SlideShare a Scribd company logo

microsoft+windows+security

Erdo Deshiant Garnaby
Erdo Deshiant Garnaby

microsoft+windows+security

Internet
1 of 28
Download to read offline
AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org UNIT FIVE Microsoft Windows Security
AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION ONE Basic Security Policies and Tools 1
© Air Force Association • Where many of the basic system changes and configurations can be made with a Windows operating system • Click Start → Control Panel 2 Control Panel
© Air Force Association • Controls security settings on user computers within a network • Click System and Security → Administrative Tools → Local Security Policy 3 Basic Local Security Policies
© Air Force Association • Modify policies to require users create strong passwords ‐ Remember CLOUDS Not SUN (Unit Four) • Click Account Policies → Password Policies 4 Password Policies Recommended settings: 5 passwords remembered 90 days for users, 30 for admins 10-30 days Enable 8 characters Disable Password history: the number of old passwords the computer remembers and does not allow a user to reuse Maximum password age: how long a user can keep the same password Minimum password age: how long a user must keep a password before changing it Minimum password length: how many characters passwords must be Complexity requirements: whether users must use at least three of the following in their passwords: upper case letters, lower case letters, numbers, symbols Reversible encryption: whether the password file on the computer can be decrypted Policies:
© Air Force Association • Even if you have the strongest password possible, if you give hackers unlimited attempts to break it, they eventually will • Account policies govern unsuccessful attempts to log into an account • Click Account Policies → Account Lockout Policies 5 Account Lockout Policies Recommended settings: 30 minutes 3-10 invalid login attempts 30 minutes Account lockout duration: the number of minutes a locked-out account remains locked before automatically becoming unlocked Account lockout threshold: the number of failed logon attempts that causes a user account to be locked out Reset account lockout counter after: the number of minutes that must elapse before the failed logon attempt threshold counter is reset to 0 Policies:
© Air Force Association • Click Start → Control Panel → System and Security → Action Center • Notifies you if Windows identifies problems with or updates for: ‐ Windows Updates ‐ Internet security settings ‐ Network firewall ‐ Spyware and related protection ‐ User Account Control ‐ Virus protections ‐ Windows Backups ‐ Windows Troubleshooting Action Center 6
© Air Force Association • Control Panel  System and Security  Action Center • Anti-malware programs should be updated regularly • Windows Defender is a very basic built-in spyware protection program on Windows ‐ It only protects against known spyware, not viruses, worms or other malware • Download a supplementary anti- virus program ‐ Windows offers a free program called Windows Security Essentials ‐ If you choose a different anti-malware program, disable Windows Defender first to avoid compatibility issues. 7 Windows Defender and Anti-Malware
© Air Force Association • Reject or allow data packets through to users based on custom settings • Essential to security and should always be turned ‘on’ • Control Panel → System and Security → Action Center → Turn on now Firewalls 8 0
© Air Force Association • For more advanced settings: Control Panel  System and Security  Windows Firewall • Customize firewall settings for each type of network (e.g. Home, Public, Work) Windows Firewall Custom Settings 9
© Air Force Association • Allow trusted programs to connect without being blocked by adding them to your Windows Firewall Exceptions list ‐ For each network type, you can customize whether you want the programs allowed through • It’s much safer to allow only certain programs through your firewall than to open an entire port to traffic ‐ Ports are numbers that identifies one side of a connection between two computers • Control Panel  System and Security  Windows Firewall Enabling Windows Firewall Exceptions 10 1. 2.
© Air Force Association Common Exceptions 11 • Core Networking – Regular Microsoft Windows services that retrieve data from the Internet – If you don’t enable this exception across all three types of networks, some Microsoft services and programs will not run properly • File and Printer Sharing – Allows you to share the contents of selected folders and locally attached printers with other computers • Remote Assistance – Allows a user to temporarily remotely control another Windows computer over a network or the Internet to resolve issues • Remote Desktop – Allows users to access their user accounts and files remotely • UPnP Framework (Universal Plug-and-Play) – Allows devices to connect to and automatically establish working configurations with other devices on the same network
