Professional Documents
Culture Documents
.msc: Disk Management dfrg.msc: Disk Defrag eventvwr.msc: Event Viewer fsmgmt.msc: Shared Folders Certificates (Q/l chng th s ca my xa) Computer Management (Qun tr Computer xa) Device Manager (Q/l cc thit b ca my xa) Disk Management (Q/l a v cc phn vng Logic trn a cng ca my xa) Event Viewer (Xem cc nht k ghi li s kin v h thng, ng dng, bo mt..) Group Policy (Q/l cc chnh sch p t kn h thng cc my xa) Indexing Service (Q/l dch v lu gi thuc tnh file, phc v tm file nhanh) Internet Protocol Security (Ipsec) Monitor (Quan st t xa hot ng ca IPSEC) IP Security Policy (Q/l tnh nng bo mt ng truyn dng IPSEC) Local Users and Groups (Q/l t xa cc User v Group) Removable Storage Management (Q/l cc thit b lu tr gn ri nh USB..) Resultant Set of Policy (Tnh nng ny gip Admin kim tra nhanh tc ng ca Policy ln mt User c th) Services (Q/l cc Dch v ca my xa) Shared Folders (Q/l cc Folders c chia s ca my xa) lusrmgr.msc: perfmon.msc: rsop.msc: secpol.msc: services.msc: Local Users And Groups Performance Monitor Resultant Set Of Policies Local Security Settings Various Services
Ch nh Win chy 1 on m khi Windows Startup/Shutdow Thit lp bo mt cho ton b h thng Thit lp chnh sch cho TK Chnh sch kho ngui dng chung
Kim nh nhng chnh sch, nhng tu chn quyn li v c/s an ton cho ngui dng ti ch
S lng MK c th nh (0-24)
Thi hn sng ti a ca MK (0: k ht hn) Thi hn sng ti thiu ca MK
Chiu di ti thiu ca MK phc tp ca MK: min =6, a-z or A-Z & 0 9, c/b
Khong thi gian User b kho S ln logon k thnh, user s b kho T/g User c m kho sau khi b kho
V Phng Hi PGD KCN Thy Vn Thit lp cc c trng cho my tnh (K quan tm ti User Logon) n quyn ch nh cho ngui dng: Bao gm cc quyn truy cp, backup d liu, thay i thi gian ca h thng. cu hnh cho mt mc no : Nhp chut v chn Add user or group trao quyn cho user or group no bn mun Thit lp chnh sch cho User Thit lp quyn User Thit lp User c php truy xut n my. Ch nh TK no s c php hot ng nh mt phn ca h thng.
Thm 1 TK hay nhm vo min. Ch h/ng trn h thng s dng Domain Controller. Khi c thm vo tn min, TK ny s c thm cc quyn h/ng trn dv th mc (Active Direcory), c th truy cp ti nguyn mng nh 1 thnh vin trn Domain
Ch nh ai c php iu chnh ch tiu b nh dnh cho mt qu trnh x l. Chnh sch lm tng hiu xut ca h thng. Cho php ai c php s dng dch v Terminal ng nhp vo h thng. Thit lp User c quyn Backup d liu
V Phng Hi PGD KCN Thy Vn Trng thi hot ng Administrator Trng thi hot ng User Guest ng nhp k cn Pass i tn Administrator i tn Guest
secpol.msc
B Ctrl + Alt + Del Tiu khi Log on Ni dung khi Log on Cache khi log on (=0).
