Scribd Logo
Importer

Bienvenue sur Scribd !

  • Microsoft Windows Security: Checklist

    Transféré par

    swapan555
    35 vues7 pages
    Its about windows security check list

    Titre original

    Windows Security

    Copyright

    © © All Rights Reserved

    Formats disponibles

    DOCX, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    Its about windows security check list

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    35 vues7 pages

    Microsoft Windows Security: Checklist

    Transféré par

    swapan555
    Its about windows security check list

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 7

    Microsoft Windows Security: Checklist

    Security control

    Step
    1
    2
    3
    4
    5
    6

    Parameters
    V
    All the entry points and gates should be monitored.
    All person entering and exiting should go through security
    check point.
    The organization premises should be Fireproofed
    Alarm system should be properly working.
    The organization's property should use guard staff.
    The area of the organization should be properly covered under
    cctv surveillance.
    defined.

    Account Lockout Policy


    Step

    1 hour or more.
    2
    Account lockout threshold
    0 invalid login

    attempts.
    Between 3 and 10.
    3
    Reset account lockout counter after.

    Policy
    Default
    Recommended
    1
    Account lockout Duration.
    Not

    defined.

    Not
    Between 10-40 minutes.

    Audit Policy
    Steps

    Policy
    Default
    Recommended
    1
    Account Logon Events.

    Success

    Auditing.

    Auditing.

    Success, Failure
    2
    Account
    Management.
    No
    Success, Failure
    3
    Directory Service access.
    No
    Success, Failure

    Success

    Object access
    Success

    Policy change
    No Auditing

    No Auditing

    System Event
    No Auditing

    Process tracking
    No Auditing

    4
    Logon Events
    Success, Failure
    5
    Success, Failure
    6
    Success
    7
    Privilege Use
    Success, Failure
    8
    Success
    9
    Success, Failure

    Password Policies
    Steps

    Policy
    Default
    Recommended
    1

    Enforce
    Password
    History
    24
    15 or more
    2
    Maximum password age
    45days
    30 or less for technical users.60 less for non-technical users.

    Characters

    3
    Minimum Password length
    7
    12 or more characters.
    4
    Password should be complex.

    Disabled.

    Enabled. Use custom passfilt.dll.


    5
    Minimum Password age
    1 Day
    1 Day or more.
    6
    Store password using reversible encryption.
    Disabled
    Users Rights Assignments
    Steps

    Enable.

    Policy
    Default
    Recommended

    1
    Access this computer from network
    Administrators, Backup operators, Power users.
    Administrators, Authentic Users,
    2
    Act as the art of operating system.
    Not defined

    No users.

    3
    Add
    workstations to domain.
    Not Defined

    Administrators
    4
    Adjust memory quotas for a process
    Administrators, Network service, Local service.
    Not defined
    5
    Allow Logon locally.
    Administrators, Backup operators, Power users.

    Administrators.
    6
    Allow logon through terminal service.
    Administrators and remote desktop users.
    Administrators.
    7
    Change the system time
    Administrators and Power users.
    Administrators,
    8
    Debug

    Administrators

    Programs
    No Users.

    Additional Security Protection


    Steps

    4
    5
    6
    7

    Policy
    1
    Disable or uninstall unused
    applications.
    2
    Disable or delete unused users.
    3
    Configure user rights as secure
    as possible.
    Ensure all volumes are using NTFS file system.
    Use the internet connection firewall or other methods
    to limit connection to the system.
    Configure file system permissions.
    Configure register permissions

    Vous aimerez peut-être aussi