MCSE Designing Security for a Windows Server 2003 Network: Exam 70-298

T

tables, routing, 414415

Take Ownership of Files or Other Objects right, 470

tampering with data, 14

Task Scheduler, 465

TCP ports, 290291

technical constraints analysis

existing infrastructure capabilities, 3234

overview of, 3132, 4041

technology limitations, identifying, 34

technical policies, 4

technology limitations, 34

Telnet, 208

templates, baseline, 129132

templates, security. see security templates

terminal concentrators , 607

Terminal Servers

configuring, 123125

network security management and, 201204

to remotely manage IPSec, 283

securing, 147

summary of services for, 129

template for, 132

Terminal Services (TS)

IAS access and, 374

Audit logon events policy and, 483

user rights assignments and, 464, 465, 467

text-mode setup, 605

third-party encryption, 588, 620

third-party tools for patch management, 216217, 633634, 676

threat prediction, 1326

threats

against CA servers, 167169, 185

common types of attacks, 247249

to DNS servers, 294295

to domain controllers, 107108

password-based attack, 344

to wireless networks, 317318

three- tier CA model

described, 185

described/examples of, 162165

securing enterprise hierarchy, 169170

tickets, Kerberos, 647648

time limit, account usage, 166

timestamps, 648

token object, 466

tokens, access, 466, 520, 525

tools. see also command-line tools

administrative, securing, 200, 231

MMC, 201

for patch management, 216217

Remote Assistance, 207208

Remote Desktop for Administration, 205206

for securing administrators, 197199

Syskey utility, 634635

Telnet, 208

Terminal Server, 201204

third-party for patch management, 633634, 676

traffic, authentication, 110111

transference, risk, 24, 45

transitive trust, 217, 219222

Transport Layer Security (TLS). see also Secure Sockets Layer/Transport Layer Security

PKI and, 156

uses HMAC, 304

transport mode

with Authentication Header, 257

described, 256

with ESP, 258

ESP in, 261

IP packet with AH in, 260

Triple Data Encryption Standard (3DES)

described, 253

EFS and, 558

L2TP and, 438

trojan horses, 1819, 44

trust hierarchies

geographical, 162163

network, 164165

organizational, 163164

three-tier CA, 162

trust relationships

designing, 232233

digest authentication and, 367

between domains/forests, overview of, 217221

forest/domain functionality, 229230

forest/domain models for, 221226

security for interoperability in, 226228

Trusted for delegation setting, 467

trusts

PKI system dependent, 152

security of, 500

Windows Server 2003 upgrade and, 500

TS. see Terminal Servers

tunnel mode

with Authentication Header, 258

described, 256257

with ESP, 259

ESP in, 261, 262

IP packet with AH in, 261

tunnels, 423425, 446

two-way trust, 219221