« 上一篇下一篇 »

3-4+ Practice: Securing and Troubleshooting Authentication

Lesson 4 Securing and Troubleshooting Authentication 3-45 Practice: Securing and Troubleshooting Authentication
In this practice, you will configure domain auditing policies. You will then generate logon events. Finally, you will examine and troubleshoot the results of those logons.
Exercise 1: Configure Policies
1. Open Active Directory Users And Computers.
2. Select the domain node, Contoso.com
3. From the Action menu, choose Properties.
4. On the Group Policy tab, select Default Domain Policy and then click Edit.
5. Navigate to Computer Configuration, Windows Settings, Security Settings, Account Policies, and finally Account Lockout Policy.
6. Double-click the Account Lockout Duration policy.
7. Select the Define This Policy Setting check box.
8. Type 0 for the duration, then click Apply.
The system will prompt you that it will configure the account lockout threshold and reset counter policies. Click OK.
9. Click OK to confirm the settings, and then click OK to close the Policy dialog box.
10. Confirm that the Account Lockout Duration policy is zero, the threshold is 5, and the reset counter policy is 30 minutes.
11. Close the Group Policy Object Editor window.
12. Click OK to close the Properties dialog box for the contoso.com domain.
13. Select the Domain Controllers container, under the domain node.
14. From the Action menu, click Properties.
15. On the Group Policy tab, select Default Domain Controllers Policy and click Edit.
16. Navigate to Computer Configuration, Windows Settings, Security Settings, Local Policies, and finally Audit Policy.
17. Double-click the Audit Account Logon Events policy.
18. Select Define These Policy Settings, select both Success and Failure, and then click OK.
19. Double-click the Audit Logon Events policy.
20. Select Define These Policy Settings, select both Success and Failure, and then click OK.
3-46 Chapter 3 User Accounts 21. Double-click the Audit Account Management policy.
22. Select Define These Policy Settings, select Success, and then click OK.
23. Close the Group Policy Object Editor window.
24. Click OK to close the Properties dialog box for the Domain Controllers Properties dialog box.
Exercise 2: Generate Logon Events
1. Log off of Server01.
2. Generate two logon failure events by attempting to log on twice with the user- name sbishop and an invalid password.
3. Log on correctly as sbishop.
4. Log off.
Exercise 3: Generate Account Management Events
1. Log on as Administrator.
2. Open Active Directory Users And Computers.
3. In the tree pane, navigate to and select the Employees OU.
4. In the details pane, select Scott Bishop’s user object, and then click the Action menu.
5. Click the Reset Password command.
6. Enter and confirm a new password for Scott Bishop, and then click OK.
Exercise 4: Examine Authentication Security Event Messages
1. Open the Computer Management console from the Administrative Tools group.
2. Expand Event Viewer and select Security.
3. Make sure the Category column is wide enough that you can identify the types of events that are logged.
4. Explore the events that have been generated by recent activity. Note the failed logons, the successful logons, and the resetting of Scott Bishop’s password.
Lesson 4 Securing and Troubleshooting Authentication 3-47 Lesson Review
The following questions are intended to reinforce key information presented in this lesson. If you are unable to answer a question, review the lesson materials and try the question again. You can find answers to the questions in the “Questions and Answers” section at the end of this chapter.
1. You enable the password complexity policy for your domain. Describe the requirements for passwords, and when those requirements will take effect.
2. To monitor potential dictionary attacks against user passwords in your enterprise, what is the single best auditing policy to configure, and what log or logs will you evaluate?
3. A user has forgotten his or her password and attempts to log on several times with an incorrect password. Eventually, the user receives a logon message indicating that the account is either disabled or locked out. The message suggests that the user contact an administrator. What must you do?
a. Delete the user object and recreate it.
b. Enable the user object.
c. Unlock the user object.
d. Reset the password for the user object.
Lesson Summary
■ The Default Domain Policy drives account policies including the password and lockout policies.
■ The Default Domain Controllers Policy specifies key auditing policies for domain controllers.
■ Auditing for authentication generates events in each domain controller’s security logs.

  还没注册Payoneer的朋友可以免费申请一个,现在申请可获得25美元奖励并免除1%的美元入账费:当你收款达到100美元时,Payoneer会奖励你25美元。需要注意的是,如果你直接打开Payoneer官网进行注册,是没有上述优惠的,请务必打开【野猪尖的推荐链接】进行注册。Payoneer注册咨询QQ:2822129880

Payoneer

野猪尖的推荐链接https://www.payoneer.com/zh/znp (此地址要完整地复制,建议直接点击)

【Payoneer申请教程:个人账户企业账户订购Payoneer实体卡(P卡)

Payoneer注册与使用指南(包括P卡申请、Payoneer官方、手续费、收款、提现和消费):
注册-为何申请Payoneer万事达预付卡+美国/欧洲/英国银行账号? | P卡申请被拒绝的原因
   Payoneer有卡账户和无卡账户的区别Payoneer个人账户注册申请教程 | (公司帐户)
   Payoneer欧洲支付服务(欧元帐户)激活Payoneer欧元虚拟卡Payoneer推出日元收款帐户
   Payoneer英国支付服务(英镑帐户)订购Payoneer实体卡(P卡)Payoneer卡年费啥时候扣
   收到Payoneer万事达预付卡(P卡)Payoneer卡休眠和激活如何注销P卡P卡到期后如何更换

官方-Payoneer秉承公正、公开、透明服务Payoneer官方最新政策汇总官方客服联系方式
   Payoneer欧美收款账户费用表如何减少Payoneer入帐和取款手续费?
   跨境收款服务商拷问篇——PayoneerPayoneer客户答疑手册(FAQ)Payoneer手机App

收款-跨境电商/外贸收款方式对比Payoneer可以错名收款吗? | Payoneer还是蛮人性化的
   Payoneer可接受个人与公司信用卡付款(请求付款)关于Payoneer卡充值
   Amazon亚马逊卖家设置Payoneer卡收款教程Amazon联盟设置Payoneer卡收款
   Amazon亚马逊收款方式对比(Payoneer,World First,PingPong,美国/香港银行卡)
   申请CJ联盟并设置Payoneer卡收款ClickBank联盟设置Payoneer卡收款教程
   Payoneer如何从东南亚电商平台Lazada收款如何在Lazada开店
   Payoneer如何从拉美电商平台Linio收款? | Payoneer绑定非洲电商平台Jumia收款
   Payoneer如何从跨境移动电商Wish收款? | Wish模式正在改变电商格局
   Payoneer支持从美国电商平台Newegg收款
   Payoneer支持从法国乐天Priceminister收款法国电商平台CDiscount对接Payoneer收款
   Airbnb房东如何使用Payoneer收款?Airbnb房东用哪种收款方式最划算
   从PayPal提现到Payoneer卡教程及手续费用PayPal无法绑定并转账到Payoneer卡

提现-从Payoneer卡提现到国内银行账户Payoneer无法从Dating联盟收款并限制提现方式
   用P卡在中国银行ATM机取款4000元用Payoneer卡在中国建设银行ATM机取款500元

消费-用Payoneer卡在GoDaddy买域名主机教程


人在做天在看,转载请以链接的形式注明本文地址
本文地址:http://www.zhaoniupai.com/blog/archives/245.html