Join Mike Chapple for an in-depth discussion in this video Account policies, part of CompTIA Security+ Exam Prep (SY0-401): Access Control and Identity Management.
- View Offline
- Security professionals may take advantage…of account policies to apply security requirements…and other configuration settings across the domain.…Windows Active Directory provides group policy functionality…to allow this type of configuration.…Administrators may create Group Policy Objects,…or GPO's, which are groups of configuration settings…and then apply those GPO's to either an entire domain,…or smaller groups of users and computers…known as organizational units.…
Let's create a Group Policy Object together…on a Windows server.…We'll work together to design a policy…that requires the use…of a password protected screen saver for all users.…From Server Manager, we pull down the Tools menu…and choose the Group Policy Management tool.…We drill down to our domain, corp.TestDomain.com,…and expand the Group Policy Objects folder.…Notice that there are only two default policies here.…
We right-click on the folder,…and choose New from the pop-up menu.…Let's give our GPO a logical name,…say Screen Saver Policy, and click OK.…
Author Mike Chapple, an IT leader with over 15 years experience, introduces identification methods such as usernames and biometrics, as well as authentication methods to verify users, including multifactor authentication, password authentication, and single sign-on. He also discusses authorization concepts such as mandatory and discretionary access controls, which can help you restrict access to sensitive parts of your network. The course also covers best practices for ongoing account management, such as establishing a good password policy, managing user roles, and monitoring accounts, and what to do when you need to suspend or terminate access.
NOTE: We are now a CompTIA Content Publishing Partner. Our training prepares members to pass CompTIA certification exams and become qualified IT professionals. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Setting policies for usernames and access cards
- Implementing biometrics
- Combining authentication factors for multifactor authentication
- Using a Kerberos access control system
- Using access control lists such as Windows NTFS file permissions
- Role-based authorization
- Implementing account and password policies