MCSE Designing Security for a Windows Server 2003 Network: Exam 70-298

E

EAP. see Extensible Authentication Protocol (EAP)

EAP-TLS. see Extensible Authentication Protocol-Transport Level Security

eavesdropping, 247, 317

e-commerce, 152155, 308

Edit Rule Properties dialog, 288

EFS. see Encrypted File System

elevation of privilege, 14

e-mail, 154155, 308

Emergency Management Console, 621

Emergency Management Services (EMS)

for disaster recovery, 599

securing, 601610

designing security for, 208210

implementing, 238

Enable Computer and User Accounts to be Trusted for Delegation right, 467

Encapsulated Security Payload (ESP)

with AH, 343

encryption with, 339

IPSec modes and, 256257

IPSec packet protection with, 258259

L2TP and, 433

Encrypted File System (EFS)

adding Data Recovery Agent with cipher.exe, 577579

backing up keys, 580584

behavior, 555556

best practices for, 556560

certificate enrollment/renewal, 565566

certificate storage and, 564565

certificates and, 624

design strategy, 618

disabling, 587588

encryption/decryption strategy, 571576

implementing on local computers, 560563

overview of, 553555, 570571, 615616

printing encrypted files, 584587

recovering files and, 580

Recovery Agent policy, removing, 579580

Server 2003 and, 508

vs. third-party encryption, 620

third-party encryption options with, 588

using cipher.exe, 566569

encryption

demand dial routing and, 422423

with ESP, 261

IPSec algorithms, 252253, 256

Password policy setting for, 475476

remote access and, 658659

SSL/TLS, 304305

symmetric/asymmetric, 153154

WEP for wireless networks, 329

WEP vulnerability, 335336

Enforce password history setting, 474

Enforce user logon restrictions, 472

enrollment

auto-enrollment for CAs, 181

of EFS certificates, 565566

request certificate from Web Enrollment Support, 177179

enterprise CAs

Active Directory and, 186

defining, 158

function of, 160, 185

root CA and, 168

securing, 169170

security for, 166171

enterprise, security application across, 132137

ESP. see Encapsulated Security Payload

Ethernet port type, 312

event auditing, 534541

event log monitoring, 395396

Event Log node, 7172

Event Logs, 42

Event Viewer, 485486

EventCombMT, 42

EventcombMT.exe, 486

Eventlog.pl, 486

Eventquery.pl, 486

Exchange Server 2003, 309

expiration dates, PKI certificate, 166

Export Policies command, 277

/export secedit.exe switch, 9293

Extensible Authentication Protocol (EAP)

for authentication, 316

authentication methods using, 329330

dial-up remote access and, 653

for VPNs, 426

Extensible Authentication Protocol-Transport Level Security (EAP-TLS)

demand dial routing and, 422

switch access authentication via, 312

wireless network authentication with, 330

extensions

Active Directory Client Services, 7475

security to Group Policy, 51, 138139

external attacks, 22

external CA, 161

external queries, 296

external routes, 420

external trusts, 222223

extranets

IIS security for, 375376

infrastructure design, 443