SlideShare a Scribd company logo

Practice - Windows Server Security Lesson 8

Download as PPTX, PDF
V
Vietfreelancer Expert

This document provides an agenda and instructions for a lesson on implementing server hardening. It discusses using tools like IPSec, BitLocker, locating inactive users, NTLM authentication, defining security options, removing storage access, configuring multiple password policies, and Sysinternals tools. It also includes links to videos and documentation on specific tasks like configuring NTLM authentication, defining security options, and removing storage access. It asks how to configure different password policies for groups like Admin and Staff and provides a link to documentation on the Sysinternals troubleshooting suite of tools.

Technology
1 of 12
Practice - Windows Server Security Lesson 8 Pasha Mohamed VDTQT-Hutech
Agenda Exercise: Implement hardening for server applications
Server Harden Tool • IPSec (lession 3) • Bitlocker • Locate inactive user • NTLM authen • Define security option • Remove Storage access • Configuring multi password policy • Sysinternal tool
Video BitLocker (Server)
Video Locate inactive user
Video NTLM authen • NTLM is legacy authen protocol (win 2000-2003) • NTLM is weak form of authen • Ensure no client require NTLM authen • Block NTLM using group policy • https://docs.microsoft.com/en- us/troubleshoot/windows-server/windows- security/ntlm-user-authentication
Video NTLM authen
Video Define security option
Video Remove Storage access
Video Configuring multi password policy How to config password policy for each group like Admin, Staff ?
Sysinternal tool • The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver. • The Suite is a bundling of the following selected Sysinternals Utilities: AccessChk, AccessEnum, AdExplorer, AdInsight, AdRestore, Autologon, Autoruns, BgInfo, BlueScreen, CacheSet, ClockRes, Contig, Coreinfo, Ctrl2Cap, DebugView, Desktops, Disk2vhd, DiskExt, DiskMon, DiskView, Disk Usage (DU), EFSDump, FindLinks, Handle, Hex2dec, Junction, LDMDump, ListDLLs, LiveKd, LoadOrder, LogonSessions, MoveFile, NotMyFault, NTFSInfo, PendMoves, PipeList, PortMon, ProcDump, Process Explorer, Process Monitor, PsExec, PsFile, PsGetSid, PsInfo, PsKill, PsList, PsLoggedOn, PsLogList, PsPasswd, PsPing, PsService, PsShutdown, PsSuspend, PsTools, RAMMap, RDCMan, RegDelNull, RegHide, RegJump, Registry Usage (RU), SDelete, ShareEnum, ShellRunas, Sigcheck, Streams, Strings, Sync, Sysmon, TCPView, VMMap, VolumeID, WhoIs, WinObj, ZoomIt https://docs.microsoft.com/en-us/sysinternals/downloads/sysinternals- suite
More Exercise .Config password policy for group Gr1(sep) with easier policy compare to Staff like no expire password, can log wrong 10 times.... .Block app Paint IE using GPO (mspaint.exe)

Recommended

Lession 4
Lession 4Lession 4
Lession 4Vietfreelancer Expert
 
Lession 3
Lession 3Lession 3
Lession 3Vietfreelancer Expert
 
Lession 10
Lession 10Lession 10
Lession 10Vietfreelancer Expert
 
Lession 7
Lession 7Lession 7
Lession 7Vietfreelancer Expert
 
Lession 9
Lession 9Lession 9
Lession 9Vietfreelancer Expert
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 
Creating a Single View Part 3: Securing Your Deployment
Creating a Single View Part 3: Securing Your DeploymentCreating a Single View Part 3: Securing Your Deployment
Creating a Single View Part 3: Securing Your DeploymentMongoDB
 
Webinar: Creating a Single View: Securing Your Deployment
Webinar: Creating a Single View: Securing Your DeploymentWebinar: Creating a Single View: Securing Your Deployment
Webinar: Creating a Single View: Securing Your DeploymentMongoDB
 