© Air Force Association Adding Windows Firewall Exceptions 12 • If the program you want to allow through your firewall does not already appear on your exceptions list, click the “Allow another program” and select the program from the menu
© Air Force Association • Prevent or fix known problems in Windows software or improve user experience • Should be installed regularly ‐ To avoid missing updates, allow Windows Update to check for them daily and install them automatically • Control Panel  System and Security  Windows Update 13 Windows Updates
AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION TWO Account Management 14
© Air Force Association 15 Account Groups Admin Accounts • The most advanced accounts • Typically held by IT Staff only • Admins can change security settings for other users, install resources, and access and modify all files on a network System Accounts Local Accounts • Allow access to a specific computer only • Username and password are stored on the computer itself User Accounts • Allow people to share a computer and network resources, but still have their own files and settings • Have fewer rights and permissions than Admin accounts Domain Accounts • Allow users to access their accounts from any computer in the network • Username and password reside on a domain controller (a type of server that manages all of the accounts on a network)
© Air Force Association • Windows categorizes accounts as user or administrator accounts so that it can automatically apply the relevant permissions and rights • Define a user’s level of access by categorizing his or her account as a user or administrator • To set up the Local Users and Groups Console: Start Menu  Search “mmc” Click “yes” to allow changes to computer  Click File  Add or Remove Snap-ins  Select “Local Users and Groups  When prompted, select “Add to Local Computer” 16 Local Users and Groups Console *The following slides will show you how to control user access through Control Panel and through the Local Users and Groups Console. Other methods exist and you can choose which to use based on personal preference.
© Air Force Association • Add a password • Obfuscate the account by changing the name ‐ Attackers will target known Admin accounts because successfully infiltrating those accounts will give them advanced permissions and access to the network • Restrict use of the account ‐ Use the Properties menu to remove unnecessary accounts from the Administrators group 17 Best Practice: Secure the Built-in Administrator Account
© Air Force Association • Disable this account so people cannot anonymously access a computer • While someone on a Guest account will not have direct access to other users’ information, he or she can still significantly disrupt the resources of the local computer 18 Best Practice: Disable the Built-in Guest Account  Console option: 1. 2.
© Air Force Association • Control Panel  User Accounts  Add or remove user accounts 19 Best Practice: Disable the Guest Account Control Panel option: 1. 2.
© Air Force Association • Administrator accounts allow people to efficiently make changes across a network or computer and to monitor and control the use of shared resources ‐ Because of those advanced permissions, administrator accounts need to be especially well-protected and limited to only a few individuals. • Remove unnecessary users from the Administrators Group 20 Best Practice: Restrict Administrator Group Membership Console option: 1. 2.
© Air Force Association • Control Panel  User Accounts  Manage another account 21 Best Practice: Restrict Administrator Group Membership Control Panel option: 1. 2. 3.
© Air Force Association • Make sure all accounts are password protected 22 Best Practice: Set Passwords for all Accounts Console option: Alexi 1. 2.
© Air Force Association • Control Panel  User Accounts  Manage another account 23 Best Practice: Set Passwords for all Accounts Control Panel option: 1. 2. 3.
© Air Force Association • Only current, authorized employees should have access to a organization’s network • Make sure your user directory is up-to-date and remove unnecessary accounts 24 Removing Users Console option: 1. 2.
© Air Force Association • Control Panel  User Accounts  Add or remove user accounts 25 Removing Users Control Panel option: 1. 2. 3.
© Air Force Association • When adding new accounts, make sure to put the account in the right User Group and password protect the new user’s account 26 Adding Users Console option: 1. 2.
© Air Force Association 27 Adding Users Control Panel option: • Control Panel  User Accounts  Add or remove user accounts 1. 2.