Xa b nh o khi Shutdown
Trong Security Zone c ds cc Site nguy him do ngi dng thit lp, Enable tu chn s k cho thay i ds (Tt nht l giu th Security)
10
11
12
Chnh sa
13
14
n Folder Option
n Search trong Explorer n context khi phi chut n Manage khi phi chut vo My computer
n a (access qua Addresss) Ngn truy nhp cc a n Tab Hardware n Tab DFS n Tab Security
15
Cm ti cc bn cp nht Windows
16
17
Kho Taskbar
n Tollbars 18
n Icon: My Documents, My Computer , Recycle Bin n thuc tnh Properties : My Documents, My Computer, Recycle Bin
19
n Control Panel n Tab Desktop Cm thay i hnh nn Desktop n Tab Settings n Tab Screen Saver
Tt ch Autoplay
n Task Manager
20
tnh cht ny
21
22
V Phng Hi PGD KCN Thy Vn Qun tr h thng vi Group Policy trong Windows XP Phn I Gpedit.msc OK khi ng chng trnh.
*Computer Configuration: Cc thay i trong phn ny s p dng cho ton b ngi dng trn my.
Trong nhnh ny cha nhiu nhnh con nh: + Windows Settings: bn s cu hnh v vic s dng TK, password TK, qun l vic khi ng v ng nhp h thng...
+ Administrative Templates: - Windows Components: bn s cu hnh cc thnh phn ci t trong Windows nh: Internet EXPlorer, NetMeeting... - System: cu hnh v h thng. *User Configuration: gip bn cu hnh cho TK ang s dng. Cc thnh phn c khc i cht nhng vic
s dng v cu hnh cng tng t nh trn.
Windows Setting:
Tinh chnh, p dng cc chnh sch v vn s dng TK, password TK, qun l vic khi ng v ng nhp h thng...
+ Scripts (Startup/Shutdown):
Ch nh cho windows s chy mt on m no khi Windows Startup hoc Shutdown.
+ Security Settings: Cc thit lp bo mt cho h thng, cc thit lp ny c p dng cho ton b h thng ch khng ring ngi s dng no. Name Account Policies Local Policies Tm tt tnh nng
Cc chnh sch p dng cho ti khon ca ngi dng.
Kim nh nhng chnh sch, nhng ty chn quyn li v chnh sch an ton cho ngi dng ti ch. Public Key Policies Cc chnh sch kha dng chung
1. Account Policies: Thit lp cc chnh sch cho ti khon a.Password Policies: Bao gm cc chnh sch lin quan n MK TK ca NSD TK trn my. Enforce password history: Thit lp ny bt buc mt mt khu mi khng c ging bt k mt
s mt khu no do ta quyt nh. C gi tr t 0 n 24 mt khu.
Maximum password age: Thi gian ti a MK cn hiu lc, sau thi gian ny h thng s yu cu ta thay i mt khu. S gi tr t 1 n 999 ngy. Gi tr mc nh l 42. Minimum password age: Xc nh thi gian ti thiu trc khi c th thay i mt khu. Ht thi gian ny bn mi c th thay i mt khu ca TK, hoc bn c th thay i ngay lp tc bng cch thit lp gi tr l 0. Gi tr t 0 n 999 ngy. Bn cn thit lp Minimum password age ln hn khng nu bn mun chnh sch Enforce password history c hiu qu, v ngi s dng c th thit lp li mt khu nhiu ln theo chu k h c th s dng li mt khu c. Minimum password length: di nh ti thiu cu MK ti khon. (Tnh bng s k t nhp vo). di ca mt khu c gi tr t 1 n 14 k t.
Password must meet complexity requirements:
Quyt nh phc tp ca mt khu. Nu tnh nng ny c hiu lc. Mt khu ca ti khon t nht phi t nhng yu cu sau:
V Phng Hi PGD KCN Thy Vn Cha t 3 hoc 4 loi k t sau: Cc ch ci thng (a ---> Z), cc ch ci hoa (A ---> Z), Cc ch s (0 ---> 9) v cc k t c bit.
phc tp ca mt khu c coi l bt buc khi to mi hoc thay i mt khu. inh : Disable.
