Networky Anuthi KarunaratneLECtURE 1 = i ei a nl - © Interference | Noise. < ® Media \ Za \ Copper ’ ~Unshielded twisted J Naatoselve thom . Shielded twisted « Pecure uss 2 a coaxial \ ORepeater Preset rules that network devices must use when Hransforing dala NUMBER $88 ter BINA 6000 128 6 32 16 g DIE PIP DR “Neher GH Pa 4096 3° 1 tao i. 2 ee des \ 6 3 | SateOSI ® TCP/IP m-o -d-e-l | Encoy ion ost Devices | ahs | Protocols TCP/IP Application | Provides an interface between application Programs running in system «& network Telnet, FIP, Presentation | format data,encryphon, SMTP, DNS, Pc Data 4 | Application compression’ a RIP, SNMP Session Establish maintain & terminaté sessions, authentication, Transport Segmentation, data Top. UDP transportation & connection oriented protoco| it provides reliable data delivery Port numbers Gateway Segment 3 Transport Network Ip address, routers lev 4 ipvG Router, Bridge Packet 2 | Internet Data Link Mac address, switches ARP Switch , NIC Frame 1 Network eSS Physical data ese Repeater, Hub, Bee Physical transmission baer cables, modem BitsLOCHURE : 2 ADDRESSING ipconfi: O bus topotoay, ~lists Recast neee nee ~Classic CSMAICD topology default gateway =Ait devices connected to backbone ton heay® WIFI networks use This topology ne computer at q Hime sends information ipconfig alt “Lists everything -» for physical ~M One Compurer malfunctions the whole adaress system 90@s down arp -d @star bopotety “rae = NII devices are connected to a central arp -o list: @RING topology. a i €> =A devices ae connected fo a centval MAU Ping CIP address) =OF iwother devicesto rm a imo “IF ou get reply ou kms you have €9° FDDI Cfiber Distributed Dojanterface) away communicahon Undersea cables currentty use a self healing ing ropoloay @FULLY MESHED topotosy, ~The Safest « greatest redundancy = Very ditfcult '@ administer ~ Very expensive te maintain HOW Do€s A NetWoRK vevice Get MeANING FROM PHYsicAL DATA Laver? OPHYSiCAL Linking tne. 4 ee 23 \ Breaks it down to bytes: address Q@DATA LINK 2-Assi9ns meaning based on tocation in FRAME eeealiatics AYA K —Preamble, destination address, source address ,|ype/lengih, ratee: encapsulated data from “per layels, frame: check 3.Network addressing -pnysical -mAc address =Cannot be divided int seperate sub networks Q@NETWORK — * V9ical addressing ~IP address “Used to group devices to subnet - 1 ADDRESSES IP address consists of 32 bits C4 octets) Range 0.0.0.0 - 255.255.255.255 HierarchicalSU BHE tt 1 NG > Subnetting enables the hierarchy, SUBNE! (sks configure hierarchy © The main purpose of subnetting is to help relieve network congestion & improve network performance Suonet (gugte Se PAaes sores de ag © 2x0 Host 156 (28 Gt 3L 16 8 Ht os ' Subnet Mask fx f25 fo 129 18 ha 130 Bl 132 > Decimal subnet masks can only contain the humbers- 0, 128 ,192, 22%, 240, 248,252, 254,285. Y Alll the I’s on the left & O'S on right in subnet masks Addres 142 _ (68 % 126 ZS 1 Mask 155 a 295 a 224 > Mask Binary LTH th tb oth ub tl UV ott 10 00 00.00 00 00 00 Add Binary [1 00 00 00.10 10 10 OO_LO! It Il 1D. 0000 00 O1 AND Ik 000000.j0 10 {0 00.01 10 00 00,00 060 00 90 Subnet 1D Nees 168 4 is is ° evices must be in he Same SUbNEt fo Communicate m the Same LAN. ‘Thus an |P address & @ subnet mask must be @nfigured ata minimum, In order to communicate with other subnets a router must be Used. Thus a default gateway address must be Configured in order to Communicate outside the LAN ApQicak “RAareSSeS ih the Same Subnet must bo connected fo he Same LAI rules Communication with other subnets must be sent to uter ey gateway i ADDRESSES — first address - werwork \p last address — Groadcast AAdresy — Multicast —224.0.0-0 ~ 239.255.255.255 ~ \ETF Research —240-0-0-0 - 155. 