The document discusses security tools configured on Windows Server 2008 to maintain the integrity of Brooklyn Circus' business data and network. It describes the owners' concerns about confidential files and constant changes to financial information. Group policies, account policies, network access protection, intrusion detection systems, and intrusion prevention systems are implemented to prevent data breaches, corruption, and manipulation.

2. The owners’ concerns
Define the scope of security and
why it is important
Group Policies
Network Access Protection (NAP)
Snort Intrusion Detection System
(SIDS)
Snort Intrusion Prevention System
(SIPS )

3.  The Brooklyn Circus owner does not
want confidential files stolen. For this
reason, the network administrator has
configured essential security tools on
Windows Server 2008 which maintains
the integrity of the businesses data.
 One of the major concerns are the
constant changes to files and financial
information currently housed on
Windows Server 2008 has been a major
testament to its’ success and growth.

4.  The prime importance of securing
Brooklyn Circus’ network is to
prevent loss, through misuse of
data.
 The main threats which may erupt if
network security is at risk are
 Breaches of confidentiality
 Data corruption
 Data manipulation

6. Group & Account Policies
Group Policies Account Policies
 A group policy is a way to provide consistent  Account Policies are security measures set up
security to Windows Server 2008 and the in those group policies and governs all three
clients who are connected to it.
domains through an established Kerberos
 Group policies reduce surface attacks and can Transitive Trust Relationship.
be expanded in the future. The primary domain
controller in New York will replicate those
policies and securities to the other domains.
 RMSs are security rights which provide security
for file types created by applications. RMS
 In Windows Server 2008, security settings are determines who can have rights to manage,
one of the newly added categories of Group read, copy, save, print, and forward data
Policy between networks.
 Regulate access to storage devices and who
installs those devices

7. Account Lockout Policy & IP Security (IPsec)
Account Lockout Policy IP Security (IPsec)
 An account lockout policy is set in place to  IPsec is a secured IP-based communication
prohibit access to a specific account after a and encryption standard created between
number of unsuccessful login attempts. each client in and around the network.
 The first line of defense for these policies  Each computer is enabled to exchange
are reversible encrypted passwords. Users certificates and authenticate the receiver
are required to change their passwords and sender.
every 45 to 90 days.

8. Network Access Protection
(NAP)
 A set of security features which
monitors and manages the
Windows Server 2008 and its’
clients to ensure the same level
of security is maintained on all
computers.
 If a client computer does not
have the current security
updates, NAP will either limit
access to the network or
automatically update the clients’
computer.

9. Snort Intrusion Detection Systems
(SIDS)
Security countermeasure solution which enhances
network security of the network infrastructure.
 Implemented at the information infrastructure security level.
 Serves as the next line of defense after the firewall.
 Monitor network traffic of all the domains by pinpointing
intruder attacks in real time mode.
 The firewall blocks access points within the network; however,
they are unable to decipher between malicious activities of
hackers.

10. Approaches
Network-
Host-Based Based
to Snort
(SHIDS) (SNIDS) Intrusion
 
SHIDS offers the
administrator the
SNIDS assist in
detecting attacks on Detection
benefit of being able the network level.
to detect attacks
directed at the host
Systems
Both perform automated checks on log files,
file checksums, file and directory permissions,
local network port activity, and other basic
host security items.

11.  Prevent attacks
 Decrease their impact
 Acts a sniffer to respond to security breaches.
 The IPS configured on Windows Server 2008
is a highly advanced security system.
 IPSs have the ability to take immediate action,
based on protocols established by the network
administrator.
 Informs the firewall about the location (IP
address) where the attack originated.
 The firewall will block the specified address.