Windows Server 2003 Recommended Baseline Security
Windows Server 2003 Recommended Baseline Security Windows Server 2003 Recommended Baseline Security
Unclassified ITSG for Windows Server 2003 e. Click ‘Open’ button. i. ‘Import Template’ window opens. f. Browse to the location of the Baseline configuration file and select it. g. Select ‘Clean this database before importing’. h. Click ‘Open’ button. i. Right click on ‘Security Configuration and Analysis’. j. Click ‘Import Template’. i. ‘Import Template’ window opens. k. Browse to the location of the role based policy file and select it. l. Click ‘Open’ button. m. Right click ‘Security Configuration and Analysis’. n. Select ‘Analyze Computer Now’. i. ‘Perform Analysis’ window opens. o. Click ‘OK’ to accept the log file location and perform analysis. 6.3 Compare Resultant Policy and Computer Settings a. Click on the ‘+’ to expand ‘Security Configuration and Analysis’. b. Click on the ‘+’ to expand ‘Account Policies’. c. Click on ‘Password Policies’ (right side frame shows settings). NOTE: If any item in the database does not match the computer setting, a small red ‘x’ in the ‘Policy’ column appears. d. Repeat the process for all sub-groups in ‘Account Policies’, ‘Local Policies’, and ‘Event Logs’. e. Click on ‘System Services’ (right frame shows service settings). NOTE: If any item in the database does not match the computer setting, a small red ‘x’ in the ‘System Service’ column appears. Additionally, if the security setting does not match, the ‘Permission’ column will display ‘Investigate’. f. To reset the configuration, simply reapply the policy. A domain server can be rebooted to force application of the policy. g. Policy configuration for a workgroup server must be reapplied manually. Please follow the procedure outlined in 5.1 Role Based IPSec Policies. 132 March 2004 Compliance Inspection and Enforcement
Windows Server 2003 Recommended Baseline Security (ITSG-20) Bibliography Author: Ben Smith and Brian Komer (with the Microsoft Security Team) Title: Microsoft Windows Security Resource Kit Editor: Julie Miller Edition: 1 st Publication Data: Publisher: Microsoft Press Place: One Microsoft Way Redmond, Washington 98052-6399 Author: Kurt Dillard, Jose Maldonado and Brad Warrender Title: Microsoft Solutions for Security: Windows Server 2003 Security Guide Editor: Ried Bannecker, Wendy Cleary, John Cobb, Kelly McMahon and Jon Tobey Edition: 1 st Publication Data: Publisher: Microsoft Corporation Place: One Microsoft Way Redmond, Washington 98052-6399 Author: Kurt Dillard Title: Microsoft Solutions for Security: Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP Editor: Ried Bannecker, John Cobb and Jon Tobey Edition: 1 st Publication Data: Publisher: Microsoft Corporation Place: One Microsoft Way Redmond, Washington 98052-6399 Author: Microsoft Press Title: Microsoft Windows Server 2003 Automating and Customizing Installations Editor: Maureen Willams Zimmerman Edition: 1 st Publication Data: Publisher: Microsoft Corporation Place: One Microsoft Way Redmond, Washington 98052-6399 Compliance Inspection and Enforcement March 2004 133
- Page 102 and 103: Unclassified ITSG for Windows Serve
- Page 104 and 105: Unclassified ITSG for Windows Serve
- Page 106 and 107: Unclassified ITSG for Windows Serve
- Page 108 and 109: Unclassified ITSG for Windows Serve
- Page 110 and 111: Unclassified ITSG for Windows Serve
- Page 112 and 113: Unclassified ITSG for Windows Serve
- Page 114 and 115: Unclassified ITSG for Windows Serve
- Page 116 and 117: Unclassified ITSG for Windows Serve
- Page 118 and 119: Unclassified ITSG for Windows Serve
- Page 120 and 121: Unclassified ITSG for Windows Serve
- Page 122 and 123: Unclassified ITSG for Windows Serve
- Page 124 and 125: Unclassified ITSG for Windows Serve
- Page 126 and 127: Unclassified ITSG for Windows Serve
- Page 128 and 129: Unclassified ITSG for Windows Serve
- Page 130 and 131: Unclassified ITSG for Windows Serve
- Page 132 and 133: Unclassified ITSG for Windows Serve
- Page 134 and 135: Unclassified ITSG for Windows Serve
- Page 136 and 137: Unclassified ITSG for Windows Serve
- Page 138 and 139: Unclassified ITSG for Windows Serve
- Page 140 and 141: Unclassified ITSG for Windows Serve
- Page 142 and 143: Unclassified ITSG for Windows Serve
- Page 144 and 145: Unclassified ITSG for Windows Serve
- Page 146 and 147: Unclassified ITSG for Windows Serve
- Page 148 and 149: Unclassified ITSG for Windows Serve
- Page 150 and 151: Unclassified ITSG for Windows Serve
- Page 154 and 155: Unclassified ITSG for Windows Serve
- Page 156 and 157: Unclassified ITSG for Windows Serve
- Page 158 and 159: Unclassified ITSG for Windows Serve
- Page 160 and 161: Unclassified ITSG for Windows Serve
- Page 162 and 163: Unclassified ITSG for Windows Serve
- Page 164 and 165: Unclassified ITSG for Windows Serve
- Page 166 and 167: Unclassified ITSG for Windows Serve
- Page 168 and 169: Unclassified ITSG for Windows Serve
- Page 170 and 171: Unclassified ITSG for Windows Serve
- Page 172 and 173: Unclassified ITSG for Windows Serve
- Page 174 and 175: Unclassified ITSG for Windows Serve
- Page 176 and 177: Unclassified ITSG for Windows Serve
- Page 178 and 179: Unclassified ITSG for Windows Serve
- Page 180 and 181: Unclassified ITSG for Windows Serve
- Page 182 and 183: Unclassified ITSG for Windows Serve
- Page 184 and 185: Unclassified ITSG for Windows Serve
- Page 186 and 187: Unclassified ITSG for Windows Serve
- Page 188 and 189: Unclassified ITSG for Windows Serve
- Page 190 and 191: Unclassified ITSG for Windows Serve
- Page 192 and 193: Unclassified ITSG for Windows Serve
- Page 194 and 195: Unclassified ITSG for Windows Serve
- Page 196 and 197: Unclassified ITSG for Windows Serve
- Page 198 and 199: Unclassified ITSG for Windows Serve
- Page 200 and 201: Unclassified ITSG for Windows Serve
<strong>Windows</strong> <strong>Server</strong> <strong>2003</strong><br />
<strong>Recommended</strong> <strong>Baseline</strong> <strong>Security</strong> (ITSG-20)<br />
Bibliography<br />
Author: Ben Smith and Brian Komer (with the Microsoft <strong>Security</strong> Team)<br />
Title: Microsoft <strong>Windows</strong> <strong>Security</strong> Resource Kit<br />
Editor: Julie Miller<br />
Edition: 1 st<br />
Publication Data:<br />
Publisher: Microsoft Press<br />
Place: One Microsoft Way<br />
Redmond, Washington 98052-6399<br />
Author: Kurt Dillard, Jose Maldonado and Brad Warrender<br />
Title: Microsoft Solutions for <strong>Security</strong>: <strong>Windows</strong> <strong>Server</strong> <strong>2003</strong> <strong>Security</strong> Guide<br />
Editor: Ried Bannecker, Wendy Cleary, John Cobb, Kelly McMahon and Jon Tobey<br />
Edition: 1 st<br />
Publication Data:<br />
Publisher: Microsoft Corporation<br />
Place: One Microsoft Way<br />
Redmond, Washington 98052-6399<br />
Author: Kurt Dillard<br />
Title: Microsoft Solutions for <strong>Security</strong>: Threats and Countermeasures: <strong>Security</strong> Settings<br />
in <strong>Windows</strong> <strong>Server</strong> <strong>2003</strong> and <strong>Windows</strong> XP<br />
Editor: Ried Bannecker, John Cobb and Jon Tobey<br />
Edition: 1 st<br />
Publication Data:<br />
Publisher: Microsoft Corporation<br />
Place: One Microsoft Way<br />
Redmond, Washington 98052-6399<br />
Author: Microsoft Press<br />
Title: Microsoft <strong>Windows</strong> <strong>Server</strong> <strong>2003</strong> Automating and Customizing Installations<br />
Editor: Maureen Willams Zimmerman<br />
Edition: 1 st<br />
Publication Data:<br />
Publisher: Microsoft Corporation<br />
Place: One Microsoft Way<br />
Redmond, Washington 98052-6399<br />
Compliance Inspection and Enforcement March 2004 133