Security Configuration And Analysis Troubleshooting

By Author: fiona
Total Articles: 191
Comment this article

Table 13-9 describes some troubleshooting scenarios related to security configuration and analysis.
Use RSoP to check what GPO is affecting the computer.
Check the log file, located in CompTIA Security+, to identify specific errors that occur during policy propagation to the computer.
Find out which accounts are invalid. Open Microsoft Notepad and open the file at %6ystemroo^°/o\Security\Logs\Winl-ogon.log. The Windows Server 2003 family and Windows XI3 create this file by default during policy propagation. Search for error 1332, which indicates the account names that could not be resolved. Then remove the unresolved account names from policies in your domain. If the accounts are in the Default Domain or Domain Con?troller GPOs, you can edit the policies in the Security Set-tings node of Group Policy to remove these account names. If the accounts exist elsewhere, you might have to browse through all GPOs defined in the domain and remove them individually.
Exercise 3: Analyzing System Security and Viewing the Results
In this exercise, you analyze ...
... system security, comparing the settings in the security template Securedc.inf with the security settings currently running on your system. Then, you view the security analysis results.
To analyze system security and view the results
1.Use the procedure provided earlier in this Security+ certification lesson to analyze system security.
2.Double-click the Account Policies node, and then click the Password Policy security area.
In the details pane, what is indicated in the Policy column? In the Database Setting column? In the Computer Setting column?
The Policy column indicates the policy name for the analysis results. The Database Setting col?umn indicates the security value in your template. The Computer Setting column indicates the current security level in the system.
In the Policy column, what does the red X indicate? What does the green check mark indicate?
A red X indicates a difference from the database configuration. A green check mark indicates consistency with the database configuration.
Security configuration applies the stored template configuration in the security configuration and analysis database to the local computer.
You are about to cause an automated shutdown of Server2 by running the script inside the Secure folder. The script simply creates, copies, and deletes two files 500 times. This may take a few seconds, so be patient. The activity is more than enoughNetwork+ certification to fill the 64 KB security log. Once that log is full, the server will shut down.