【 摘 要 】

As the threat to computer systems increases with the increasing use of computers as a tool in daily business activities, the need to securely configure those systems becomes more important. There are far too many intruders with access to the Internet and the skills and time to spend compromising systems to not spend the time necessary to securely configure a system. Hand-in-hand with the increased need for security are an increased number of items that need to be securely configured. Windows 2000 has about seven hundred security related policy settings, up from seventy two in Windows NT. While Windows 2000 systems are an extension of the Windows NT 4 architecture, there are considerable differences between these two systems, especially in terms of system and security administration. Operational policy, system security, and file security are other areas where Windows 2000 has expanded considerably beyond the domain model of Windows NT 4. The Windows NT 4 Domain model consists of domains of workstations that, with a single login, share resources and are administered together. The database of user settings and credentials resides in the domain server. Domains can trust other domains to expand the sharing of resources between users of multiple domains. On Windows 2000, the domains still exist but multiple domains that share trust are combined into Domain Trees and Domain Forests depending on how the logical namespace is divided. These trees and forests are combined under a new object called Active Directory. Domains themselves are broken down into Organizational Units. As such, there are more levels at which security policies can be set and for which information sharing can be controlled.

【 预 览 】

附件列表

Files	Size	Format	View
15002764.pdf	6727KB	PDF	download