Recommended

Lession 4
Lession 4Lession 4
Lession 4Vietfreelancer Expert
 
Lession 3
Lession 3Lession 3
Lession 3Vietfreelancer Expert
 
Lession 10
Lession 10Lession 10
Lession 10Vietfreelancer Expert
 
Lession 7
Lession 7Lession 7
Lession 7Vietfreelancer Expert
 
Lession 9
Lession 9Lession 9
Lession 9Vietfreelancer Expert
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 
Creating a Single View Part 3: Securing Your Deployment
Creating a Single View Part 3: Securing Your DeploymentCreating a Single View Part 3: Securing Your Deployment
Creating a Single View Part 3: Securing Your DeploymentMongoDB
 
Webinar: Creating a Single View: Securing Your Deployment
Webinar: Creating a Single View: Securing Your DeploymentWebinar: Creating a Single View: Securing Your Deployment
Webinar: Creating a Single View: Securing Your DeploymentMongoDB
 
Virtualization Security
Virtualization SecurityVirtualization Security
Virtualization Securitysyrinxtech
 
Virtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter SecurityVirtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter SecurityEng Teong Cheah
 
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...Microsoft TechNet - Belgium and Luxembourg
 
Compute Security - Host Security
Compute Security - Host SecurityCompute Security - Host Security
Compute Security - Host SecurityEng Teong Cheah
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
Kevin wharram
Kevin wharramKevin wharram
Kevin wharramKevin Wharram
 
A Scalable Client Authentication & Authorization Service for Container-Based ...
A Scalable Client Authentication & Authorization Service for Container-Based ...A Scalable Client Authentication & Authorization Service for Container-Based ...
A Scalable Client Authentication & Authorization Service for Container-Based ...Binu Ramakrishnan
 
6421 b Module-08
6421 b Module-086421 b Module-08
6421 b Module-08Bibekananada Jena
 
Venkasure Antivirus Pro
Venkasure Antivirus ProVenkasure Antivirus Pro
Venkasure Antivirus Prorobinshaif
 
SSecuring Your MongoDB Deployment
SSecuring Your MongoDB DeploymentSSecuring Your MongoDB Deployment
SSecuring Your MongoDB DeploymentMongoDB
 
Quick Tips for Server Security
Quick Tips for Server SecurityQuick Tips for Server Security
Quick Tips for Server SecurityAlister Loxton
 
How to slice your monolithic webapp using MicroApps architecture
How to slice your monolithic webapp using MicroApps architectureHow to slice your monolithic webapp using MicroApps architecture
How to slice your monolithic webapp using MicroApps architectureYonatan Maman
 
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat Security Conference
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
3671 managing the v sphere distributed switch
3671 managing the v sphere distributed switch3671 managing the v sphere distributed switch
3671 managing the v sphere distributed switchMayotravels.com
 
Manage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and ComplianceManage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and ComplianceEng Teong Cheah
 
NodeJS Microservices, Built it Now, Scale it Later!
NodeJS Microservices, Built it Now, Scale it Later!NodeJS Microservices, Built it Now, Scale it Later!
NodeJS Microservices, Built it Now, Scale it Later!Lalit Shandilya
 
Gaia job fair introduction
Gaia job fair introductionGaia job fair introduction
Gaia job fair introductionJonas Cheng
 
BSides Rochester 2018: Anthony DiDonato: Virtualization Based Security
BSides Rochester 2018: Anthony DiDonato: Virtualization Based SecurityBSides Rochester 2018: Anthony DiDonato: Virtualization Based Security
BSides Rochester 2018: Anthony DiDonato: Virtualization Based SecurityJosephTesta9
 
All you need to know about Microsoft Ignite 2016
All you need to know about Microsoft Ignite 2016All you need to know about Microsoft Ignite 2016
All you need to know about Microsoft Ignite 2016Veeam Software
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12gameaxt
 
