IT430 Information Assurance

1
IT430 Information Assurance

• Lesson 11 Microsoft Security

2
Why Study MS Windows

• Used by Most of the Entire Federal Government
• Clients and now Servers on Systems of All
  Classifications
• Navy Still Uses Windows NT for Legacy Systems

3
Microsoft

• The Only Keyboard Youll Ever Need

4
Brief History of MS Windows
1990
1993
1995
1998
2001
2000
2003
2007
1981
Windows 95
Windows 2000
Windows 3.0
Windows 2003Server
MS DOS (Yes, there were computers prior to
Windows!)
Windows 98
Windows NT
Windows XP
Microsoft WindowsVista
Minimal Security
Security Options
Built-in Security
5
What Makes MS Windows Different?

• Active Directory
• Changes made to any domain controller are
  propagated to all others in larger tree
• Policies can be local or pushed down from
  higher level
• Battalion overrides company policy

6
Island Hopping

• No Windows Box acts alone with Active Directory
• If set wrong, once in one box, you can tromps the
  entire network

7
Active Directories can be HUGE

• Large portions of entire USN, USMC, USAF, and
  USA connected world wide
• Pros
• Cons

8
Policies

• Account
• Password
• Lockout
• Audit / Logs
• Software Restriction
• User Rights

9
File Systems

• Read, Write, Delete, Change Permissions, and Take
  Ownership, Delete Subfolders, Read compression
  and encryption

10
Protocols

• Why wait years for standards with consensus when
  you are Microsoft and can make up your own
  protocols?
• SMB File Shares
• IIS Web server

11
Run at Lowest Possible Permissions

• Run As Command
• Operate at a low level and use Run As to run
  applications that must be run as root
• What Services Should Administrators Not Run?

12
Whos Who in Security

• NSA Security Guides
• DISA STIGs
• SANS Organization (Center for Internet Security)