Auditing Security and Controls of Windows® Active Directory® and Group Policy Objects
Published in 2005
Book
Paperback/Softback
112 pages
978-0-89413-565-1 (ISBN)
Description
Most companies run at least some, if not all, Windows computers, and the vast majority also use Active Directory to control the network environment. This includes control over the network, security, and access to resources. It is important to understand that the domain model has changed dramatically from Windows NT 4.0 to Windows 2000 and Server 2003.
This handbook focuses on the Active Directory infrastructure itself, as well as Group Policy Objects (GPOs). It is ideal whether you have never audited Windows Active Directory or GPOs or if you have done so a couple of times. This handbook will:
Expand your knowledge and push the limits of what your audit program includes.
Expose all of the nooks and crannies that need to be audited.
Solve issues regarding security control points, understanding of AD, function of GPOs, and target goals.
Teach you the terminology that can help you gather more information, perform better interviews, and help make your audit more efficient.
Pinpoint where each control point resides for a server.
Discuss how to structure the audit with regard to the aspects of the domain.
Lay out a detailed audit plan that will allow you to take the knowledge you learned and put it into action.
This handbook focuses on the Active Directory infrastructure itself, as well as Group Policy Objects (GPOs). It is ideal whether you have never audited Windows Active Directory or GPOs or if you have done so a couple of times. This handbook will:
Expand your knowledge and push the limits of what your audit program includes.
Expose all of the nooks and crannies that need to be audited.
Solve issues regarding security control points, understanding of AD, function of GPOs, and target goals.
Teach you the terminology that can help you gather more information, perform better interviews, and help make your audit more efficient.
Pinpoint where each control point resides for a server.
Discuss how to structure the audit with regard to the aspects of the domain.
Lay out a detailed audit plan that will allow you to take the knowledge you learned and put it into action.
More details
Language
English
ISBN-13
978-0-89413-565-1 (9780894135651)
Person
Derek Melber, MCSE, CISM, is one of the leading technical instructors, authors, and consultants in the nation, with an innate understanding of how to decipher, organize, and communicate complex issues.
With a master's degree from the University of Kansas, Microsoft® Certified Systems Engineer Certification, CISM, A+ Certification, Microsoft® MVP, and 10 years of solution development, training, public speaking, sales, and management experience, he has used his experience and knowledge to write numerous books on Windows Active Directory, Security, Auditing, and certifications. He provides custom training on Windows Security, auditing, Active Directory, Group Policy, and administration. You can also visit his online training for Auditing Windows Security at www.auditlearning.org. He is a contributing editor to ESJ newsletter, RIAG Journal, IT Audit newsletter, and various other publications. He is a frequent speaker at various conferences, including those for The Institute of Internal Auditors, TechMentor, and MISTI. Mr. Melber has taken his years of experience to develop the only Web site dedicated to Windows Auditing and Security, www.auditingwindows.com. The Web site links to his book series on Auditing Windows Security, his publications, and online training. The Web site keeps up on the pulse of Windows security, providing documents, applications, and other resources to the auditing community. He has developed and trained individuals from the most prestigious organizations and corporations around the world, including AT&T, Boeing, Intel, Citibank, Walt Disney, United Airlines, Hewlett- Packard, Compaq, Sony, the Department of Education, all branches of the U.S. military, and even Microsoft® itself.
With a master's degree from the University of Kansas, Microsoft® Certified Systems Engineer Certification, CISM, A+ Certification, Microsoft® MVP, and 10 years of solution development, training, public speaking, sales, and management experience, he has used his experience and knowledge to write numerous books on Windows Active Directory, Security, Auditing, and certifications. He provides custom training on Windows Security, auditing, Active Directory, Group Policy, and administration. You can also visit his online training for Auditing Windows Security at www.auditlearning.org. He is a contributing editor to ESJ newsletter, RIAG Journal, IT Audit newsletter, and various other publications. He is a frequent speaker at various conferences, including those for The Institute of Internal Auditors, TechMentor, and MISTI. Mr. Melber has taken his years of experience to develop the only Web site dedicated to Windows Auditing and Security, www.auditingwindows.com. The Web site links to his book series on Auditing Windows Security, his publications, and online training. The Web site keeps up on the pulse of Windows security, providing documents, applications, and other resources to the auditing community. He has developed and trained individuals from the most prestigious organizations and corporations around the world, including AT&T, Boeing, Intel, Citibank, Walt Disney, United Airlines, Hewlett- Packard, Compaq, Sony, the Department of Education, all branches of the U.S. military, and even Microsoft® itself.