Guidelines For Analyzing Authentication Requirements For Windows Clients

By Author: Elizabeth
Total Articles: 286
Comment this article

Authentication by Windows computers (computer authentication) and by users using Windows computers microsoft exams is discussed in Chapter 3 (IPSec), Chapter 6 (authentication infrastructure), Chapter 7 (remote access and VPNs), and Chapter 12 (wireless networks). These chapters define Windows authentication protocols, remote access authentication protocols, and 802.Ix wireless authentication. Analyze the fol?lowing Windows clients authentication needs:
Analyze wired clients located on the LAN. Consider authentication requirements
and capabilities.
Determine whether wired clients can use Kerberos and NTLMv2.
If clients cannot, can they be configured to do so?
Analyze secure client and server authentication processes as much as possi-ble, considering security policy, client capabilities, and administrative ability to harden clients.
Analyze the availability and need for going beyond passwords to using smart cards, biometrics, or token-type devices for a higher level of security.
Analyze whether cached credentials will be allowed when there are ...
... problems with network access to domain controllers. Unless restricted, Windows clients cache successful authentication credentials that can be used to log on should a domain controller not be available.
Analyze wireless windows clients. Wireless clients often require a relaxation in authentication requirements A+ Exams for computing devices and computers. Some wireless clients, for example, use a four-digit PIN number as authentication. Your password policy might require a longer length. Other wireless networks do not require authentication at all. Consider upgrading or adding updates that provide 802.Ix wireless authentication. Consider products that improve the authentication capabilities of wireless devices.
Analyze windows clients that will be used to remotely access the network. Windows clients can be configured to use Point-to-Point Protocol (PPP) authentication, but consider which ones can connect using smart cards or other more secure forms of authentication.
Analyze clients that will be used both on the LAN and remotely. These clients will need to be evaluated for both LAN and remote authentication needs.
Analyze computer authentication using certificates. Can all clients use certificates for LAN-based secure connections using IPSec? Can all remote clients use certificates across a Microsoft exam dial-up connectio