Заглавная страница Избранные статьи Случайная статья Познавательные статьи Новые добавления Обратная связь КАТЕГОРИИ: АрхеологияБиология Генетика География Информатика История Логика Маркетинг Математика Менеджмент Механика Педагогика Религия Социология Технологии Физика Философия Финансы Химия Экология ТОП 10 на сайте Приготовление дезинфицирующих растворов различной концентрацииТехника нижней прямой подачи мяча. Франко-прусская война (причины и последствия) Организация работы процедурного кабинета Смысловое и механическое запоминание, их место и роль в усвоении знаний Коммуникативные барьеры и пути их преодоления Обработка изделий медицинского назначения многократного применения Образцы текста публицистического стиля Четыре типа изменения баланса Задачи с ответами для Всероссийской олимпиады по праву Мы поможем в написании ваших работ! ЗНАЕТЕ ЛИ ВЫ?
Влияние общества на человека
Приготовление дезинфицирующих растворов различной концентрации Практические работы по географии для 6 класса Организация работы процедурного кабинета Изменения в неживой природе осенью Уборка процедурного кабинета Сольфеджио. Все правила по сольфеджио Балочные системы. Определение реакций опор и моментов защемления |
Security Best Practices for Workstation Security
Security best practices for workstation security emphasize three issues:
Correct password usage and management User permissions
Disabling AutoPlay (may be referred to as Autorun on the CompTIA A+ 220-802 exam)
Passwords
The first step in maintaining workstation security is to require all accounts to have passwords. During the initial setup of a new computer, usernames, passwords, and password hints are typi-cally required. However, if additional users are added, passwords are optional unless local or group policy settings require them. Make this the rule: Every use needs a password (every user). 142 CompTIA A+ Quick Reference
The second step is to require users to have a strong password. A simple numeric or alphabetic sequence (12345678 or ABCDEFGH) is not a strong password. A strong password need not be longer than eight characters, but it needs these characteristics:
Randomness
Uppercase and lowercase letters Numbers/symbols
To avoid the unsightly spectacle (and major security breach) of sticky notes holding brain-busting passwords, the password should also be relatively easy to remember. If you do not want to make up your own, there are numerous websites that can generate one for you. Some can generate pro-nounceable passwords that are nevertheless quite secure.
The third step is to make sure the computer is locked when not in use. By requiring a password (and displaying the logon screen) to bring the computer out of screen saver mode (Figure 7-4) and by instructing users to lock the keyboard with the Windows key+L combination, the system is secure but can be brought back into operation in just a few seconds.
Figure 7-4 The Screen Saver dialog in Windows 7 after enabling the On Resume, Display LogonScreen feature.
The fourth step is to require passwords to be changed periodically. This can be enforced with through group policies in various versions of Windows Server. Chapter 7: Security 143
User Permissions and Guest Accounts
New Technology File System (NTFS) allows file-level security that File Allocation Table 32 (FAT32) did not. After users are created, any folder or file can have custom privileges per user. Permission propagation applies the parent folder permissions to any child object (folders, files, and apps “inside” the parent folder). Tables 7-1 and 7-2 describe the various privileges and permis-sions.
Table 7-1 NTFS Permissions
Permissions regarding shared files and folders are a simplified version of NTFS permissions. Note that read in file-sharing permissions also allows the user to execute programs.
Table 7-2 Share Permissions
Windows XP supports many different levels of users (limited, administrators, power users, and others). Windows Vista and Windows 7 include only standard users, administrators, and guests. For security, the Guest account should be disabled in Windows Vista and Windows 7.
Disabling AutoPlay
The AutoPlay menu that appears when an external drive or removable media drive is connected to a Windows system is a convenience, but it can also pose a security threat because it can be used to start malicious programs stored on the drive.
AutoPlay and Autorun (which uses the autorun.inf file to automatically run a program on remov-able media) can be disabled through the group policies in Windows XP and later editions. On Windows XP and Windows Vista, some security updates need to be installed first to fully support disabling AutoPlay and Autorun. 144 CompTIA A+ Quick Reference
|
|||||||||||||||||||||||||||||||||||||||||||||
Последнее изменение этой страницы: 2017-02-08; просмотров: 299; Нарушение авторского права страницы; Мы поможем в написании вашей работы! infopedia.su Все материалы представленные на сайте исключительно с целью ознакомления читателями и не преследуют коммерческих целей или нарушение авторских прав. Обратная связь - 3.145.191.22 (0.004 с.) |