Video Review- Security Configuration Wizard
This video discusses how the Security Configuration Wizard can be used to harden a server by reducing the attack surface, which is the number of ports, protocols, and software that are available for use, and other methods of strengthening security. Any convenient method of entry on a server can result in a way in for an unauthorized attacker to gain entry. By disabling or removing these, the risk of unauthorized entry is significantly reduced. For example, an audio port which isn’t being used might as well be disabled. Firewalls also boost server security and can be configured in this wizard as well. By using the Security Configuration Wizard, a user can easily navigate many helpful options to improve the security of a server and harden it. Another helpful thing about this wizard is the ability to configure settings on multiple computers or servers. The Security Configuration Wizard is found in the start menu under Administrative Tools. This wizard provides many helpful benefits such as Role-Based Service Configuration, modifying Network Security/Firewall Settings, modifying Registry Settings, and the ability to change Audit Policies.
Using this wizard is very necessary to ensure that a high level of security is always maintained on a server. This is especially necessary when the servers have a high risk of attack, such as servers which are Internet accessible. An unprotected server which gets attacked can result in many headaches, such as lost productivity and increased time that an IT professional must diagnose and repair any resulting damage. There is also the risk of an attacker gaining sensitive and privileged information from the server and even modifying the server’s security settings to aid future attacks. The Security Configuration Wizard is very helpful for an Administrator as they can gain access and change the multiple aspects of server security using this simple tool. By configuring the System Audit Policy, the Administrator can view a detailed record of events such as unauthorized access attempts. Another advantage of this wizard is the ability to save the security policy on a network location so a user can access it on a different server. Additionally, the Security Configuration Wizard enables older security templates to be integrated into it.
Overall, this video was extremely enlightening and provided many helpful methods of server hardening using the Security Configuration Wizard. Having a high level of security on a server is crucial as new threats are created every day and because hackers are always developing new ways of gaining access. By using this wizard, a server’s security settings can be finely tuned to provide adequate protection, as well as reduce the number of help desk calls and reduced productivity that can be heightened by stricter server security settings. Finding the right balance between security and cost can be a difficult task. However, the Security Configuration Wizard provides the means to achieve this goal.
References
References “MCTS 70-640 Configuring Windows Server 2008 Active Directory Second edition” pg 339-345 “Security Configuration Wizard” http://technet.microsoft.com/enus/library/cc754997.aspx
Itfreetraining. (2013). MCITP 70-640: Security Configuration Wizard. Retrieved from https://www.youtube.com/watch?v=O9JzdT9xi9s.
Securing The Universe 