Computer Security U8 - Windows 2000 Security

Nick.Bell2013
Mind Map by , created over 6 years ago

Mind Map on Computer Security U8 - Windows 2000 Security, created by Nick.Bell2013 on 04/29/2013.

51
9
0
Tags No tags specified
Nick.Bell2013
Created by Nick.Bell2013 over 6 years ago
Superpower Geographies
jamesnchlsn
Test Primer Parcial - Tecnologías de la Información I
Ing. José Luis A. Hernández Jiménez
salesforce Developer 1
sbchowdary
Higher Politics Essay Notes
Daniel Cormack
PuKW - FOLO Wippersberg (mögliche Prüfungsfragen/Prüfungsvorbereitung)
Kamelia Kostadinova
Certified Information Systems Security Professional (CISSP)
GoAsk Chaz
SSCP Domains
Abdul Issa
Computer Security Potential Flaws
Rob Speirs
Economic Growth
Kati Christova
Tips for IB History Paper 1
enyarko
Computer Security U8 - Windows 2000 Security
1 Introduction
1.1 Memory & Privilege levels
1.1.1 linear 32-bit (4GB) address space
1.2 Object-based security
1.2.1 Securable objects
1.2.2 Active Directory
1.2.2.1 objects with attributes
1.3 programs
1.3.1 processes
1.3.1.1 threads
2 Basic concepts
2.1 Principals
2.1.1 Security principals
2.1.1.1 Security Identifiers (SIDs)
2.1.2 groups
2.1.2.1 security
2.1.2.2 e-mail distribution
2.2 Objects
2.2.1 instance of a class
2.3 Classes
2.4 Object Handler
2.4.1 controls objects
2.4.1.1 kernel objects
2.4.1.2 executive obejcts
3 Active Directory
3.1 secure, distributed, scalable & replicated hierarchical directory service
3.2 integrates DNS
3.3 single point of admin (incl. security)
3.4 Objects
3.4.1 GUID
3.4.2 schema
3.4.3 container
3.4.3.1 can hold other objects
3.4.3.1.1 e.g. directory
3.4.4 leaf
3.5 Names
3.5.1 security principal
3.5.1.1 SIDs
3.5.1.1.1 LDAP Distinguished Name (DN)
3.5.1.1.1.1 Relative DN (RDN)
3.5.1.1.1.2 canonical
3.5.1.1.1.2.1 GUID
4 Domains & Organizational Units
4.1 domain controller
4.2 member server
4.3 organizational unit
4.3.1 organize and contain AD objects
4.4 Trust relationships
4.4.1 domain tree
4.4.1.1 domains with common schema/configuration
4.4.2 domain forest
4.4.2.1 trees with common schema
4.4.2.2 not a contiguous namespace in AD
4.4.3 managed domains
4.5 Domain models
4.5.1 single
4.5.2 master
4.5.3 multiple master
4.5.4 complete trust
5 Authentication
5.1 ID verification
5.2 interactive logon
5.2.1 network authentication
5.3 SAS
5.4 GINA DLL
5.4.1 Local Security Authority (LSA)
5.5 Kerberos
5.5.1 Key Dist. Centre (KDC)
5.5.1.1 ticket-granting ticket (TGT)
5.5.1.1.1 ticket-granting service (TGS)
5.5.2 Single Sign-On (SSO)
6 Access Control
6.1 DACL
6.2 object handles
6.2.1 handle table
6.2.1.1 28-bit pointer to object header
6.2.1.2 32-bit access mask
6.2.1.2.1 handle file entries
6.2.1.2.1.1 access control entires
6.2.1.2.1.1.1 access requests
6.2.1.2.2 generic access rights
6.2.1.2.2.1 (R)ead
6.2.1.2.2.1.1 (W)rite
6.2.1.2.2.1.1.1 (X)ecute
6.2.1.2.2.1.1.1.1 (A)ll
6.2.1.3 4 flags: (L)ock (A)udit (P)rotect (I)nherit
6.3 Control Access Rights
6.3.1 extended
6.3.2 property sets
6.3.3 validated writes
6.4 privilege
6.4.1 take-ownership
6.5 Impersonation
6.5.1 Principle of Least Privilege
6.6 Access Tokns
6.6.1 primary
6.6.2 LSA
6.7 Security Descriptor
6.7.1 control flags
6.7.1.1 owner
6.7.1.1.1 primary group
6.7.1.1.1.1 DACL
6.7.1.1.1.1.1 SACL
6.8 AC Entries
6.8.1 Access-denied
6.8.1.1 Access-allowed
6.8.1.1.1 System-audit
7 Security Management & Audit
7.1 Security Configuration Tool Set (SCTS)
7.2 Group Policy Objects (GPOs)
7.3 Audit
7.3.1 detect behaviour that violates policy
7.3.2 analyse security breaches
7.3.3 provide evidence for prosecution

Media attachments