Recommended

Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuUnit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuErdo Deshiant Garnaby
 
Unit+six+ +windows+file+protections+and+monitoring
Unit+six+ +windows+file+protections+and+monitoringUnit+six+ +windows+file+protections+and+monitoring
Unit+six+ +windows+file+protections+and+monitoringErdo Deshiant Garnaby
 
Unit+nine+ +additional+topics+and+resources
Unit+nine+ +additional+topics+and+resourcesUnit+nine+ +additional+topics+and+resources
Unit+nine+ +additional+topics+and+resourcesErdo Deshiant Garnaby
 
Unit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machinesUnit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machinesErdo Deshiant Garnaby
 
Ch1 2
Ch1 2Ch1 2
Ch1 2Sumit Tambe
 
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityUnit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityErdo Deshiant Garnaby
 
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...Gene Carboni
 
Lesson 5 - Managing Devices
Lesson 5 - Managing DevicesLesson 5 - Managing Devices
Lesson 5 - Managing DevicesGene Carboni
 

Recommended

Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuUnit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuErdo Deshiant Garnaby
 
Unit+six+ +windows+file+protections+and+monitoring
Unit+six+ +windows+file+protections+and+monitoringUnit+six+ +windows+file+protections+and+monitoring
Unit+six+ +windows+file+protections+and+monitoringErdo Deshiant Garnaby
 
Unit+nine+ +additional+topics+and+resources
Unit+nine+ +additional+topics+and+resourcesUnit+nine+ +additional+topics+and+resources
Unit+nine+ +additional+topics+and+resourcesErdo Deshiant Garnaby
 
Unit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machinesUnit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machinesErdo Deshiant Garnaby
 
Ch1 2
Ch1 2Ch1 2
Ch1 2Sumit Tambe
 
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityUnit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityErdo Deshiant Garnaby
 
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...Gene Carboni
 
Lesson 5 - Managing Devices
Lesson 5 - Managing DevicesLesson 5 - Managing Devices
Lesson 5 - Managing DevicesGene Carboni
 
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Gene Carboni
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesLesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesGene Carboni
 
Week 6
Week 6Week 6
Week 6Joey Pierce
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsGene Carboni
 
Linux webmin
Linux webminLinux webmin
Linux webminSonam Sharma
 
Ch 20
Ch 20Ch 20
Ch 20National American University
 
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility ProgramsChapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programsnorzaini
 
Working with Applications
Working with ApplicationsWorking with Applications
Working with ApplicationsAmir Villas
 
Ict 5
Ict 5Ict 5
Ict 5Mudasirbaloch
 
Configuring Devices in Windows
Configuring Devices in WindowsConfiguring Devices in Windows
Configuring Devices in WindowsAmir Villas
 
Disabling windows file protection
Disabling windows file protectionDisabling windows file protection
Disabling windows file protectionJhonathansmrt Smart
 
Red Hat Training
Red Hat TrainingRed Hat Training
Red Hat TrainingOpen Source Group
 
Common tasks oct 2012
Common tasks oct 2012Common tasks oct 2012
Common tasks oct 2012mike2977
 
Subscription license update
Subscription license updateSubscription license update
Subscription license updateSemiconSoft
 
Em library
Em libraryEm library
Em libraryshady999
 
The Boot Process
The Boot ProcessThe Boot Process
The Boot ProcessAmir Villas
 
Ch03
Ch03Ch03
Ch03Raja Waseem Akhtar
 
9781111306366 ppt ch5
9781111306366 ppt ch59781111306366 ppt ch5
9781111306366 ppt ch5Dr. Ahmed Al Zaidy
 
Session 9 Tp 9
Session 9 Tp 9Session 9 Tp 9
Session 9 Tp 9githe26200
 
Ch06
Ch06Ch06
Ch06Raja Waseem Akhtar
 
Cyber Ethics
Cyber EthicsCyber Ethics
Cyber EthicsErdo Deshiant Garnaby
 
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityUnit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityErdo Deshiant Garnaby
 

More Related Content

What's hot

Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Gene Carboni
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesLesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesGene Carboni
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsGene Carboni
 
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility ProgramsChapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programsnorzaini
 
Working with Applications
Working with ApplicationsWorking with Applications
Working with ApplicationsAmir Villas
 
Configuring Devices in Windows
Configuring Devices in WindowsConfiguring Devices in Windows
Configuring Devices in WindowsAmir Villas
 
Disabling windows file protection
Disabling windows file protectionDisabling windows file protection
Disabling windows file protectionJhonathansmrt Smart
 
Common tasks oct 2012
Common tasks oct 2012Common tasks oct 2012
Common tasks oct 2012mike2977
 
Subscription license update
Subscription license updateSubscription license update
Subscription license updateSemiconSoft
 
Em library
Em libraryEm library
Em libraryshady999
 
The Boot Process
The Boot ProcessThe Boot Process
The Boot ProcessAmir Villas
 
Session 9 Tp 9
Session 9 Tp 9Session 9 Tp 9
Session 9 Tp 9githe26200
 

What's hot (20)

Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesLesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and Libraries
 
Week 6
Week 6Week 6
Week 6
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System Configurations
 
Linux webmin
Linux webminLinux webmin
Linux webmin
 
Ch 20
Ch 20Ch 20
Ch 20
 
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility ProgramsChapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programs
 
Working with Applications
Working with ApplicationsWorking with Applications
Working with Applications
 
