SlideShare une entreprise Scribd logo

Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg

Télécharger en tant que PPT, PDF
Eric Vanderburg
Eric Vanderburg

Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg

Technologie
1  sur  14
Network Implementation & Support Chapter 9 Group Policy Eric Vanderburg © 2006
Group Policy • Contained in GPO (Group Policy Objects) which are linked to Sites, Domains, or OUs • GPC (Group Policy Container) – Info about the GPO such as version used for synchronization. – Enable advanced view AD Users & ComputersSystemPolicies • GPT (Group Policy Template) – All the settings for the policy. Stored in %Systemroot %SysvolDomainPolicies • Registry.pol – All registry settings • GUID (Global Unique Identifier) – 128 bit number used to identify GPCs and GPTs. Unique to the forest. Eric Vanderburg © 2006
Scripts • Computer – Startup – Shutdown • User – Logon – Logoff • • • • • Software settingsWindows settings Modify order Time out Asynchronous – run at same time Hidden or not Eric Vanderburg © 2006
Default GPOs • Default Domain Policy – Applied to domain – Password policy, account policy, & kerberos can only be set here • Default Domain Controllers Policy – Applied to DC container • Create others in the Group Policy Object Editor MMC or from AD Users & Computers Eric Vanderburg © 2006
Settings • Undefined – can be set by a higher GPO • Enabled • Disabled • Priorities – LSDOU (Local Site Domain Organizational Unit) – The last one applied takes precedence – No override (under options) – Block Policy Inheritance (under options) Eric Vanderburg © 2006
Applying Group Policy 1. Computer starts up & queries the DC for GPOs that apply 2. Startup scripts run 3. GPTs are downloaded form the sysvol share and applied in order 4. User logs on 5. DC is queried again 6. Logon scripts run 7. GPTs are downloaded and applied 8. Software policies execute Eric Vanderburg © 2006
• Administrative Templates – – – – User settings Applications Control panel GUI • Windows Settings – IE – RIS – Folder redirection • Software Settings – Installation & maintenance / upgrade Eric Vanderburg © 2006
Administrative Templates • Windows Components (both) – IE, Netmeeting, Tasks • System (both) – Disks quotas, Driver signing, Code signing • Network (both) – Offline files & folders, dial up connections, VPNs • Printers (computer) • Start menu & taskbar • Desktop (user) – Wallpaper, which icons display, Active desktop enabled • Control panel (user) – Applets that appear • Shared folders (user) – DFS Eric Vanderburg © 2006
Security Settings • Local Policies – Applied first – Audit policy – what is in the event logs – User Rights Assignment – what can be done on the machine – Security Options – Logon banner, restrict access to media, remove logon • Event Log – size, retention • Restricted groups – restores users to certain groups or groups to groups Eric Vanderburg © 2006
Security Settings • System Services – how they start up (auto manual, on off) • Registry – permissions to registry • File Systems – permissions & auditing • Wireless network – SSID, encryption, order • Public Key Policies – EFS, autoenrollment, CA trusts • Software Restriction Policies • IP Security Policies – enable policies Eric Vanderburg © 2006
Folder Redirection • Folders – Application Data – Desktop – My Documents – Start Menu • Stored on network • Settings – Grant permissions to folder – Move contents to network – Redirect back to local when removed Eric Vanderburg © 2006
Permissions • Must have these permissions for the GP to apply – Apply Group Policy permissions – Read • Gpresult – RSoP (Resultant Set of Policies) • Gpupdate /force Eric Vanderburg © 2006
Software Deployment • Place MSI in shared folder • EXE can be installed with ZAP file – ZAPs cannot be assigned and will not repair themselves • Assigned Apps – shortcut is created and it is installed on first run • Published Apps – appears in Add/Remove programs • Upgrades – mandatory, optional, completely redeploy • Removal – forced or optional, no new installs Eric Vanderburg © 2006
Acronyms • • • • • • GUID, Global Unique Identifier GPC, Group Policy Container GPO, Group Policy Object GPT, Group Policy Template MSI, Microsoft Installer RSoP, Resultant Set of Policy Eric Vanderburg © 2006

Recommandé

Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case StudyCisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Studynicholas njoroge
 
