Home‎ > ‎CIS 194‎ > ‎

Lesson 10: Securing Windows

Presentation slides are here

Objectives
  • Understand the authentication mechanisms that Windows 7 can use.
  • Configure password and account lockout policies.
  • Configure Windows Firewall.
  • Use Encrypting File System.
Vocabulary
authenticated exception A firewall rule that allows traffic only when the connection between the communicating computers is secured using IPsec. 

brute force A password penetration attack in which a software program tries all of the possible passwords until it finds the right one. 

filter In Windows Firewall, a feature that enables users to display rules according to the profile they are associated with, their current state, or the group to which they belong.

firewall A software routine that acts as a virtual barrier between a computer and the network to which it is attached. A firewall is essentially a filter that enables certain types of incoming and outgoing traffic to pass through the barrier, while blocking other types.

malware A generic term for any software created or distributed with malicious intent. 

multifactor authentication A system that requires users to confirm their identities in two or more ways.

Personal Identity Verification (PIV) A standard for smart card authentication, published by the National Institute of Standards and Technology (NIST).

private key In public key encryption, the secret key in a pair of keys, which is known only to the recipient of a message or file and used to decrypt it. The relationship between the private and the public key is that when a message is encrypted using the private key, only the public key can decrypt it. The ability to decrypt the message using the public key proves that the message originated from the holder of the private key.

public key In public key encryption, the public key in a pair of keys, which is known to everyone and used to encrypt a message or file. The relationship between the public and the private key is that when a message is encrypted using the public key, only the corresponding private key can decrypt it. 

rules In a firewall, instructions that specify which packets are allowed to pass through the firewall and which are blocked.

spyware A type of software that gathers information about computers and their users and sends it back to another system.

user rights Specific operating system tasks, such as Shut Down the System or Allow Log on Through Terminal Services, which can only be performed by certain users designated by a system administrator.

Windows Biometric Framework A new component in Windows 7 that provides a core biometric functionality and a Biometric Device control panel. 

Comments