Windows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaWindows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaNew Horizons Bulgaria
 

More Related Content

What's hot

Virtualization Security
Virtualization SecurityVirtualization Security
Virtualization Securitysyrinxtech
 
Virtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter SecurityVirtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter SecurityEng Teong Cheah
 
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...Microsoft TechNet - Belgium and Luxembourg
 
Compute Security - Host Security
Compute Security - Host SecurityCompute Security - Host Security
Compute Security - Host SecurityEng Teong Cheah
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
A Scalable Client Authentication & Authorization Service for Container-Based ...
A Scalable Client Authentication & Authorization Service for Container-Based ...A Scalable Client Authentication & Authorization Service for Container-Based ...
A Scalable Client Authentication & Authorization Service for Container-Based ...Binu Ramakrishnan
 
Venkasure Antivirus Pro
Venkasure Antivirus ProVenkasure Antivirus Pro
Venkasure Antivirus Prorobinshaif
 
SSecuring Your MongoDB Deployment
SSecuring Your MongoDB DeploymentSSecuring Your MongoDB Deployment
SSecuring Your MongoDB DeploymentMongoDB
 
Quick Tips for Server Security
Quick Tips for Server SecurityQuick Tips for Server Security
Quick Tips for Server SecurityAlister Loxton
 
How to slice your monolithic webapp using MicroApps architecture
How to slice your monolithic webapp using MicroApps architectureHow to slice your monolithic webapp using MicroApps architecture
How to slice your monolithic webapp using MicroApps architectureYonatan Maman
 
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat Security Conference
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
3671 managing the v sphere distributed switch
3671 managing the v sphere distributed switch3671 managing the v sphere distributed switch
3671 managing the v sphere distributed switchMayotravels.com
 
Manage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and ComplianceManage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and ComplianceEng Teong Cheah
 
NodeJS Microservices, Built it Now, Scale it Later!
NodeJS Microservices, Built it Now, Scale it Later!NodeJS Microservices, Built it Now, Scale it Later!
NodeJS Microservices, Built it Now, Scale it Later!Lalit Shandilya
 
Gaia job fair introduction
Gaia job fair introductionGaia job fair introduction
Gaia job fair introductionJonas Cheng
 
BSides Rochester 2018: Anthony DiDonato: Virtualization Based Security
BSides Rochester 2018: Anthony DiDonato: Virtualization Based SecurityBSides Rochester 2018: Anthony DiDonato: Virtualization Based Security
BSides Rochester 2018: Anthony DiDonato: Virtualization Based SecurityJosephTesta9
 
All you need to know about Microsoft Ignite 2016
All you need to know about Microsoft Ignite 2016All you need to know about Microsoft Ignite 2016
All you need to know about Microsoft Ignite 2016Veeam Software
 

What's hot (20)

Virtualization Security
Virtualization SecurityVirtualization Security
Virtualization Security
 
Virtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter SecurityVirtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter Security
 
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built...
 
Compute Security - Host Security
Compute Security - Host SecurityCompute Security - Host Security
Compute Security - Host Security
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
 
Kevin wharram
Kevin wharramKevin wharram
Kevin wharram
 
A Scalable Client Authentication & Authorization Service for Container-Based ...
A Scalable Client Authentication & Authorization Service for Container-Based ...A Scalable Client Authentication & Authorization Service for Container-Based ...
A Scalable Client Authentication & Authorization Service for Container-Based ...
 
