Home‎ > ‎CIS 195‎ > ‎

Lesson 12: Security Policies

Presentation slides are here

  • Configure User Rights Assignment 
  • Configure Security Options settings
  • Configure Security templates
  • Configure Audit Policy
  • Configure Local Users and Groups
  • Configure User Account Control (UAC)
Admin Approval Mode: When an administrator attempts to perform a task that requires administrative access, the system switches the account from the standard user token to the administrative token.

auditing: The process by which administrators can track specific security-related events on a Windows Server 2012 computer.

credential prompt: When a standard user attempts to perform a task that requires administrative privileges, the system displays a credential prompt requesting that the user supply the name and password for an account with administrative privileges.

elevation prompt: The User Access Control message box. This confirmation prevents unauthorized processes, such as those initiated by malware, from accessing the system using administrative privileges.

Gpupdate.exe: A command-line tool that enables you to immediately invoke settings from GPOs you have modified.

refresh interval: The amount of time that elapses before a system updates its Group Policy settings by reprocessing GPOs.

secure desktop: An alternative to the interactive user desktop that Windows normally displays. When Windows generates an elevation or credential prompt, it switches to the secure desktop, suppressing the operation of all other desktop controls and permitting only Windows processes to interact with the prompt. The object of this is to prevent malware from automating a response to the elevation or credential prompt and bypassing the human reply.

security template: A collection of configuration settings stored as a text file with an .inf extension. 

User Account Control (UAC): A Windows Vista security feature that prevents user accounts from exercising administrative privileges unless they are specifically invoked by the user.