domain Controllers OU:StepNotes:Create the Domain Controller Baseline Policy (DCBP).Link the DCBP to the Domain Controllers OU.Ensure the DCBP has the highest priority.GPO should be first in the list.Import the security template for the corresponding client environment into the newly created GPO.For example, Enterprise Client - Domain Controller.inf for the Enterprise Client environment.Add domain-specific groups to User Rights Assignments.Configure additional Terminal Services settings within the DCBP.Path within DCBP: Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Encryption and Security.Disable Error Reporting within the DCBP.Path within DCBP: Computer Configuration\Administrative Templates\System\Error Reporting.Domain Controller Hardening Steps:StepNotes:Relocate Active Directory Database and Log Files.Resize Active Directory Log Files.Consider Implementing Syskey.Protect DNS Servers.Configuring Secure Dynamic Updates.Limiting Zone Transfers to Authorized Systems.Resize DNS Service Log.Secure well-known accounts.Rename the Administrator account, assign a complex password.Ensure Guest account is disabled.Change default account description.Secure service accounts.Consider Implementing IPSec Filters.Verify DCBP has replicated between domain controllers.Run GPUDATE.EXE /FORCERestart the domain controllers.Check the Event Logs for errors [ Pobierz całość w formacie PDF ]