Windows Server 2003 Recommended Baseline Security
Windows Server 2003 Recommended Baseline Security
Windows Server 2003 Recommended Baseline Security
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Windows</strong> <strong>Server</strong> <strong>2003</strong><br />
<strong>Recommended</strong> <strong>Baseline</strong> <strong>Security</strong> (ITSG-20)<br />
For a Workgroup system do the following:<br />
1. Open a command window.<br />
2. Enter “MMC” and press “Enter”.<br />
3. “Console 1” dialog opens.<br />
4. Click “File”.<br />
5. Select “Add/Remove Snap-in”.<br />
6. “Add/Remove Snap-in” dialog displayed.<br />
7. Click “Add”.<br />
8. “Add Standalone Snap-in” dialog displayed.<br />
9. Browse to and select “IP <strong>Security</strong> Policy Management”.<br />
10. Click “Add”.<br />
11. “Select Computer or Domain” dialog displayed.<br />
12. Accept defaults and click “”Finish”.<br />
13. Click “Close”.<br />
14. Click “OK”.<br />
15. In the “root Console Window”<br />
16. Select “Group Policy Object Editor”<br />
17. Click on “Add”.<br />
18. “Select Group Policy Object” window opens.<br />
19. Click “Finish” to accept defaults.<br />
20. Click “Close”.<br />
21. Click “OK”.<br />
22. Click “+” beside “Local Computer Policy”.<br />
The Computer Configuration entry is now displayed on the screen.<br />
4.7.4.1 Set client connection encryption level<br />
Computer configuration\Administrative Templates\<strong>Windows</strong> Components\Terminal<br />
Services\Encryption and <strong>Security</strong>\Set client connection encryption level=High<br />
The “Set client encryption level” setting uses 128-bit encryption to protect Terminal Service<br />
sessions. This policy sets the value to High.<br />
<strong>Server</strong> Policy Files March 2004 103