255.255. 254 = ThiS Device — 127.0-0-1 ~ 129.255.255.255 Cleopback) — All OLMIKLS _ ace 255 255.255 (universal) - Private IPAddveSses _10.0.0.0-10.255.255-255 rit “(FE -AG-0-0 ~ \92-31-255.0S5 cbhek “192.168 .0-0 — 19% 168. 255-255 — Automatic private IP Addresses CagiPa) IGT. 254.0. - 164.254 265.255d F \ 8 ' i) ulydale ' (Vv ' i Cc > ' ie G& j : swmpurne Hawthorn 8 & ' y ' mm , ' panto ' 7° ' ' ASI “CONSTRAINTS scope , coat. time. ee OPROJECT InTESRATION MANAGEMENT Cindudes idennfying & communicating Withsher prec Stakeholders) stare ene involved in or affected by project activihes « ndude who MAY be affeded need ir rose, aho WILL ue affecjed or mraued sneed ie te niemed. | alistaksholdes read to be Those Who Will have INPUT into the decision making process Considered when making degsiens © those who have AUTHORITY te make decisions. Common Feasibility Concerns Technical, Economic; Legal, Organisational, Scheduiing, @PRVECT SCOPE emAVAGEMENTT (Ae wEHK Yequized Mm eroducing me pojeasoutpHs) “> @bekining the end pomt of the project -outhning the deliverables controlling the ch = Ing Scope exec! e ing the changes to the Scope. preventing sy eh & PROJECT TIME MANAGEMENT Break down the project into its component activities ence. the activities rea resources for each achvily @Lsnmate duran of each activity © Develop « schedule ©contval the sdnedule, ® PAWECT coSy MANAGEMENT OE€shmate the costs @petermine a budget control the Costs continued in week 3) 7yuirermerts are defined up urements canve elaborated at periods nt before development int daring dehvery. A oo i crave Sgqgyeee Ove narwadaemae mown Page maemedaet Key siatahoiden ‘Key slekeholders are regularly volved Keg alateholdes ae comirwousty Sa neat ee —<—— © QUALITY MANAGEMENT ~ Quality management vystems = —Quaiity test © Unit Test— within each component © Integrahion Test-berween each component © System Test —alt components: @ User Acceptance Test Prior tw client sign off © puma ReSouRCE MANAGEMENT - What skills are required to 9et the project completed? — How do we procure mose who nave the Skills? OR How doe 1TOin people fo have Note stalls Bilis aetaacwe mig ask? How do we Sehedule te fogke To maxienige Re enntal Shine ‘each 7 Gahe nthe Fraject team do we 90 fo for this prevler”F TieSdouemshyste om humon rescurder is reduce quality wrk andfimsh on hme? @ COMMUNICATION Manacement Need to communicate? progress, changes, doun hme for current systems ® Risk manacement ~Tne (PACT the eventuanon oF Hh's riSk Would have on this project “Tre IKEUTogD = promatn at hoist ul erentune magic eRe SERN f dertoy snelene te MITIGATE Die, Qeantalive Tecmique - Frebabibity Iepact malik Quantitatwe Technique - Expected Moret s tees outcome “Een Wreck coy rmeamihnser) eased i oman eek Posbabitty@ PRYECT PRocURCMEN, MANAGEMENT — EnSUFe thal our procurement PIOCKICES align with Jour clenl’s prachces make procurement decision’ inthe “ight Order Standard operating environment Sree nome aen ereeaareanass ~ Thene tend Fs be all From the Same Vendor fins increasing the: mibiting bonacen He 5, ator ot ais eS oa en cecore rs eae TCP/IP & sUgNetTING Tee! 1P protocol suite {Vos moder ever | paren aver Toe 1 pRoTocot suite ApPlicanon Layer Presentation Layer | Application Lager wire FIe © sme ONS RIP SN Session Layer ‘Transport Layer Transport layer ree Une Nenork layer \ntomeriayer nae yey ene EOP ee Meme Dain unk tngey a Prgstal Lager ee se Grevmel — $er.ywieley LAN Frame Relay ATOM what 15 Socket ? 