6421 b Module-08
6421 b Module-086421 b Module-08
6421 b Module-08
 
Venkasure Antivirus Pro
Venkasure Antivirus ProVenkasure Antivirus Pro
Venkasure Antivirus Pro
 
SSecuring Your MongoDB Deployment
SSecuring Your MongoDB DeploymentSSecuring Your MongoDB Deployment
SSecuring Your MongoDB Deployment
 
Quick Tips for Server Security
Quick Tips for Server SecurityQuick Tips for Server Security
Quick Tips for Server Security
 
How to slice your monolithic webapp using MicroApps architecture
How to slice your monolithic webapp using MicroApps architectureHow to slice your monolithic webapp using MicroApps architecture
How to slice your monolithic webapp using MicroApps architecture
 
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Software
 
3671 managing the v sphere distributed switch
3671 managing the v sphere distributed switch3671 managing the v sphere distributed switch
3671 managing the v sphere distributed switch
 
Manage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and ComplianceManage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and Compliance
 
NodeJS Microservices, Built it Now, Scale it Later!
NodeJS Microservices, Built it Now, Scale it Later!NodeJS Microservices, Built it Now, Scale it Later!
NodeJS Microservices, Built it Now, Scale it Later!
 
Gaia job fair introduction
Gaia job fair introductionGaia job fair introduction
Gaia job fair introduction
 
BSides Rochester 2018: Anthony DiDonato: Virtualization Based Security
BSides Rochester 2018: Anthony DiDonato: Virtualization Based SecurityBSides Rochester 2018: Anthony DiDonato: Virtualization Based Security
BSides Rochester 2018: Anthony DiDonato: Virtualization Based Security
 
All you need to know about Microsoft Ignite 2016
All you need to know about Microsoft Ignite 2016All you need to know about Microsoft Ignite 2016
All you need to know about Microsoft Ignite 2016
 

Similar to Practice - Windows Server Security Lesson 8

Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12gameaxt
 
Windows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaWindows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaNew Horizons Bulgaria
 
Managing bitlocker with MBAM
Managing bitlocker with MBAMManaging bitlocker with MBAM
Managing bitlocker with MBAMOlav Tvedt
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Jan Ketil Skanke
 
CSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami LaihoCSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami LaihoNCCOMMS
 
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeLOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeYusuf Hadiwinata Sutandar
 
secure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfsecure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfssuser64a562
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoNCCOMMS
 
Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7aesthetics00
 
SQX Solution Day 2013 Q2 - Milestone Update
SQX Solution Day 2013 Q2 - Milestone UpdateSQX Solution Day 2013 Q2 - Milestone Update
SQX Solution Day 2013 Q2 - Milestone UpdateAlex Kwan
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Qualcomm Developer Network
 
TCO & TVT
TCO & TVTTCO & TVT
TCO & TVTLeoCurtis
 
What's New in Security for IBM i?
What's New in Security for IBM i?What's New in Security for IBM i?
What's New in Security for IBM i?HelpSystems
 
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld
 

Similar to Practice - Windows Server Security Lesson 8 (20)

Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12
 
Windows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons BulgariaWindows 7 in 60 minutes - New Horizons Bulgaria
Windows 7 in 60 minutes - New Horizons Bulgaria
 
Managing bitlocker with MBAM
Managing bitlocker with MBAMManaging bitlocker with MBAM
Managing bitlocker with MBAM
 
Video in html 5
Video in html 5Video in html 5
Video in html 5
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
 
CSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami LaihoCSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami Laiho
 
VideoEdge Cybersecurity v4.6 - May 2015
VideoEdge Cybersecurity v4.6 - May 2015VideoEdge Cybersecurity v4.6 - May 2015
VideoEdge Cybersecurity v4.6 - May 2015
 
VideoEdge Cybersecurity v4.6 - May 2015
VideoEdge Cybersecurity v4.6 - May 2015VideoEdge Cybersecurity v4.6 - May 2015
VideoEdge Cybersecurity v4.6 - May 2015
 
#1
#1#1
#1
 
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeLOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
 
secure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfsecure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdf
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
 
Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7Module 03 installing, upgrading, and migrating to windows 7
Module 03 installing, upgrading, and migrating to windows 7
 
SQX Solution Day 2013 Q2 - Milestone Update
SQX Solution Day 2013 Q2 - Milestone UpdateSQX Solution Day 2013 Q2 - Milestone Update
SQX Solution Day 2013 Q2 - Milestone Update
 
Ite v5.0 chapter5
Ite v5.0 chapter5Ite v5.0 chapter5
Ite v5.0 chapter5
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
 
TCO & TVT
TCO & TVTTCO & TVT
TCO & TVT
 
What's New in Security for IBM i?
What's New in Security for IBM i?What's New in Security for IBM i?
What's New in Security for IBM i?
 
