Soumettre la recherche
Mettre en ligne
Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
•
0 j'aime
•
865 vues
Eric Vanderburg
Suivre
Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
Lire moins
Lire la suite
Technologie
Signaler
Partager
Signaler
Partager
1 sur 14
Télécharger maintenant
Télécharger pour lire hors ligne
Recommandé
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
nicholas njoroge
501 ch 5 securing hosts and data
501 ch 5 securing hosts and data
gocybersec
Chapter09
Chapter09
Muhammad Ahad
501 ch 4 securing your network
501 ch 4 securing your network
gocybersec
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Eric Vanderburg
Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...
Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...
Eric Vanderburg
501 ch 11 operational security
501 ch 11 operational security
gocybersec
Final project
Final project
rippea
Contenu connexe
En vedette
Socket Programming
Socket Programming
VisualBee.com
Unit 3
Unit 3
Sangeetha Rangarajan
Np unit2
Np unit2
vamsitricks
HIGH SPEED NETWORKS
HIGH SPEED NETWORKS
Kathirvel Ayyaswamy
Network Sockets
Network Sockets
Peter R. Egli
Application Performance Monitoring
Application Performance Monitoring
Olivier Gérardin
HIGH SPEED NETWORKS
HIGH SPEED NETWORKS
Kathirvel Ayyaswamy
Internet architecture
Internet architecture
Naman Rastogi
OSI Model of Networking
OSI Model of Networking
Mukesh Tekwani
En vedette
(9)
Socket Programming
Socket Programming
Unit 3
Unit 3
Np unit2
Np unit2
HIGH SPEED NETWORKS
HIGH SPEED NETWORKS
Network Sockets
Network Sockets
Application Performance Monitoring
Application Performance Monitoring
HIGH SPEED NETWORKS
HIGH SPEED NETWORKS
Internet architecture
Internet architecture
OSI Model of Networking
OSI Model of Networking
Similaire à Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
Securing Windows with Group Policy
Securing Windows with Group Policy
Josh Rickard
Operating system security
Operating system security
Ramesh Ogania
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410
omardabbas
(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage
Petros Koutroumpis
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12
gameaxt
Lecture 11 managing the network
Lecture 11 managing the network
Wiliam Ferraciolli
Best practices in Deploying SUSE CaaS Platform v3
Best practices in Deploying SUSE CaaS Platform v3
Juan Herrera Utande
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Eric Vanderburg
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Eric Vanderburg
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Eric Vanderburg
Anujit CV
Anujit CV
Anujit Dandapat
Anujit CV
Anujit CV
Anujit Dandapat
70 640 Lesson07 Ppt 041009
70 640 Lesson07 Ppt 041009
Coffeyville Community College
AppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep Dive
Dave Allen
Frokost seminar windows 8 februar 2013
Frokost seminar windows 8 februar 2013
Olav Tvedt
Ch 20
Ch 20
National American University
Windows_Installation.pptx
Windows_Installation.pptx
LearyJohn
Administrating Your Network
Administrating Your Network
zaisahil
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
moneyjh
Useful Group Policy Concepts
Useful Group Policy Concepts
Rob Dunn
Similaire à Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
(20)
Securing Windows with Group Policy
Securing Windows with Group Policy
Operating system security
Operating system security
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410
(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12
Lecture 11 managing the network
Lecture 11 managing the network
Best practices in Deploying SUSE CaaS Platform v3
Best practices in Deploying SUSE CaaS Platform v3
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Anujit CV
Anujit CV
Anujit CV
Anujit CV
70 640 Lesson07 Ppt 041009
70 640 Lesson07 Ppt 041009
AppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep Dive
Frokost seminar windows 8 februar 2013
Frokost seminar windows 8 februar 2013
Ch 20
Ch 20
Windows_Installation.pptx
Windows_Installation.pptx
Administrating Your Network
Administrating Your Network
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
Useful Group Policy Concepts
Useful Group Policy Concepts
Plus de Eric Vanderburg
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Eric Vanderburg
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Eric Vanderburg
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Eric Vanderburg
Mobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
Eric Vanderburg
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
Eric Vanderburg
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
Eric Vanderburg
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
Eric Vanderburg
Principles of technology management
Principles of technology management
Eric Vanderburg
Japanese railway technology
Japanese railway technology
Eric Vanderburg
Evaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
Eric Vanderburg
Japanese current and future technology management challenges
Japanese current and future technology management challenges
Eric Vanderburg
Technology management in Japan: Robotics
Technology management in Japan: Robotics
Eric Vanderburg
Incident response table top exercises
Incident response table top exercises
Eric Vanderburg
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Eric Vanderburg
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Eric Vanderburg
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Eric Vanderburg
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Eric Vanderburg
Plus de Eric Vanderburg
(20)
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Mobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
Principles of technology management
Principles of technology management
Japanese railway technology
Japanese railway technology
Evaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
Japanese current and future technology management challenges
Japanese current and future technology management challenges
Technology management in Japan: Robotics
Technology management in Japan: Robotics
Incident response table top exercises
Incident response table top exercises
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Dernier
20150722 - AGV
20150722 - AGV
Jamie (Taka) Wang
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
IES VE
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
IES VE
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Commit University
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
Aggregage
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
Matsuo Lab
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
DianaGray10
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
DianaGray10
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
Eric D. Schabell
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
Matt Ray
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
shyamraj55
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
Liveplex
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
Jamie (Taka) Wang
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Will Schroeder
Designing A Time bound resource download URL
Designing A Time bound resource download URL
Runcy Oommen
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
Precisely
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
Tarek Kalaji
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
Seth Reyes
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
GDSC PJATK
Dernier
(20)
20150722 - AGV
20150722 - AGV
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Designing A Time bound resource download URL
Designing A Time bound resource download URL
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
1.