4 combination ot an Paadress,9 ranspetprevesl ret mamver 7% \na subnet, the NETWORK PORTION of wentical 105/ PORTION oF addresses unnqve fe nieaet - - 0100 0000 . 0010 0000.00 00 0000. (MIUple SubMet NexWorK —> 1100 oN - 0100 2000 . oo10 00: 00 AME BENEFITS OF USING SYGNETTING 192.168. 10 -o ' 255. 255.955 G2) l 1 Subtract the non .255 number from 256 eae 2 Man at zero count bythe result uals You get 256 0,32,<4,11, 160, | “These numbers becomethe as ele of ur r an eee our) 24,256 |) THis Fotos me basis of our netting table, conn i eIPv4 TROUBLESHOOTING ToOLs Tool Are Hostname, Ipconfig, Neksh Netstat Nstookup Fing Route Tracert Parnping Descriphon Allows you to views & edit the Address Resolution Protocol CARP) eache. The ARP cache Maps IPv4 addresses tv Media Access Contrel CAC) addlesses. Uindows uses These mappings te send dala on we, local nohwork Display the host hame of he computer Displays current Toe/ip configuration values far bol IRV « PVG. Also used ih manage ONEP conf grration « me DNS client resolver cache. Drags < alters you te adeninisier sebfingy for IRV or RE eneither the lecal computer or rinore compat Displays statinics omer information aboot curfent (v4 @ v6 connections QUES 4 ONS server Tots Irv or [Pv Gnnedivity » ste” [pv nodes AlteUs guute view The Local \PV4 & [PvE routing tables and Fo modify the leat IPv4 ung, Traces We route Mmat an v4 oF (PvE yQckOk takes te a destinanon Toes me route mat an pv or (PvE padket 1AKS fo a.dsstmation « displays information on PACKEK 103363 for each FOUTEY esubne ime pathSUBNET PLAN DESIGN Design rcaicuiasing sumer addresses! Gon oe * When determining subnet addresses you shoud z 1 [+ acts eemumber aan std ne ruber ot stnte eed 4 2 + Use 2" fo determine #e number of Subnels avollable From nbilg 8 3 GSecahont > gubners roared 16 4 32 5 cy i Zi 128 7 U 256 3 512 4 1024 1° + When determining host addresses: Af the 0 availabe Gakress of exers | crests eat ees er en frase he quriber a her ils wased om the mumbor of ha eat ps 0 Fae eee be aes subnet saimer 3186 Ley ss Fax£o LENGTH s¥anCl_mASK CTU K eee. 1A9.6y.32.0/24 on nee me pen SS iene arcu pum Hs MAN —P 16) Cheenane a bevmnns) se) 1D sete. yom erennes fam U3 -y8e Keo. © Dy P converting porrark bits fe hast bits SUPERNE TT ING © comtining Mutnore worsens snate nehons ‘oUNG OF KRYPTONITE = Af gov feudh ee fase pouet Iv SURERNE °° Subnets chasen for subnetting must be APIACENT «must CONSOLIDATE within upper boundaries. fee. uSe Duce? }> Cater for ‘nomadit’ users whe need te work at mumerous branches @ What are the essential IP AD UFAIONS fat must beset efre Cate fr nomad users ua nee e aetee eee cone Allow Fleutibly m IPaddress managersent He atcha « SNe mes wich afaine wl eet ereron ee Feet ae «erie CONFIGURE DHCP pints mabndl wade etal tts Configure @ client for AvTOMANG If CONFIGURATION, win oy a cere ae etihest eS = a wafowren amar se! ees od ir aurea met Atak ea OE mer in Os Sewer nares acaaway Discover packet x¢ broadcasted by DHCP chent Dice jr packet brondeastodes OnCP eves DCP REQUEST Ree 6 bondented Wy OHCP ant cP ch pckere bondvaate be Dee tever © tre client testo renew sian soth of the lease has expved = 8. DNce thent verde unicost DUCPREQUEST recrst DiicP instottowion . DCP server | sends @ unico DUCPAGK packs Stopes Othe cent eotiraes tory & Fema wting a unicast DHEPREGUEST eveshen® i im