Ekran system functions v. 5.0
Ekran system functions v. 5.0Ekran system functions v. 5.0
Ekran system functions v. 5.0
 
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
 

More from Vietfreelancer Expert

More from Vietfreelancer Expert (8)

Lesson 2 practice
Lesson 2 practiceLesson 2 practice
Lesson 2 practice
 
Lesson 2 lý thuyết
Lesson 2 lý thuyếtLesson 2 lý thuyết
Lesson 2 lý thuyết
 
Lesson 1 practice
Lesson 1 practiceLesson 1 practice
Lesson 1 practice
 
Lesson 1 lý thuyết
Lesson 1 lý thuyếtLesson 1 lý thuyết
Lesson 1 lý thuyết
 
Lession 6
Lession 6Lession 6
Lession 6
 
Lession 5
Lession 5Lession 5
Lession 5
 
Lession 2
Lession 2Lession 2
Lession 2
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 

Recently uploaded

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 

Recently uploaded (20)

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 

Practice - Windows Server Security Lesson 8

  • 1. Practice - Windows Server Security Lesson 8 Pasha Mohamed VDTQT-Hutech
  • 2. Agenda Exercise: Implement hardening for server applications
  • 3. Server Harden Tool • IPSec (lession 3) • Bitlocker • Locate inactive user • NTLM authen • Define security option • Remove Storage access • Configuring multi password policy • Sysinternal tool
  • 6. Video NTLM authen • NTLM is legacy authen protocol (win 2000-2003) • NTLM is weak form of authen • Ensure no client require NTLM authen • Block NTLM using group policy • https://docs.microsoft.com/en- us/troubleshoot/windows-server/windows- security/ntlm-user-authentication
  • 10. Video Configuring multi password policy How to config password policy for each group like Admin, Staff ?
  • 11. Sysinternal tool • The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver. • The Suite is a bundling of the following selected Sysinternals Utilities: AccessChk, AccessEnum, AdExplorer, AdInsight, AdRestore, Autologon, Autoruns, BgInfo, BlueScreen, CacheSet, ClockRes, Contig, Coreinfo, Ctrl2Cap, DebugView, Desktops, Disk2vhd, DiskExt, DiskMon, DiskView, Disk Usage (DU), EFSDump, FindLinks, Handle, Hex2dec, Junction, LDMDump, ListDLLs, LiveKd, LoadOrder, LogonSessions, MoveFile, NotMyFault, NTFSInfo, PendMoves, PipeList, PortMon, ProcDump, Process Explorer, Process Monitor, PsExec, PsFile, PsGetSid, PsInfo, PsKill, PsList, PsLoggedOn, PsLogList, PsPasswd, PsPing, PsService, PsShutdown, PsSuspend, PsTools, RAMMap, RDCMan, RegDelNull, RegHide, RegJump, Registry Usage (RU), SDelete, ShareEnum, ShellRunas, Sigcheck, Streams, Strings, Sync, Sysmon, TCPView, VMMap, VolumeID, WhoIs, WinObj, ZoomIt https://docs.microsoft.com/en-us/sysinternals/downloads/sysinternals- suite
  • 12. More Exercise .Config password policy for group Gr1(sep) with easier policy compare to Staff like no expire password, can log wrong 10 times.... .Block app Paint IE using GPO (mspaint.exe)

Editor's Notes

  1. https://ibb.co/9t8CWfQ