One of the fundamental design goals for Active Directory

One of the fundamental design goals for Active Directory is
to define a single, centralized repository of users and information resources. The
information stored within Active Directory determines which resources are accessible
to which users. Through the use of permissions that are assigned to Active
Directory objects, we can control all aspects of network security. We should be
sure that we have implemented appropriate access control settings for the file
system, network devices, and other resources. Security principals are Active
Directory objects that are assigned security identifiers (SIDs), which is a
unique identifier that is used to manage any object to which permissions can be
assigned. Users and groups are two types of fundamental security principals
employed for security administration. Different types of groups are Local Users
and Groups, Domain Users and Groups, Security Groups, Distribution Groups. Through
the use of Group Policy settings, system administrators can assign thousands of
different settings and options for users, groups, and OUs (Organizational
Units). The general process for making these settings is to create a Group
Policy object (GPO) with the settings that we want and then link it to an OU or
other Active Directory object. In environments that have more than one domain
we use Active Directory trees and forests to manage. To provide resources to
users who belong to domains that are not part of the forest, Active Directory
uses the concept of foreign security principals.

of the advantages of Windows Server 2012 R2 is the ability to apply data
governance to the file server. This will help control who has access to
information and auditing. We get these advantages through the use of Dynamic
Access Control (DAC). DAC also gives administrators the ability to control file
access by using a central access policy. DAC allows an administrator to set up
Active Directory Rights Management Service (AD RMS) encryption for Microsoft
Office documents.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now


Microsoft Windows Server 2012 R2 has a built-in firewall. Windows
Server 2012 R2 takes firewalls a step further than just the normal firewall
settings in Control Panel. One advantage of configuring Windows Firewall is the
ability to export and import policy settings. An MMC snap-in called Windows
Firewall with Advanced Security can block all incoming and outgoing connections
based on its configuration. One of the major advantages to using the Windows
Firewall with Advanced Security snap-in is the ability to set firewall
configurations on remote computers using group policies. If we wanted to configure
Windows Firewall on all of our client machines, we have two options. We can
either configure each machine manually or set up a GPO to configure the Windows
Firewall. When configuring options for Windows Firewall with Advanced Security,
we have the ability to configure some IPsec policies. The three options are IPsec
Defaults, IPsec Exemptions, and IPsec Tunnel Authorization. With this windows
server we can set up specific inbound and outbound rules, connection security
rules, and monitoring rules. Obviously, inbound rules monitor inbound traffic,
and outbound rules monitor outbound traffic. By default, many are disabled. If we
can’t find a rule that is appropriate to our needs, we can create a new rule.