a Domai® Authonse Hye ONCE senver With a privileged aammt, Grea: ie echent fis ove As ete ae $75.0 he lence has ep DHCP -§cokor= ‘The CHCP lease generanon recess STARTS OVER AGAIN wath = OEP client 1S: {6 Otte dronstanmy att aes « Groaaensing © DNCPDSIOYER Connors fin aeresnc ina rol wu come fore the See Salone A server can nave many Scopes crops Con hevs numero peaks of addresses Crare) DCP Resewokiony NCR cackuneers..", lessen Mstledls ctccaled' sic same tf Text = store? cone deta mn te tes 2m 2208 3 nehva Directory Inieg Sn demain commer coe ee TONES -Oynamuic UPdoten 180 Padres of 9 0 tecovd ib 5 ner strech woe dares Sa eee ere 1 is ba Yolo sere gran weds NG ONES Switat nee ONS Quegies? ~~ > Queries are recursive, ov erative: TONS chenls & ONS servers mihale queries 7 DNS sewers quithoritative or non-outhorialive for a namespace 3 Ratheonve ong sores trp het tens ma one 7m authettoiv Dis see” cr mo hamesce ees: ohms the comysi IF oa Retuns an othon|ahve "No,"hat name doe nol east” > non -authonl ahve ONS Setvey for fhe namespace either: cae ous ins teams eter CSR CLS i ROCAYSWV - DNS Queries, Cowher « OS zerver recieves sEcuAGWe query, either Tettans the: roquived Yesuit oF ffums an CRROF, the O16 servo¥ does NOT ALFCR the ONS client feanother sever (en ONS Quenieg, See ale server recieves aan NIERATIVE queny,\ eaher vehats Ye ived vasult,oF iF retains A Fx CREA fo. ondther sever Mma *MiGhy vettumontatve for Me requested ay ne dla sored wing mitinaster” cr caOn, Cl orwmadrs oins Doma Name Sustem DNs Record Types Record Soa f Description Identifies te Sos of azane of author! Zone coritoun’ an SOA fesCuTCe recor "or tre zone file. which Taformnanign abu the zane: Gonfigaresvepeation enavtow'sand Sets We default Tm fr names the sone A ‘mars an raON te an IPvtsaddeess AAAA Ns vor me oes an FODN to an IPvG address for zone. N3 records indieale Primary SErvere fe he fone spect nf SOA ress icora, ond tog dale te Srv Ra am ‘one te eare atmo one oor oem (Mags an IP achteess te am FQUN for reverse. Tsorups Specifies an aliat (signongmous name) PTR came: Specifies q moitexchange Execule program Files Sislgned fe the everyone groups S ; Suter accounts fre sem) | ECE OF Fades etn the shared Wider >Creale folders AMEE mee | Sea sss € folders «fi 2 erform at scons permiled ty the Read Permission lidans Saas OL. > Change file permissions Aciault pension hal 90 fall | > rake obinershig of files. cel sls vend «henge remsuen “| > Rerformm al tasks accel bg the change peraisnonWHat iS PRINTER POD”ING? combines ip, Hhgin pines al asin ogien wi marca =soauees nk phos ae oe Sant er es eo Injernet Information Services is Microsat3 Ueb server Djshvbules documents ia the http frokocel Cice port 8) Relies om DNS metder te-hanslake URLs Alp paatresrey cutee server crs) PRIORITISING PRINTER USe WITH Wott Punters 2 More thanone Software printer can pant fo @ physical punter > sottaore ean ae agent gear mts « ner pamtins yocanrentie > Priority one is the lowest prority & 99 the hhest ApPLication GeeyeR Used foadd aynanic one feb rages conned wob rages to databases: ~Generaty needs SOL Sever also installed SHARE PERMISSIONS - impoviannt facto 2 In the Windows Servor far hich 15 the most restchve Aply only who gain access fo the: reseune over ly Wshon you create a now chared res0Urce,the EVEIYONE grap ig automatically assigned the Road permission, tne ne cents canted On NTFS el pormisuens ror Trey do not apy to UE iho fem focally, seh as on fermi server In hes ese ft ale & es m he shed rmoUre 4 man Te