Ict 5
Ict 5Ict 5
Ict 5
 
Configuring Devices in Windows
Configuring Devices in WindowsConfiguring Devices in Windows
Configuring Devices in Windows
 
Disabling windows file protection
Disabling windows file protectionDisabling windows file protection
Disabling windows file protection
 
Red Hat Training
Red Hat TrainingRed Hat Training
Red Hat Training
 
Common tasks oct 2012
Common tasks oct 2012Common tasks oct 2012
Common tasks oct 2012
 
Subscription license update
Subscription license updateSubscription license update
Subscription license update
 
Em library
Em libraryEm library
Em library
 
The Boot Process
The Boot ProcessThe Boot Process
The Boot Process
 
Ch03
Ch03Ch03
Ch03
 
9781111306366 ppt ch5
9781111306366 ppt ch59781111306366 ppt ch5
9781111306366 ppt ch5
 
Session 9 Tp 9
Session 9 Tp 9Session 9 Tp 9
Session 9 Tp 9
 
Ch06
Ch06Ch06
Ch06
 

Viewers also liked

Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuUnit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuErdo Deshiant Garnaby
 
introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityintroduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityErdo Deshiant Garnaby
 
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyUnit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyErdo Deshiant Garnaby
 
Unit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurityUnit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurityErdo Deshiant Garnaby
 

Viewers also liked (7)

Cyber Ethics
Cyber EthicsCyber Ethics
Cyber Ethics
 
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityUnit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+security
 
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuUnit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntu
 
introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityintroduction to cyber patriot and cyber security
introduction to cyber patriot and cyber security
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security Hacking
 
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyUnit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safety
 
Unit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurityUnit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurity
 

Similar to microsoft+windows+security

Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner BusinesstoVirtual
 
Installation & Initial Configuration
Installation & Initial ConfigurationInstallation & Initial Configuration
Installation & Initial ConfigurationSyAM Software
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurityricharddxd
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12gameaxt
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1solarisyougood
 
configuration ,management and troubleshooting of Group Accounts.
configuration ,management and troubleshooting of Group Accounts.configuration ,management and troubleshooting of Group Accounts.
configuration ,management and troubleshooting of Group Accounts.Rajpoot Sulahry
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System AdministrationDuressa Teshome
 
Introduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary MargaratIntroduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary MargaratMary Margarat
 
Windows Server 2012 Managing Active Directory Domain
Windows Server 2012 Managing Active Directory DomainWindows Server 2012 Managing Active Directory Domain
Windows Server 2012 Managing Active Directory DomainNapoleon NV
 
Chapter10 Server Administration
Chapter10 Server AdministrationChapter10 Server Administration
Chapter10 Server AdministrationRaja Waseem Akhtar
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5Lisa Niles
 
System Client Details
System Client DetailsSystem Client Details
System Client DetailsSyAM Software
 
HARDENING OF WINDOWS 10 OS.pptx
HARDENING OF WINDOWS 10 OS.pptxHARDENING OF WINDOWS 10 OS.pptx
HARDENING OF WINDOWS 10 OS.pptxssuser80ad2d
 
ITE v5.0 - Chapter 5
ITE v5.0 - Chapter 5ITE v5.0 - Chapter 5
ITE v5.0 - Chapter 5Irsandi Hasan
 

Similar to microsoft+windows+security (20)

Ekran system functions v. 5.0
Ekran system functions v. 5.0Ekran system functions v. 5.0
Ekran system functions v. 5.0
 
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
 
SCCM 2019 Demo.pptx
SCCM 2019 Demo.pptxSCCM 2019 Demo.pptx
SCCM 2019 Demo.pptx
 
Installation & Initial Configuration
Installation & Initial ConfigurationInstallation & Initial Configuration
Installation & Initial Configuration
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurity
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1
 
configuration ,management and troubleshooting of Group Accounts.
configuration ,management and troubleshooting of Group Accounts.configuration ,management and troubleshooting of Group Accounts.
configuration ,management and troubleshooting of Group Accounts.
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
 
Introduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary MargaratIntroduction to Operating Systems - Mary Margarat
Introduction to Operating Systems - Mary Margarat
 
Windows Server 2012 Managing Active Directory Domain
Windows Server 2012 Managing Active Directory DomainWindows Server 2012 Managing Active Directory Domain
Windows Server 2012 Managing Active Directory Domain
 
