ComputerSecurityStudent (CSS) [Login] [Join Now]


|WINDOWS >> Windows 2008 Server >> Current Page |Views: 20878

(Windows 2008 Server: Lesson 14)

{ Security Configuration Wizard }

Section 0. Background Information
  • Overview 
    • Security Configuration Wizard (SCW) is an attack-surface reduction tool included with Windows Server 2008 R2 and Windows Server 2008.

     

    • SCW guides administrators in creating security policies based on the minimum functionality required for a server's role or roles.

     

    • This guide provides step-by-step procedures for using SCW to create and apply a security policy to a prototype server in a test environment.
       
Section 1. Login to your W2K8 server.
  1. Edit Virtual Machine Settings
    • Instructions
      1. Click on W2K8
      2. Click on Edit virtual machine settings

     

  2. Edit Network Adapter Settings
    • Instructions
      1. Click on Network Adapter
      2. Click on Bridged: Connected directly to the physical network.
      3. Click OK.

     

  3. Start your Windows 2008 Server
    • Instructions
      1. Click on W2K8 Server
      2. Click on Play virtual machine

     

  4. CRTL + ALT + DELETE
    • Instructions
      1. Virtual Machine
      2. Send Ctrl+Alt+Del

     

  5. Login as Administrator
    • Click on the Administrator icon.

     

  6. Login
    • Command: Provide the password for the Administrator account.

 

Section 2. Start the Security Configuration Wizard
  1. Opening the Security Configuration Wizard
    • Instructions:
      1. Type "scw" in the search box.
      2. Click on "scw" under Programs.

     

  2. Welcome to the Security Configuration Wizard
    • Instructions:
      1. Click Next

     

  3. Create New Security Policy
    • Instructions:
      1. Click the "Create a new security policy" radio button.
      2. Click Next

     

  4. Select a Server
    • Instructions:
      1. Just take the default name.
      2. Click Next.

     

  5. Processing Security Configuration Database
    • Instructions:
      1. Select Next

 

Section 3. Role-Based Service Configuration
  1. Role-Based Service Confirguration
    • Instructions:
      1. Select Next.

     

  2. Select Server Roles
    • Instructions:
      1. Under the View: drop down box, select "Selected roles"
      2. Make sure the following roles are selected.
      3. Click Next.

     

  3. Select Client Features
    • Instructions:
      1. Take the Default Selections
      2. Click Next

     

  4. Select Administration and Other Options
    • Instructions:
      1. Take the Default Selections
      2. Click Next

     

  5. Select Additional Services
    • Instructions:
      1. Take the Default Selections
      2. Click Next

     

  6. Handling Unspecified Services
    • Instructions:
      1. Select "Do not change the startup mode of the service" radio button.
      2. Click Next

     

  7. Confirm Service Changes
    • Instructions:
      1. Select "Changed services"
      2. Click Next

 

Section 4. Network Security
  1. Network Security
    • Instructions:
      1. Click Next

     

  2. Network Security Rules
    • Instructions:
      1. Select All Rules
      2. Click Next

 

Section 5. Registry Settings
  1. Registry Settings
    • Instructions:
      1. Select Next.

     

  2. Require SMB Security Signatures
    • Instructions:
      1. Select both check boxes.
      2. Select Next.

     

  3. Require LDAP Signing
    • Instructions:
      1. Do not select the check box.
      2. Click Next

     

  4. Outbound Authentication Methods
    • Instructions:
      1. Click the Domain Accounts checkboxes
      2. Click Next.

     

  5. Outbound Authentication using Domain Accounts
    • Instructions:
      1. Click the Windows NT or later operating system checkbox.
      2. Click Next.

     

  6. Registry Settings Summary
    • Instructions:
      1. Click Next

 

Section 6. Audit Policy
  1. Audit Policy
    • Instructions:
      1. Click Next.

     

  2. System Audit Policy
    • Instructions:
      1. Click on the "Audit successful an unsuccessful activities" radio button.
      2. Click Next.

     

  3. Audit Policy Summary
    • Instructions:
      1. Click Next.

     

  4. Save Security Policy
    • Instructions:
      1. Click Next.

     

  5. Security Policy File Name
    • Instructions:
      1. Take Default Location
      2. Click Next.

     

  6. Security Policy File Name
    • Instructions:
      1. Name the Security Policy Your Name.  (See Below)
      2. Click Next.

     

  7. Apply Security Policy
    • Instructions:
      1. Click Apply later
      2. Click Next

     

  8. Completing the Security Configuration Wizard
    • Instructions:
      1. Click Finish

 

Section 7. Proof of Lab
  1. Open a Command Prompt
    • Instructions:
      1. Type "cmd" in the search box.
      2. Click on "cmd" under programs.

     

  2. Proof of Lab
    • Instructions:
      1. cd "C:\Windows\security\msscw\Policies\"
      2. dir
      3. date
      4. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • E.g., echo "John Gray"
    • Proof of Lab Instructions:
      1. Do a PrtScan
      2. Paste into a word document
      3. Upload to Moodle.


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth