1
00:00:03,040 --> 00:00:04,150
Review questions.

2
00:00:05,040 --> 00:00:11,910
Question Why is physical security so important, especially for AIDS domain controllers?

3
00:00:12,750 --> 00:00:13,320
Answer.

4
00:00:14,220 --> 00:00:21,120
Adds Domain controllers store all information about all users, computers, groups and any other objects

5
00:00:21,120 --> 00:00:21,810
in the domain.

6
00:00:22,650 --> 00:00:28,470
If someone gains physical access to the server or its hard drive, this person can circumvent security

7
00:00:28,470 --> 00:00:31,290
guards easily and retrieve all of this information.

8
00:00:32,160 --> 00:00:37,590
This person then can use the information to attack your network or could modify your domain controller

9
00:00:37,590 --> 00:00:40,260
and put it back into the network with malicious intent.

10
00:00:41,160 --> 00:00:47,520
Question You need to implement auditing policies for domain authentication and changes to directory

11
00:00:47,520 --> 00:00:48,120
services.

12
00:00:49,020 --> 00:00:51,870
What is the best way to implement these auditing settings?

13
00:00:52,760 --> 00:00:53,330
Answer.

14
00:00:54,230 --> 00:00:59,030
If you want to enable auditing, it is very important that you configure the same auditing settings

15
00:00:59,030 --> 00:01:01,730
for all relevant servers on which the event might occur.

16
00:01:02,630 --> 00:01:08,870
If you want to configure auditing for domain authentication or changes in ads, configure these settings

17
00:01:08,870 --> 00:01:13,850
in the default domain controllers policy or a GPO that is linked to the domain controllers.

18
00:01:13,880 --> 00:01:14,330
Oh, you.

19
00:01:15,110 --> 00:01:15,800
Question.

20
00:01:16,610 --> 00:01:22,520
Your organization requires you to maintain a highly reliable and secure ads infrastructure.

21
00:01:23,390 --> 00:01:28,970
It also requires that users can access corporate email from the Internet by using Outlook Web access.

22
00:01:29,840 --> 00:01:32,660
You are considering implementing account lockout settings.

23
00:01:33,560 --> 00:01:34,760
What must you consider?

24
00:01:35,620 --> 00:01:36,190
Answer.

25
00:01:37,080 --> 00:01:43,500
Account lockout settings are not just a security feature, they also provide attackers an easily accessible

26
00:01:43,500 --> 00:01:44,400
Docx interface.

27
00:01:45,270 --> 00:01:51,150
If Outlook Web access is accessible from the Internet, you must configure additional protocols or services

28
00:01:51,150 --> 00:01:55,140
to ensure that only your domain users are able to enter their logon credentials.

29
00:01:56,010 --> 00:02:01,560
Other users must not be allowed to use the website to enter false passwords and lock out valid user

30
00:02:01,560 --> 00:02:02,040
accounts.

31
00:02:02,940 --> 00:02:03,450
Tools.

32
00:02:04,340 --> 00:02:10,700
The following table lists the tools that this module references tool use for.

33
00:02:11,610 --> 00:02:12,450
Where to find it.

34
00:02:13,330 --> 00:02:21,580
Active Directory users and computers managing objects within ads such as users, groups and computers.

35
00:02:22,480 --> 00:02:23,470
Server manager.

36
00:02:24,330 --> 00:02:32,370
Active Directory Administrative Center managing objects within ads such as users, groups and computers.

37
00:02:33,270 --> 00:02:34,260
Server manager.

38
00:02:35,130 --> 00:02:36,540
Group Policy Management.

39
00:02:37,410 --> 00:02:46,860
Managing Reporting Backup and restoration of GPOs server manager pub decor EMC manually updating the

40
00:02:46,860 --> 00:02:48,630
GPOs of local machines.

41
00:02:49,500 --> 00:02:50,370
Command line.

42
00:02:51,240 --> 00:02:53,250
Common issues and troubleshooting tips.

43
00:02:54,140 --> 00:02:55,010
Common issue.

44
00:02:55,850 --> 00:02:56,950
Troubleshooting tip.

45
00:02:57,830 --> 00:03:03,860
You have configured advanced auditing policy settings, but they do not apply verify that you have set

46
00:03:03,860 --> 00:03:10,520
the audit force audit policy subcategory settings, Windows Vista or later to override audit policy

47
00:03:10,520 --> 00:03:15,980
category settings policy settings under computer configuration backslash policies backslash windows

48
00:03:15,980 --> 00:03:23,030
settings backslash security settings backslash local policies backslash security options you have configured

49
00:03:23,030 --> 00:03:26,300
auditing of account log on or directory services changes.

50
00:03:27,200 --> 00:03:31,310
Now you are testing them, but you cannot find the events in your server's event log.

51
00:03:32,150 --> 00:03:37,670
If you have multiple domain controllers, you need to look at the security log of every domain controller.

52
00:03:38,540 --> 00:03:43,300
Also ensure that you have the auditing policy configured for every domain controller.