Chapter10 Server Administration
Chapter10 Server AdministrationChapter10 Server Administration
Chapter10 Server Administration
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #5
 
System Client Details
System Client DetailsSystem Client Details
System Client Details
 
HARDENING OF WINDOWS 10 OS.pptx
HARDENING OF WINDOWS 10 OS.pptxHARDENING OF WINDOWS 10 OS.pptx
HARDENING OF WINDOWS 10 OS.pptx
 
ppt ch17
ppt ch17ppt ch17
ppt ch17
 
ITE v5.0 - Chapter 5
ITE v5.0 - Chapter 5ITE v5.0 - Chapter 5
ITE v5.0 - Chapter 5
 
Windows Security
Windows Security Windows Security
Windows Security
 
Security
SecuritySecurity
Security
 

Recently uploaded

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...akbard9823
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 

Recently uploaded (20)

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
Sushant Golf City / best call girls in Lucknow | Service-oriented sexy call g...
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 

microsoft+windows+security

  • 1. AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org UNIT FIVE Microsoft Windows Security
  • 2. AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION ONE Basic Security Policies and Tools 1
  • 3. © Air Force Association • Where many of the basic system changes and configurations can be made with a Windows operating system • Click Start → Control Panel 2 Control Panel
  • 4. © Air Force Association • Controls security settings on user computers within a network • Click System and Security → Administrative Tools → Local Security Policy 3 Basic Local Security Policies
  • 5. © Air Force Association • Modify policies to require users create strong passwords ‐ Remember CLOUDS Not SUN (Unit Four) • Click Account Policies → Password Policies 4 Password Policies Recommended settings: 5 passwords remembered 90 days for users, 30 for admins 10-30 days Enable 8 characters Disable Password history: the number of old passwords the computer remembers and does not allow a user to reuse Maximum password age: how long a user can keep the same password Minimum password age: how long a user must keep a password before changing it Minimum password length: how many characters passwords must be Complexity requirements: whether users must use at least three of the following in their passwords: upper case letters, lower case letters, numbers, symbols Reversible encryption: whether the password file on the computer can be decrypted Policies:
  • 6. © Air Force Association • Even if you have the strongest password possible, if you give hackers unlimited attempts to break it, they eventually will • Account policies govern unsuccessful attempts to log into an account • Click Account Policies → Account Lockout Policies 5 Account Lockout Policies Recommended settings: 30 minutes 3-10 invalid login attempts 30 minutes Account lockout duration: the number of minutes a locked-out account remains locked before automatically becoming unlocked Account lockout threshold: the number of failed logon attempts that causes a user account to be locked out Reset account lockout counter after: the number of minutes that must elapse before the failed logon attempt threshold counter is reset to 0 Policies:
  • 7. © Air Force Association • Click Start → Control Panel → System and Security → Action Center • Notifies you if Windows identifies problems with or updates for: ‐ Windows Updates ‐ Internet security settings ‐ Network firewall ‐ Spyware and related protection ‐ User Account Control ‐ Virus protections ‐ Windows Backups ‐ Windows Troubleshooting Action Center 6
  • 8. © Air Force Association • Control Panel  System and Security  Action Center • Anti-malware programs should be updated regularly • Windows Defender is a very basic built-in spyware protection program on Windows ‐ It only protects against known spyware, not viruses, worms or other malware • Download a supplementary anti- virus program ‐ Windows offers a free program called Windows Security Essentials ‐ If you choose a different anti-malware program, disable Windows Defender first to avoid compatibility issues. 7 Windows Defender and Anti-Malware
  • 9. © Air Force Association • Reject or allow data packets through to users based on custom settings • Essential to security and should always be turned ‘on’ • Control Panel → System and Security → Action Center → Turn on now Firewalls 8 0
  • 10. © Air Force Association • For more advanced settings: Control Panel  System and Security  Windows Firewall • Customize firewall settings for each type of network (e.g. Home, Public, Work) Windows Firewall Custom Settings 9
  • 11. © Air Force Association • Allow trusted programs to connect without being blocked by adding them to your Windows Firewall Exceptions list ‐ For each network type, you can customize whether you want the programs allowed through • It’s much safer to allow only certain programs through your firewall than to open an entire port to traffic ‐ Ports are numbers that identifies one side of a connection between two computers • Control Panel  System and Security  Windows Firewall Enabling Windows Firewall Exceptions 10 1. 2.
