Consider The Use Of Local Accounts

By Author: unknownmem
Total Articles: 128
Comment this article

In some organizations or for some servers, local accounts are used to administer the computer or the server MCSE 2003 applications. Local accounts cannot be eliminated entirely, and therefore an attacker might attempt to compromise them. An attacker with the password for a local administrator account can do a lot of damage to the data and processes running on that computer. She might also be able to use the local administrator account to elevate her privileges in the domain. To defend against an attack on local accounts, use a GPO and establish an account policy for local accounts in addition to the account policies for domain accounts.
The local Administrator account can be disabled in Windows Server 2003; how?ever, in safe mode, the local administrator account is enabled. Although booting to safe mode requires physical access to the computer, you should still assign a strong password to the
free Security+ practice exams
It is easy to get confused when talking about security policies because the ...
... term security policy is used to mean different things in different contexts. First, there is the organization's security policy. This is a collection of statements that identify the broad security concepts that all employees must follow. These statements are recorded in a document. Second, there is the security policy that can be designed and implemented by using technical controls in a Windows Server 2003-based computer, domain, and forest. These security policies are often implemented via the use of Group Policy policies, by applying security settings using Security Con?figuration and Analysis, or by directly configuring security using one of many server, domain, or server application tools. In this chapter, when the words security policy or security policies are used, they represent a reference to the written security policy document that belongs to the free practice exams for MCTS organization.