501 ch 5 securing hosts and data
501 ch 5 securing hosts and data501 ch 5 securing hosts and data
501 ch 5 securing hosts and datagocybersec
 
Chapter09
Chapter09Chapter09
Chapter09Muhammad Ahad
 
501 ch 4 securing your network
501 ch 4 securing your network501 ch 4 securing your network
501 ch 4 securing your networkgocybersec
 
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgEric Vanderburg
 
Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...
Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...
Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...Eric Vanderburg
 
501 ch 11 operational security
501 ch 11 operational security501 ch 11 operational security
501 ch 11 operational securitygocybersec
 
Final project
Final projectFinal project
Final projectrippea
 

Recommandé

Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case StudyCisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Studynicholas njoroge
 
501 ch 5 securing hosts and data
501 ch 5 securing hosts and data501 ch 5 securing hosts and data
501 ch 5 securing hosts and datagocybersec
 
Chapter09
Chapter09Chapter09
Chapter09Muhammad Ahad
 
501 ch 4 securing your network
501 ch 4 securing your network501 ch 4 securing your network
501 ch 4 securing your networkgocybersec
 
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgEric Vanderburg
 
Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...
Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...
Computer Architecture - Software - Lesson 8 - Managing Windows XP - Eric Vand...Eric Vanderburg
 
501 ch 11 operational security
501 ch 11 operational security501 ch 11 operational security
501 ch 11 operational securitygocybersec
 
Final project
Final projectFinal project
Final projectrippea
 
Socket Programming
Socket ProgrammingSocket Programming
Socket ProgrammingVisualBee.com
 
Unit 3
Unit 3Unit 3
Unit 3Sangeetha Rangarajan
 
Np unit2
Np unit2Np unit2
Np unit2vamsitricks
 
HIGH SPEED NETWORKS
HIGH SPEED NETWORKSHIGH SPEED NETWORKS
HIGH SPEED NETWORKSKathirvel Ayyaswamy
 
Network Sockets
Network SocketsNetwork Sockets
Network SocketsPeter R. Egli
 
Application Performance Monitoring
Application Performance MonitoringApplication Performance Monitoring
Application Performance MonitoringOlivier Gérardin
 
HIGH SPEED NETWORKS
HIGH SPEED NETWORKSHIGH SPEED NETWORKS
HIGH SPEED NETWORKSKathirvel Ayyaswamy
 
Internet architecture
Internet architectureInternet architecture
Internet architectureNaman Rastogi
 
OSI Model of Networking
OSI Model of NetworkingOSI Model of Networking
OSI Model of NetworkingMukesh Tekwani
 
Securing Windows with Group Policy
Securing Windows with Group PolicySecuring Windows with Group Policy
Securing Windows with Group PolicyJosh Rickard
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410omardabbas
 
(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory PwnagePetros Koutroumpis
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12gameaxt
 
Lecture 11 managing the network
Lecture 11 managing the networkLecture 11 managing the network
Lecture 11 managing the networkWiliam Ferraciolli
 
Best practices in Deploying SUSE CaaS Platform v3
Best practices in Deploying SUSE CaaS Platform v3Best practices in Deploying SUSE CaaS Platform v3
Best practices in Deploying SUSE CaaS Platform v3Juan Herrera Utande
 
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...Eric Vanderburg
 
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Eric Vanderburg
 
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Eric Vanderburg
 
Anujit CV
Anujit CV Anujit CV
Anujit CV Anujit Dandapat
 
Anujit CV
Anujit CV Anujit CV
Anujit CV Anujit Dandapat
 
70 640 Lesson07 Ppt 041009
70 640 Lesson07 Ppt 04100970 640 Lesson07 Ppt 041009
70 640 Lesson07 Ppt 041009Coffeyville Community College
 

Contenu connexe

En vedette

Application Performance Monitoring
Application Performance MonitoringApplication Performance Monitoring
Application Performance MonitoringOlivier Gérardin
 
Internet architecture
Internet architectureInternet architecture
Internet architectureNaman Rastogi
 
OSI Model of Networking
OSI Model of NetworkingOSI Model of Networking
OSI Model of NetworkingMukesh Tekwani
 