Network Implementation & Support Chapter
9 Group Policy Eric Vanderburg © 2006
2.
Group Policy • Contained
in GPO (Group Policy Objects) which are linked to Sites, Domains, or OUs • GPC (Group Policy Container) – Info about the GPO such as version used for synchronization. – Enable advanced view AD Users & ComputersSystemPolicies • GPT (Group Policy Template) – All the settings for the policy. Stored in %Systemroot %SysvolDomainPolicies • Registry.pol – All registry settings • GUID (Global Unique Identifier) – 128 bit number used to identify GPCs and GPTs. Unique to the forest. Eric Vanderburg © 2006
3.
Scripts • Computer – Startup –
Shutdown • User – Logon – Logoff • • • • • Software settingsWindows settings Modify order Time out Asynchronous – run at same time Hidden or not Eric Vanderburg © 2006
4.
Default GPOs • Default
Domain Policy – Applied to domain – Password policy, account policy, & kerberos can only be set here • Default Domain Controllers Policy – Applied to DC container • Create others in the Group Policy Object Editor MMC or from AD Users & Computers Eric Vanderburg © 2006
5.
Settings • Undefined –
can be set by a higher GPO • Enabled • Disabled • Priorities – LSDOU (Local Site Domain Organizational Unit) – The last one applied takes precedence – No override (under options) – Block Policy Inheritance (under options) Eric Vanderburg © 2006
6.
Applying Group Policy 1.
Computer starts up & queries the DC for GPOs that apply 2. Startup scripts run 3. GPTs are downloaded form the sysvol share and applied in order 4. User logs on 5. DC is queried again 6. Logon scripts run 7. GPTs are downloaded and applied 8. Software policies execute Eric Vanderburg © 2006
7.
• Administrative Templates – – – – User
settings Applications Control panel GUI • Windows Settings – IE – RIS – Folder redirection • Software Settings – Installation & maintenance / upgrade Eric Vanderburg © 2006
8.
Administrative Templates • Windows
Components (both) – IE, Netmeeting, Tasks • System (both) – Disks quotas, Driver signing, Code signing • Network (both) – Offline files & folders, dial up connections, VPNs • Printers (computer) • Start menu & taskbar • Desktop (user) – Wallpaper, which icons display, Active desktop enabled • Control panel (user) – Applets that appear • Shared folders (user) – DFS Eric Vanderburg © 2006
9.
Security Settings • Local
Policies – Applied first – Audit policy – what is in the event logs – User Rights Assignment – what can be done on the machine – Security Options – Logon banner, restrict access to media, remove logon • Event Log – size, retention • Restricted groups – restores users to certain groups or groups to groups Eric Vanderburg © 2006
10.
Security Settings • System
Services – how they start up (auto manual, on off) • Registry – permissions to registry • File Systems – permissions & auditing • Wireless network – SSID, encryption, order • Public Key Policies – EFS, autoenrollment, CA trusts • Software Restriction Policies • IP Security Policies – enable policies Eric Vanderburg © 2006
11.
Folder Redirection • Folders –
Application Data – Desktop – My Documents – Start Menu • Stored on network • Settings – Grant permissions to folder – Move contents to network – Redirect back to local when removed Eric Vanderburg © 2006
12.
Permissions • Must have
these permissions for the GP to apply – Apply Group Policy permissions – Read • Gpresult – RSoP (Resultant Set of Policies) • Gpupdate /force Eric Vanderburg © 2006
13.
Software Deployment • Place
MSI in shared folder • EXE can be installed with ZAP file – ZAPs cannot be assigned and will not repair themselves • Assigned Apps – shortcut is created and it is installed on first run • Published Apps – appears in Add/Remove programs • Upgrades – mandatory, optional, completely redeploy • Removal – forced or optional, no new installs Eric Vanderburg © 2006
14.
Acronyms • • • • • • GUID, Global Unique
Identifier GPC, Group Policy Container GPO, Group Policy Object GPT, Group Policy Template MSI, Microsoft Installer RSoP, Resultant Set of Policy Eric Vanderburg © 2006
Télécharger maintenant