rare more dead Wl of Sci OME SARs oF beds nahn Gd se oe3S 4 fhe the navn Sea et wort esses on FIT FTSZ YOmees. hens S fis ove nck ouabie on Ft TAS. valu 1 Specs tne maamum Humber of USES Who OF alloyed fo OES te Shared reSHIRE wer Tho nehark-THS 15 im addlion to whe SECUNy Provided by ITSLOCHUR Sysadmins te Otganisemedata "#0 logical hueravelwes :¢ ACTIVE DIRECTORY Domain SERVICES Capps) 9 ” A UISHORICAL NetwoRK - Client Server All vesources are shared on the Server & controtied by the server ULJORKGROUDS - peer peor networt Fone passwotd for each user on every computer they access Every PG that Share a resource oc as a server aRevery PC that accesses a shared resource acts as a cient ACCOUNTS FUSER-every User Who logs on too Windows network ust have avalid user account FcOMPUTER - every compule® that corneas 10 Windows domain ‘Us have 0 valid Compuler axcount CECURITU PERMISCIONS © A part of the NTFS file system (6: cannot be used on FAT partitions “*Semetienes caled NIES permissions 2 ln.ays appa wether the user 1s foal.nehaork or remove rhtached object not the User account {© Permissions change with each objen tyre [ythere ave mang aitrerent: objects m (etive Drectory tach objec hos a set of permissions appiiable fe that object, NIFS Aue « Rotder PERMISSIONS Domains ¥ Resources cam Ue anyushere on he network ‘f Domai controler quinentionls wars « computer actaunt % Domain controler authorises acess to ressurces When applied fv a folder,enables _ when applied to a file, enables a Stondard Permission — security principal tos rity pinspaltv: Full Control modify the folder permissions > Modity the file permissions Tighe ohmersh ofthe elder | >Take ownership the le Yrefolder oT? & Flec@rtained sm > Perform all acons associated wath ail the other NIFS >Perform altactons associated with a file permissions the other NIFS folder perenssion3 Modity > Delete the Folder 2Modify the file >Perform all actions associated with > Delete the file >Perfoim all actions associated with the Wile & the Read & Geane permissnns ~ Read & Execute PNavigale through cestricted folds > POFForm alt actions associated with the Read permsion List folder contents to reach other Ales « Folde: > Perform all actions assodaied with the. Cad & list folaer contents Peron sions 7 VieW the names OF the files & sbfeides Contained in the folder Run applicafions. 2 Not apprenble Read > See the Files & subfolaers contained — Read the file contents ‘he folder >View the Ales ounershiP, pewmssions & altibstes >View) the Folders ounersnp,cermssons, Karnes, tonite rGreate new files & subfolders mide me >Overunie the Ale» folaer >modity the folder awibute. >View) the folders ounership & permissions Es ACCESS CONTROLUSS ‘wen user ne occa a confer, pt). the SID mth cess Token ove compared agent he GEL m ne Fishenomatch's made the degsion W permit oF deny the user access fo he Wbjer} made F IF Ro match is made, the wer denied. > modify Me file akibvt® > Wentne Files otmersiip & PerenistionsACCESS CONTROL LICTC AICTIVE DIRECTORY OBJECT Soca Cam ne Coes oralad baits Examples of objects in tis database: Vserscompulerstc Users Access Token Object: Secunty Deseuetr -Flwecan use AD ro central who ean: = ~Manane mese objets User iD Precast “ecoss ese obec Group SiDs sact ‘FWleean ase Adie deploy vohwore & confgarahans fo st of Privilege ee ‘Other Acces infor maten renee fee —— Bee | Satnate Sate seaenrss Installing a Domain = cr | Sec) Aaneeeeeerecre te oer ere healing User nccounts ee oe Sa Gps cee sore Ore Active. Ditectony Domoam