En vedette (9)

Socket Programming
Socket ProgrammingSocket Programming
Socket Programming
 
Unit 3
Unit 3Unit 3
Unit 3
 
Np unit2
Np unit2Np unit2
Np unit2
 
HIGH SPEED NETWORKS
HIGH SPEED NETWORKSHIGH SPEED NETWORKS
HIGH SPEED NETWORKS
 
Network Sockets
Network SocketsNetwork Sockets
Network Sockets
 
Application Performance Monitoring
Application Performance MonitoringApplication Performance Monitoring
Application Performance Monitoring
 
HIGH SPEED NETWORKS
HIGH SPEED NETWORKSHIGH SPEED NETWORKS
HIGH SPEED NETWORKS
 
Internet architecture
Internet architectureInternet architecture
Internet architecture
 
OSI Model of Networking
OSI Model of NetworkingOSI Model of Networking
OSI Model of Networking
 

Similaire à Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg

Securing Windows with Group Policy
Securing Windows with Group PolicySecuring Windows with Group Policy
Securing Windows with Group PolicyJosh Rickard
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410omardabbas
 
(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory PwnagePetros Koutroumpis
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12gameaxt
 
Lecture 11 managing the network
Lecture 11 managing the networkLecture 11 managing the network
Lecture 11 managing the networkWiliam Ferraciolli
 
Best practices in Deploying SUSE CaaS Platform v3
Best practices in Deploying SUSE CaaS Platform v3Best practices in Deploying SUSE CaaS Platform v3
Best practices in Deploying SUSE CaaS Platform v3Juan Herrera Utande
 
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...Eric Vanderburg
 
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Eric Vanderburg
 
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Eric Vanderburg
 
AppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep DiveAppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep DiveDave Allen
 
Frokost seminar windows 8 februar 2013
Frokost seminar windows 8 februar 2013Frokost seminar windows 8 februar 2013
Frokost seminar windows 8 februar 2013Olav Tvedt
 
Windows_Installation.pptx
Windows_Installation.pptxWindows_Installation.pptx
Windows_Installation.pptxLearyJohn
 
Administrating Your Network
Administrating Your NetworkAdministrating Your Network
Administrating Your Networkzaisahil
 
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...moneyjh
 
Useful Group Policy Concepts
Useful Group Policy ConceptsUseful Group Policy Concepts
Useful Group Policy ConceptsRob Dunn
 

Similaire à Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg (20)

Securing Windows with Group Policy
Securing Windows with Group PolicySecuring Windows with Group Policy
Securing Windows with Group Policy
 
Operating system security
Operating system securityOperating system security
Operating system security
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410
 
(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12
 
Lecture 11 managing the network
Lecture 11 managing the networkLecture 11 managing the network
Lecture 11 managing the network
 
Best practices in Deploying SUSE CaaS Platform v3
Best practices in Deploying SUSE CaaS Platform v3Best practices in Deploying SUSE CaaS Platform v3
Best practices in Deploying SUSE CaaS Platform v3
 
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
Computer Architecture - Software - Lesson 10 - Hard Drive Management / Logica...
 
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
 
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...
 
Anujit CV
Anujit CV Anujit CV
Anujit CV
 
Anujit CV
Anujit CV Anujit CV
Anujit CV
 
70 640 Lesson07 Ppt 041009
70 640 Lesson07 Ppt 04100970 640 Lesson07 Ppt 041009
70 640 Lesson07 Ppt 041009
 
AppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep DiveAppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep Dive
 
Frokost seminar windows 8 februar 2013
Frokost seminar windows 8 februar 2013Frokost seminar windows 8 februar 2013
Frokost seminar windows 8 februar 2013
 
Ch 20
Ch 20Ch 20
Ch 20
 
Windows_Installation.pptx
Windows_Installation.pptxWindows_Installation.pptx
Windows_Installation.pptx
 
Administrating Your Network
Administrating Your NetworkAdministrating Your Network
Administrating Your Network
 
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
 
Useful Group Policy Concepts
Useful Group Policy ConceptsUseful Group Policy Concepts
Useful Group Policy Concepts
 

Plus de Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 

Plus de Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Dernier

New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 

Dernier (20)

