Security Configuration And Analysis Best Practices

By Author: fiona
Total Articles: 191
Comment this article

The following are the best practices for working with 70-686 exam Security Configuration And Analysis:
If you often need to analyze a large number of computers, such as with a domainbased infrastructure, use the Secedit command-line tool.
Only use Security Configuration And Analysis to configure security areas not affected by local Group Policy settings. This includes areas such as security on local files and folders, registry keys, and system services. Otherwise, the settings configured through Security Configuration And Analysis will override the local settings.
Do not use Security Configuration And Analysis when you are configuring security for a domain or an OU. Otherwise, you must configure each client individually. In that case, you should use Security Templates to create a template and apply it to the appropriate GPO, or use the Security Settings extension to Group Policy to edit individual security settings on a GPO.
To access the Security Configuration And Analysis console
1.Use the procedure provided earlier in this lesson to access the MCITP ...
... Security Configuration And Analysis console. Name the console Security Configuration And Analysis.
2.Close and save the console. Then access the console from the Administrative Tools menu.
Exercise 2: Setting a Security Configuration and Analysis Database
In this exercise, you determine a security configuration and analysis database to use.
To set a security configuration and analysis database
1.Use the procedure provided earlier in this lesson to set a security configuration and analysis database. Create a new database called New Configuration.
Import the Securedc.inf security template into the security configuration and analysis database. The New Configuration database is now the security configuration and analysis database, and it contains the Securedc.inf security template.
The child domain, dev.tailspintoys.com, is where the accounts and resources for employees involved in research, engineering, and support reside. This domain consists of four domain controllers running Windows Server 2003, six Windows 2000 member servers, and 300 client machines running Windows XP Professional. The member servers include three application servers and three file servers. The file servers contain large amounts of data, including many confidential development documents. These CompTIA documents contain trade secrets regarding new toys.