Information Technology Reference
In-Depth Information
Account Lockout
Threshold
Specifies how many bad password attempts
can be entered before the account gets locked
out.
Account Policies
➢
Account Lockout
Policy
Account Lockout
Duration
Specifies how long an account will remain
locked out after too many bad password
attempts have been entered. By setting this
option to a reasonable value (such as 30 min-
utes), you can reduce administrative overhead
while still maintaining fairly strong security.
Account Policies
➢
Account Lockout
Policy
Reset Account Lock-
out Counter After
Specifies how long the Account Lockout
Threshold counter will hold failed logon
attempts before resetting to 0.
Account Policies
➢
Account Lockout
Policy
Accounts: Rename
Administrator
Account
Often, when trying to gain unauthorized
access to a computer, individuals attempt
to guess the administrator password. One
method for increasing security is to rename
this account so that no password allows entry
using this logon.
Local Policies
➢
Security Options
Domain Controller:
Allow Server
Operators To
Schedule Tasks
This option specifies whether members of the
built-in Server Operators group are allowed to
schedule tasks on the server.
Local Policies
➢
Security Options
Interactive Logon:
Do Not Display Last
User Name
Increases security by not displaying the name
of the last user who logged onto the system.
Local Policies
➢
Security Options
Shutdown: Allow
System To Be Shut
Down Without
Having To Log On
Allows system administrators to perform
remote shutdown operations without logging
on to the server.
Local Policies
➢
Security Options
Implementing an Audit Policy
One of the most important aspects of controlling security in networked environments is
ensuring that only authorized users are able to access specific resources. Although system
administrators often spend much time managing security permissions, it is almost always
possible for a security problem to occur.
Sometimes, the best way to find possible security breaches is actually to record the
actions that specific users take. Then, in the case of a security breach (the unauthorized
shutdown of a server, for example), system administrators can examine the log to find the
cause of the problem.
Search WWH ::
Custom Search