Overview

This workshop will discuss some of the practices used to enhance the security of Windows network environment and its related services. Popular services that will be covered are Active Directory and its group policy, IIS, and Exchange server. Hardening methods will include well-known security checklists, architectural design, the use of Microsoft's and 3rd party security tools, and more advanced techniques such as scripting/coding and integration of open-source software for added protection.

top ^

Course Outline

1. Introduction
2. Active Directory and Group Policy
1. Secure Windows 2003-based Active Directory design
2. System hardening usering group policy (desktop lockdown, server hardening)
3. Scripting and tools for Windows domain security administration (security update distribution, AD scripting, remote execution of administration command)
3. Internet Information Service (IIS)
1. IIS 6.0 hardening checklists and tools (urlscan, application firewalls, well-known checklists)
2. Secure IIS 6.0 web application deployment (secure application design, low privilege operation, n-tier in IIS, DMZ isolation)
4. Exchange Server
1. Exchange 2003 security features (built-in anti-spam, encryptions, and filters. Alternatives for secure mobile access.
2. Extending Exchange server (spam assassing integration, custom filter development, etc.)

top ^

About the tutor

TBA