123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Designing Iis Security Baselines

Profile Picture
By Author: unknownmem
Total Articles: 128
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Securing IIS involves a combination of developing security for Microsoft 70-620(http://www.mcts-70-620.com)
and using US specific knowledge and controls. Windows Server 2003 hardening baselines were introduced in Chapter 8. This lesson focuses on designing security for IIS. This lesson goes beyond the simple IIS incremental template mentioned previously and provides specific baselines for IIS services.
Do not enable services that were disabled to conform to the recommendations evalu-ated in Chapter 8 or because of other considerations. Evaluate additional enabled services to see whether they can be disabled as well. Some services that should be evaluated include the following:
The server update process should be reviewed for Web servers. You can choose a different path for Internet servers than for intranet servers. All Web servers should be updated; however, you might want to develop an update process that is specific to MCTS exam(http://www.mcts-70-620.com)
Web servers. Critical Web servers might be running specialized software and hardware, which can result in issues with updates.
A higher ...
... degree of testing might be necessary. In addition, unexpected downtime because of some problem with an update might have a higher cost than if the
same specialized software or hardware were located on a less critical server. For these reasons, consider disabling the automatic update services, but do design an update process.
The Background Intelligent Transfer Service (BITS) is used to provide background file transfers. It is used when automatic updates are enabled. If auto-
matic updating is disabled, this service should be disabled as well.
This service is used to allow Administrators and Backup Operators remote access to the registry. In a high security server, such as an Internet server, disable this service and provide alternative remote management methods, or require administration from the console.
Do not install terminal services in application mode. If terminal services is required for administration, it is available in administrative mode.
You do not want ordinary users to be able to obtain free Microsoft IT certification test questions(http://www.examshots.com/vendor/Microsoft-1.html)
terminal services access to the Web server.

Total Views: 226Word Count: 324See All articles From Author

Add Comment

Computers Articles

1. How Do You Choose The Right Customer Service Management Software?
Author: CRM-MASTERS

2. Unveiling The Power Of Seo: Why Your Business Can't Afford To Ignore It
Author: kylieholbeck

3. How To Check Your Airtag Location History: The Complete Guide
Author: Jason

4. Master The Art Of Video Editing: Free Course Unveiled!
Author: premiereboyz.online Ratnesh Yadav

5. How To Choose The Right Magento Website Development Company For Your Needs
Author: Web Panel Solutions

6. The Advantage Of Hiring The Services Of A Zoho Integration Consultant
Author: CRM-MASTERS

7. Driving Efficiency: Role Of Car Repair Software In Modern Automotive Workshops
Author: Role of Car Repair Software

8. Future-proofing Your Business With Structured Cabling Upgrades
Author: hartnettcrews

9. The Benefits Of Voip For Small Businesses: Cost Savings And More
Author: Sandip Patel

10. 4 Ways Pharma Data Analytics Helps Streamline Business Decision-making
Author: Giselle Fernandes

11. Spicing Up Rummy- Exploring Variations For Your Mobile Game
Author: John Stone

12. Should You Change Your Hdmi Cables When You Upgrade Your Tv
Author: Jennifer Truong

13. Acer Laptop Services - Why Acer Service Center Is More Important For The Laptop
Author: Rahul Tripathi

14. Accounting Client Management Software
Author: Robert

15. Easy Steps For Msme Registration In India: Your Quick Guide
Author: Udyam

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: