security policy templates
tctech
Member Posts: 20 ■□□□□□□□□□
I had a question on security policies asking to match the correct template to the right OU.
it only asked for basic and default security on the whole network. I had to match the correct policy to the domain.com , dc's ou, clients ou, servers OU. It never said to use Secure or Highsec... so I ended up picking these 'basicdc.inf' and 'basic*.inf' templates which now I'm thinking that these are fake.?? An I shoudl have just used setup security.inf for all OU's ?? Even the domain ?
anyone know what i'm talking about?
I definetally need for review here.
basic*.inf's don't even exist do they?? There not defaults?!?
it only asked for basic and default security on the whole network. I had to match the correct policy to the domain.com , dc's ou, clients ou, servers OU. It never said to use Secure or Highsec... so I ended up picking these 'basicdc.inf' and 'basic*.inf' templates which now I'm thinking that these are fake.?? An I shoudl have just used setup security.inf for all OU's ?? Even the domain ?
anyone know what i'm talking about?
I definetally need for review here.
basic*.inf's don't even exist do they?? There not defaults?!?
“I learned there are troubles of more than one kind, some come from ahead, and some come from behind…. But I’ve bought a big bat. I’m all ready you see. Now my troubles are going to have troubles with me!” - Dr. Seuss
Comments
-
Danman32
Member Posts: 1,243
I would have to see the exact wording of the question. Sounds like it was worded that could trick you.
Default security template is never a good idea to deploy through a GPO, as it is quite large. -
sprkymrk
Member Posts: 4,884 ■■■□□□□□□□
To see the default security templates:
Start > Run > MMC
File > Add/Remove Snap-In
Add > Select "Security Templates" > Add > Okay
Expand the + sign a couple of times and you'll see 8 of them.All things are possible, only believe. -
tctech
Member Posts: 20 ■□□□□□□□□□
i see 7 ...
so which policy is considered a default?
setup security i assume“I learned there are troubles of more than one kind, some come from ahead, and some come from behind…. But I’ve bought a big bat. I’m all ready you see. Now my troubles are going to have troubles with me!” - Dr. Seuss -
Smallguy
Member Posts: 597
they were probably looknig ot see if you knew yuor templates
take a look at
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_scedefaultpols.mspx?mfr=true
as you can see there are different levels of security and thus different templates there are also workstation and DC templates for each security level
security is always a comprimise between securing the system and useability legacy apps generally will not run in if the Highsecws tempalte is applied so you might need ot comprimise the security a bit inorder to have operability
after all a 100% secure environment doe;snt exist...because yuo could not use the machine -
tctech
Member Posts: 20 ■□□□□□□□□□
thanks for the link... it was defiinetaly a trick question...
i still dont know the exact answer but that ok... i dont want to break any rules here.
thanks for the help“I learned there are troubles of more than one kind, some come from ahead, and some come from behind…. But I’ve bought a big bat. I’m all ready you see. Now my troubles are going to have troubles with me!” - Dr. Seuss