Sevee (ood oles stalled fst, hen the server 1S promo ed 1 beastne @ Ovmain anieler reer 8, DOMAIN {porinclogy? DMA EOS NA v +e VPOuu Oy di FOREST THe tmp ih see deans we bond hay Me peeyctcel ere wre senc meee anise ‘ fc seer oe ee cane , Cc. | #8 Organisahonal Ui «coainer sth o diana inn ‘erp, her Us ee i ee DLGG RE SAO FUSER AccoMnt PROPERTIES: DOMAIN & FOREST funchonal ; Rrevrksy Logan houls testvis the Himes use's ean tog on Lagont... feshvicts Ihe compules users can fog en fe ecount expires means confraqors «aden cannot - He DceesS the Huston ater thea term expies J Every new version of Windows Server adds new atures. raleemtetanssi eased been % Smo feares ave ent cipatite tt Ne et Wesion a ater whe bad pastwerds. oF Windows * Seng amon amie Ges ntina Level ments Donn ae ting aca ena tevver versions frame ran Tang added we Dosa CREATING Coripuel accounts 4 Use DSA or AOAC to create a new computer account” Use Peusorshell fp create 4 nee decount New-ADComputer - name swWinJOPCS Provide squthorised™ credentials wheh Joning aPC. fo 4 Pomain Group scopes for Network adeain iS OM the next pageGROUP SCOPIS er B54 SCOPE DURPOSE LIMITATIONS the same domain ROLE = To group IDENTITIES User Accounts Gannok have members Ge user « computer accounts) | Computer accounts From another domain that have simitar Gtobal Groups, Global requirements RESOURCE User fasunts Jp | User Recounts Compuler Account 1 Computer (cshts. or D L To contro} neces fo Cisbad Groups Clobad Croups Bourccdl a Fesources (eg. files , Domain Loa! CevpS | Uyayersal Crops e: A on folders « printers) eee Domain Leal Te collec gioups from User Accounts, User accounts Do nok bejong to any one. Ulkiple doorains m the | Compuley Acwumls } Computer accounts domain but fo the whle Global Crovps Clobal Groups Prev Hence has 4h foro averhend mat cn sie all Des mm MHE forest deus Universal Universal Groups | Universal Groves(CU active piRECIORY, *porenons Set Se bom om erga We esrb soto y Foret leatnecen ponte sourat Puberte - pe meecthotete agon Scripts: database, jt epeasonrd doings en pase Se en me Sess oe pee meat nase enaemer ORGANISATIONAL UNIT STRUCTURE + madlltstly 00 tepocs came Sant iw ce Goal Jorarhng of Us 5 onary ned A pce < (0c location €9. AWs,USA. 3pm sere >on Uni 69 Sater, eamentng, Resouch ‘New: ADOryansvahionalint-nare HH pats "dc ss de-loea™ >ROOWEE Cg Servers Laptop.rC User WIERARCHY DETERMINED BY AL e °9°s Location > Unit > Resource CHANGING DerauLT LoCaty er ea % computer Recounts “eet etre ae asad on te Fila bbe a otay rest sig A Permissions assigned for on onject are pic Chick Hk) AK Formisyions astigned RY « parent sect are Inherit grey HekD ELaplicit rermusions everide fnrerted permissions PERMISSION Precedence, for Seuniy Permasins oltached ty on obgect D Developa group stmieay fur ths scenario: cxmnct Deny overndes Capes it i sais esate oes erent ne Covtea pay eves Cnentea Mos = v6 These ges , re eff achive accep Yahin qavances scnty EAE Fe siees eA = A The tation me enue seca neo IP yst don't share tre Ader/ printer ne user can acetis it ever newer. 