IS 4506 Windows NTFS and IIS Security Features
20
IS 4506 Windows NTFS and IIS Security Features
description
IS 4506 Windows NTFS and IIS Security Features. Overview. Windows NTFS Server security Internet Information Server security features Securing communication with IIS Configuring SSL Digital Certificates. Windows 2000 Server Security Recommendations. Securing User Accounts and Groups - PowerPoint PPT Presentation
Transcript of IS 4506 Windows NTFS and IIS Security Features
IS 4506
Windows NTFS and IIS Security Features
Overview
Windows NTFS Server security
Internet Information Server security features
Securing communication with IIS
Configuring SSL
Digital Certificates
Windows 2000 Server Security Recommendations
Securing User Accounts and Groups
Allow anonymous access with Internet guest account
Require users to choose difficult passwords
Limit administrator accounts
Applying Strict Account Policies
Securing Resource Access - NTFS Permissions
IIS Security Checklist
File Systems Operations
Access Permissions
(Page 134)
NTFS Permissions (Page 134)
Five standard types of permissions:
Full Control No Access
Read Change
Special Access
Other Windows NTFS Security Measures
Limit the number of protocols the network adapter cards use.
Use the Bindings tab in the Network Program in Control Panel to unbind any unnecessary services or protocols.
Turn off the Windows NT Server Service on the IIS Server to prevent users from viewing shares.
Use NT Filtering
Access Control with IIS
Web access control
IP access and domain name restrictions
Anonymous access and authentication control
Authentication methods
Web Server permissions for files and directories
NTFS permissions
Security Requirements for Internet Servers
Authentication of users
Resource access control
Encrypted communication
Auditing and logging
Web Server Permissions for Files and Directories
Authentication Methods
Anonymous Access and Authentication Control
Anonymous Access has user-applied restrictions
Authentication Control denies access and then queries the user for authentication
Name:
Password:
Name:
Password:Xxxx
xxxxxxxx
IP Access and Domain Name Restrictions
Web Access Control
Access deniedAccess deniedAccess grantedAccess granted
IP address permitted?IP address permitted?
User permitted?User permitted?
Webserver permissions allow
access?
Webserver permissions allow
access?
NTFSpermissions allow
access?
NTFSpermissions allow
access?
Web server receives requestWeb server receives requestNo
No
No
No
No
Yes
Yes
Yes
Yes
Yes
Review
Windows NT Server security recommendations
Security requirements for Internet servers
Access control with IIS
Securing communication with IIS
Lab 9: Restricting Access to a Web Site
Review
Windows 2000 Server security recommendations
Security requirements for Internet servers
Access control with IIS
Securing communication with IIS