Store password using reversible encryption for all users in the domain:
Lu tr MK s dng m ha ngc cho tt c cc NSD domain. Tnh nngcung cp s h tr cho cc ng dng s dng giao thc,n yu cu s am hiu v mt khu ca ngi s dng. Vic lu tr mt khu s dng phng php m ha ngc thc cht ging nh vic lu tr cc vn bn m ha ca thng tin bo v mt khu. Mc inh : Disable.
* Reset account lockout counter after: Thit lp li s ln c gng ng nhp v 0 sau mt khong thi gian quy nh. Thit lp ny ch c hiu lc khi Account lockout threshold c thit lp.
2. LOCAL POLICIES: Cc chnh sch cc b:
Khm ph Windows XP
- Character Map: bng k t c bit cho php chn nhanh nhng k t cn thit vo cc chng trnh son tho vn bn trong b Microsoft Office. - Clipboard Viewer: xem ni dung ca nhng thng tin c lu li trong clipboard. - Componet Services: theo di nhng s kin quan trng xy ra trong h thng c ghi li trong cc file nht k; qun l v thay i trng thi cho cc dch v ca Windows XP. - Computer Management: tp hp rt nhiu cng c cn thit cho vic qun tr my tnh (hoc iu khin my tnh t xa) c b tr theo tng nhm rt khoa hc. - Direct X diagnosis: em n mt ci nhn tng quan hn v DirectX, card mn hnh, card m thanh ca my tnh vi 8 bng thng tin khc nhau. - Disk Management: cng c qun l a h thng, cho php theo di tnh trng sc khe a, nh dng li a, thay i k t a, xa phn vng. - Dr Watson diagnosis: chuyn gia chn on v gii m nhng thng bo li, nhng s xung t chng trnh c th khin Windows XP gp s c. - Express Install Wizard: trnh thut s gip to ra cc file nn thng dng, file nn t chy, file ci t chng trnh m khng cn s dng thm phn mm ca hng th ba. - Group Policy Object Editor: thay i mt s thit lp n quan trng lin quan n h thng, mng, my in, nhng thnh phn then cht ca Windows XP m khng phi xi n Registry Editor. - Local User and Group Manager: theo di v qun l tt c TK hin c trong h thng. - Network Sharing Wizard: trnh thut s gip thit lp quyn chia s nhng th mc quan trng vi ngi khc trong mng ni b. - Object Packager: ng gi i tng chn vo bn trong tp tin, thng l tp tin tr gip. - Performance Monitor: theo di chi tit nhng thng tin v ti nguyn v tnh trng sc khe ca h thng trn cng mt biu . - Private Character Editor: h tr vic thit k nhng k t c bit s dng trong th vin Font ca Windows XP v chnh sa li nhng k t sn c theo phong cch ca ring mnh. - Removable Storage Management: cng c qun l nhng thit b lu tr ng. - Resultant Set of Policy: mt gi tp hp rt nhiu thit lp bo mt lin quan n TK ngi dng, quyn x l nhng thnh phn quan trng ca h thng, m bo an ton cho my tnh khi "giao dch" trn xa l interrnet - Shared Folder Manager: iu khin quyn x l ca ngi dng, cc phin lm vic v c tnh ca nhng ti nguyn chia s qua mng. - Synchronization Manager: ng b ha tp tin trn mng khi lm vic ch offline.
25
MT KHU AN TON HN
Thit lp Windows XP yu cu tt c TK ngi dng phi thc hin thi quen s dng mt khu an ton
26
PASSWORD POLICY:
+Minimum password length: Chiu di ti thiu ca mt khu (1 n 14 tuy nhin Microsoft bt buc mt khu phi c t nht 6 k t) v nhn OK kt thc. +Password must meet complexity requirements
Thit lp ny s bt buc mt khu phi c t nht ba trong s cc loi k t sau: ch ci vit hoa, ch ci vit thng, con s, k hiu c bit (nh du chm cu chng hn). ng thi, mt khu phi khng bao gm tn TK ng nhp h thng cng nh ng s dng ton b hay mt phn no a ch email trong mt khu.
27
28