1GGoHA Ui when meng GLOBAL trots Gut he sat DOrNA WH Levee accounts Bowery — UNIVERSAL em deceh ucomunk provpy Clogar. Arerrtacne Senet tes! fl he owst ESIRICIIVG ares romasiow te \Le carts pereissens atoucareaiteant eves ALLOW perenisHOns CaeNULINE Jroes porenlssions combine comes ease Lee eee: AERUNT 1S @'Emmer Of emEmrerind Mar et menie sig ena (sees = oils == sor STS ast romeGoya Potion, Object» How Permissions Combines 6 ¥ Sr (Bonk coreputor poticiey ; ‘race leans - inl (os Gowrie tor spe. Serge noes nh craters at 2 ai a ar toatl ove GROUP POLICIES Fe staenaecometill Mlb tila LEQEUTER CONG _ ir witsyomomens WW Few emanon SSS AMTAEN Soe 0 SOF _ Sa" ae 5 fatineave = 5s a g 2 perce eee 23 LX Q 9 Gy 9X2 mje 32 § Components of GRoup Policy ‘ a3 ~ computer configuration settings (When GPs Arey 23 —fepicaiion cam be based on wet cmt or ompet aout 3 73 ~Chnnet be scnampea” fe vot preeeeesas 28 - GPO have 2 components Crovawe rol ‘OGrove raticy Contemer — [herger Ceottputerluser) 2s ea geet one err oa Eat S tf EES! nats Bb hn 5 §: Sie ene seer eae oe Seen ))) Cat “AS net eeprose i storen mats posion, ane “Stata nse caste Be . eT Couns Seope —unlink/link GPO Settings, GPO CanBing,nroesan cn re prt ng bon rs Simple cadio baton criyst be bnete maura, 1 Dropdown list / Spimbox: p—* tenon 5 rca entgectaimemestion coterictteie DLEAULT GPOs Sue iemngs crrocsmoenninentones (“mir etautt domain policy -pre-tal f Damasn Senvere me eoubre meaenve: orp Datei Secu soos see SER SINTERS a) fatale car pig atte nai ees Bo Gfasetc paced nas seen ADRAAAW~ Po tink pecans fag ) CONTROLLING SCOPE tock unberitence, vat ne GPOs comfiqute et here er Blocking aheritance prevents GOs heked ong Peron coment From agptgng fe obs m he 0D “Overrides Blockmg lnmentance ‘Yu cannot selective bck = centtchng Seth Last applied wins! ‘merit ance, ov ean ants DH Nous “Head afqce'te wvernds rogue ‘he precedence |S opposite 10 the orders “Artleaior The CPO sth pace | os SO eee Troubleshookng GPOs ADMINICIRATIVE template, ADL —swerer athe: lanounses HF AIM -Xel files with nde fr The CPO =D. Seihaare deseleped ean erate re St Sweep inter Deployment with Gros Can be done vit the Pint Management conse > macro + tact peanenays GP PREFERENCE LEVEL TARGETTING Greve pc cna ‘ACH wierd ~ Security, FILIERING FILTERING oro, }Defauttis acmencoled users Co went nitrtng } Scope conve narra veplecry feu wine cmt Bod Allows preferences to mommies on nari Fee tee cians yeh no tert tears? eeRet Prackeey APPLYING DEFENCE-IN “DEPTH To INCREASE SECURITY for Defence -in-depth uses @ layered approsch fe security INCREASING SECURITY ‘Redvets an aftacte’s chance af Sucre Fulawthe principe of eas givens ‘aly reid tne Ferman needed Todo the pn0 nore Seperate densi avn Inereases am aitqekers 15k of detection mae PollcieS, procedures Baweroness | Seamty decamends, exer edueanon eer cee avg nr acnts,Ora npr rd eae ae toa Sen fatieew ae Resp admins come san {fae Sarees ees eects Perimeter forewolts,newok ct quarantine Sere eS yor ty out % Networks: Network segments, IPsec West Herein othetonden pate fp oesiag Scoacus pager fst may rar iminagenen cose ee cee ne ae Appheaton| AFPACANeN berSOnIS en Tend phihng emails este Dal ACLs , EFS, Bytoctar, backup /repore Procedures = WSUS \s 0 server role that confvalises « manages updates = faminisinies con 1 Updates belore appiowne mom Rr deplogmneet = me WSUS server downloads the updates fam Mert ‘Tm Daponcahony ~SAmEMED she deren daunlond spams Somme WSUS seer |p Arnieaken nerasning = Seeitgitvaneh mem vps se "eget Turn wenden a E02, ~ aetometicany Jovintoad vod = Bi aemsheatg wat coated) i cents fo use Wsus omrecons aeaag (Ree ae SECURITY AUDITING When ving Sec ty oudrng Yoh Secu nity elaled ean 9 Cankigutt imi motirg aesanns woo oar mses pA HONS “Tiller Sear CHEM fog m vent where oes mee sect seme ere CONFIGURING RESTRICTED Gnoves GrOUP POLLY Can contol group members hip “for any group on 4 Pomainjojned computer, by applying 2 91 UP policy, ‘object Cepo) tome OtgenITalonal Unt COU) cenloonng ‘Me camels econ Ter any siovp Apps, by aPPlyiNg & GPO YIM Panain Contveters ou ‘Woe options ~membes of this group gr ee pony Ins any sa merase of ~penmancaiigmarepourmmenter & he: gets RESTRICTING SOFTWARE ACCOUNT POLICY SETTINGS % Apptaoker mikgate the threat of bYUle Gree hackh> econ confousin\ pel winds sefngsiicont sefinor\eeyton cnbt\ police Verde SETS + REE Seppe Peat Son se aL ROU of eof sewn Stentor «peat carga, FASSUNOF Gobet coments KWAME of 7 = ye ene rom Apacer m meat onde hich al It 208 rach who Sumy The Soffer (Marx parsword age fis Ounainacss Camps agen een BEN ions, aoe Saar Giese, % Software Resbiction Policies tiene cankgerahonyetiesa wndond sles slings [ieee Secrest orate res cot aperiale Reo ‘tam snagpten asavied Ce reel He0Unt canna reaenny arr alterap> AF Don rum specihed windows Ayplication estat Bee nee Cornet eahguratin \puiial aminsyave ferploasten ort an paid eds applicationLECTURE: 10 Re QULC & FIVE NINES Industry stondovra fr Telecommentcations { “servers sheuld be available aaann7: of Te hm: PROFFESSIONAL Soeumontontion. oer ae es ty Seam 5 SCO dau nme po BO sick Recove aeons ereres eee ae WINDOWS SHER Backup Mies SoC Posey wet arte anneded Yo he neon what pas oe 2 ade oo PuIYSiCnt OCSIGN- Blegrst af networr.came, cabins, i Use fo backsy systems volumes or fades) backup feature 3 Srvc ptpints- wel Ta have bem den, when iho Backup te ives #1 Aeon fe ita te 3 aimmustyton Souk: Inner tsar at = Rojre fom backup when pera Seen meatunces- feteranceremawnens oesuinnd Corasie hela omen i fans ahh Gry NIVS_ e8P mainte a history of Ale versions ba epsing “+ Yee Siaherntig wilqamss ea se ei ee Aste ohm es ce ‘Petes cet teen meRCENEY ACCOUNT oEIAI shee my me Windows Recovery Environment + Storage spaces — Windows RE 1s aparhal version of ne RAID 0 - Disk Stripping Sat ee] re ZL | Geta = mimam of 2 as vegeta itunes space freon tee oc more dives & Opecating Jyster etiana tees SES eed a = pleinsfalled for Win4eHs 10/ windows Sevver so — Jou cam confignte, Sime ss, timared space a8 ro Pang Space oni geet rage Be ey eee ‘ean boot int® Wins u RE se Windows Compict® Pe peers -setere get server fom backer “Winders Menery Diagneshe Tok check ys Peoria Beet coe REFS CResitient rite System) ee batalla ose Fle ter eared wr eiocs Sere eet replace corrupt Ales admmnrshator ESS "at es marth pene ie Say ene RAID 1 Disk minoring, See attain a ashen btn the oem nay ete nen te Reai-hne ve Le9ged mentoring a Bee encase ed Eee ES Toscan een cose meee (Ma eng reey eee atet epee Ka ES Bre ee reshaping anes sown Peace Pe aig coerce esata ato ‘ayo ripen 2a edt a Poder sume ee eee eae Sara Joe rert aa ean © Neatatlenecrs canbe denned ecxted ep nay sc eras) 5 Disk Shipe with RDS port pont ~Gives immediate Feedback on RAM, pece¥oY B H Gan be eo iaenity merry € preter “hea Feal Hime - Resource mowiten 5 epee pa Se eamete neecececiet ofa RE Se ne lmwewed percrmance ead ta et Real HMe - ketiaoiity & perfomance “Nin spats ena Oees ecoaiL = Adds ANS performmnct fo mehics a) v RAID 140 = Use re ideanty “hom for me four prmary S® 93K e140", memory, ehsical ask, topical Performance ae) auc, fae impart Ce eh c- ( ee = ec ra 2 Pwpentien — Stop endihon— “ = Monitoring can be Shaded te evion . ee PROPERTIES -tanas Re ae cie ee Counten (ag Prspeuces Account mist ve. Member 9t the ‘Trekwonpe noes Se CHUNIET 1093 may be wmf ‘omy a einge es bine “Resign penod 6 hes) ‘RommNISTRATONS or PERFORMANCE 16 U3EHS ‘Espen botienedk mes 5 = By certain Qrmmomnt of dala Comb)