New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 

Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg

  • 1. Network Implementation & Support Chapter 9 Group Policy Eric Vanderburg © 2006
  • 2. Group Policy • Contained in GPO (Group Policy Objects) which are linked to Sites, Domains, or OUs • GPC (Group Policy Container) – Info about the GPO such as version used for synchronization. – Enable advanced view AD Users & ComputersSystemPolicies • GPT (Group Policy Template) – All the settings for the policy. Stored in %Systemroot %SysvolDomainPolicies • Registry.pol – All registry settings • GUID (Global Unique Identifier) – 128 bit number used to identify GPCs and GPTs. Unique to the forest. Eric Vanderburg © 2006
  • 3. Scripts • Computer – Startup – Shutdown • User – Logon – Logoff • • • • • Software settingsWindows settings Modify order Time out Asynchronous – run at same time Hidden or not Eric Vanderburg © 2006
  • 4. Default GPOs • Default Domain Policy – Applied to domain – Password policy, account policy, & kerberos can only be set here • Default Domain Controllers Policy – Applied to DC container • Create others in the Group Policy Object Editor MMC or from AD Users & Computers Eric Vanderburg © 2006
  • 5. Settings • Undefined – can be set by a higher GPO • Enabled • Disabled • Priorities – LSDOU (Local Site Domain Organizational Unit) – The last one applied takes precedence – No override (under options) – Block Policy Inheritance (under options) Eric Vanderburg © 2006
  • 6. Applying Group Policy 1. Computer starts up & queries the DC for GPOs that apply 2. Startup scripts run 3. GPTs are downloaded form the sysvol share and applied in order 4. User logs on 5. DC is queried again 6. Logon scripts run 7. GPTs are downloaded and applied 8. Software policies execute Eric Vanderburg © 2006
  • 7. • Administrative Templates – – – – User settings Applications Control panel GUI • Windows Settings – IE – RIS – Folder redirection • Software Settings – Installation & maintenance / upgrade Eric Vanderburg © 2006
  • 8. Administrative Templates • Windows Components (both) – IE, Netmeeting, Tasks • System (both) – Disks quotas, Driver signing, Code signing • Network (both) – Offline files & folders, dial up connections, VPNs • Printers (computer) • Start menu & taskbar • Desktop (user) – Wallpaper, which icons display, Active desktop enabled • Control panel (user) – Applets that appear • Shared folders (user) – DFS Eric Vanderburg © 2006
  • 9. Security Settings • Local Policies – Applied first – Audit policy – what is in the event logs – User Rights Assignment – what can be done on the machine – Security Options – Logon banner, restrict access to media, remove logon • Event Log – size, retention • Restricted groups – restores users to certain groups or groups to groups Eric Vanderburg © 2006
  • 10. Security Settings • System Services – how they start up (auto manual, on off) • Registry – permissions to registry • File Systems – permissions & auditing • Wireless network – SSID, encryption, order • Public Key Policies – EFS, autoenrollment, CA trusts • Software Restriction Policies • IP Security Policies – enable policies Eric Vanderburg © 2006
  • 11. Folder Redirection • Folders – Application Data – Desktop – My Documents – Start Menu • Stored on network • Settings – Grant permissions to folder – Move contents to network – Redirect back to local when removed Eric Vanderburg © 2006
  • 12. Permissions • Must have these permissions for the GP to apply – Apply Group Policy permissions – Read • Gpresult – RSoP (Resultant Set of Policies) • Gpupdate /force Eric Vanderburg © 2006
  • 13. Software Deployment • Place MSI in shared folder • EXE can be installed with ZAP file – ZAPs cannot be assigned and will not repair themselves • Assigned Apps – shortcut is created and it is installed on first run • Published Apps – appears in Add/Remove programs • Upgrades – mandatory, optional, completely redeploy • Removal – forced or optional, no new installs Eric Vanderburg © 2006
  • 14. Acronyms • • • • • • GUID, Global Unique Identifier GPC, Group Policy Container GPO, Group Policy Object GPT, Group Policy Template MSI, Microsoft Installer RSoP, Resultant Set of Policy Eric Vanderburg © 2006