  • 12. © Air Force Association Common Exceptions 11 • Core Networking – Regular Microsoft Windows services that retrieve data from the Internet – If you don’t enable this exception across all three types of networks, some Microsoft services and programs will not run properly • File and Printer Sharing – Allows you to share the contents of selected folders and locally attached printers with other computers • Remote Assistance – Allows a user to temporarily remotely control another Windows computer over a network or the Internet to resolve issues • Remote Desktop – Allows users to access their user accounts and files remotely • UPnP Framework (Universal Plug-and-Play) – Allows devices to connect to and automatically establish working configurations with other devices on the same network
  • 13. © Air Force Association Adding Windows Firewall Exceptions 12 • If the program you want to allow through your firewall does not already appear on your exceptions list, click the “Allow another program” and select the program from the menu
  • 14. © Air Force Association • Prevent or fix known problems in Windows software or improve user experience • Should be installed regularly ‐ To avoid missing updates, allow Windows Update to check for them daily and install them automatically • Control Panel  System and Security  Windows Update 13 Windows Updates
  • 15. AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION TWO Account Management 14
  • 16. © Air Force Association 15 Account Groups Admin Accounts • The most advanced accounts • Typically held by IT Staff only • Admins can change security settings for other users, install resources, and access and modify all files on a network System Accounts Local Accounts • Allow access to a specific computer only • Username and password are stored on the computer itself User Accounts • Allow people to share a computer and network resources, but still have their own files and settings • Have fewer rights and permissions than Admin accounts Domain Accounts • Allow users to access their accounts from any computer in the network • Username and password reside on a domain controller (a type of server that manages all of the accounts on a network)
  • 17. © Air Force Association • Windows categorizes accounts as user or administrator accounts so that it can automatically apply the relevant permissions and rights • Define a user’s level of access by categorizing his or her account as a user or administrator • To set up the Local Users and Groups Console: Start Menu  Search “mmc” Click “yes” to allow changes to computer  Click File  Add or Remove Snap-ins  Select “Local Users and Groups  When prompted, select “Add to Local Computer” 16 Local Users and Groups Console *The following slides will show you how to control user access through Control Panel and through the Local Users and Groups Console. Other methods exist and you can choose which to use based on personal preference.
  • 18. © Air Force Association • Add a password • Obfuscate the account by changing the name ‐ Attackers will target known Admin accounts because successfully infiltrating those accounts will give them advanced permissions and access to the network • Restrict use of the account ‐ Use the Properties menu to remove unnecessary accounts from the Administrators group 17 Best Practice: Secure the Built-in Administrator Account
  • 19. © Air Force Association • Disable this account so people cannot anonymously access a computer • While someone on a Guest account will not have direct access to other users’ information, he or she can still significantly disrupt the resources of the local computer 18 Best Practice: Disable the Built-in Guest Account  Console option: 1. 2.
  • 20. © Air Force Association • Control Panel  User Accounts  Add or remove user accounts 19 Best Practice: Disable the Guest Account Control Panel option: 1. 2.
  • 21. © Air Force Association • Administrator accounts allow people to efficiently make changes across a network or computer and to monitor and control the use of shared resources ‐ Because of those advanced permissions, administrator accounts need to be especially well-protected and limited to only a few individuals. • Remove unnecessary users from the Administrators Group 20 Best Practice: Restrict Administrator Group Membership Console option: 1. 2.
  • 22. © Air Force Association • Control Panel  User Accounts  Manage another account 21 Best Practice: Restrict Administrator Group Membership Control Panel option: 1. 2. 3.
  • 23. © Air Force Association • Make sure all accounts are password protected 22 Best Practice: Set Passwords for all Accounts Console option: Alexi 1. 2.
  • 24. © Air Force Association • Control Panel  User Accounts  Manage another account 23 Best Practice: Set Passwords for all Accounts Control Panel option: 1. 2. 3.
  • 25. © Air Force Association • Only current, authorized employees should have access to a organization’s network • Make sure your user directory is up-to-date and remove unnecessary accounts 24 Removing Users Console option: 1. 2.
  • 26. © Air Force Association • Control Panel  User Accounts  Add or remove user accounts 25 Removing Users Control Panel option: 1. 2. 3.
  • 27. © Air Force Association • When adding new accounts, make sure to put the account in the right User Group and password protect the new user’s account 26 Adding Users Console option: 1. 2.
  • 28. © Air Force Association 27 Adding Users Control Panel option: • Control Panel  User Accounts  Add or remove user accounts 1. 2.