Security Strategies in Windows Platforms and Applications by Solomon Michael G.;

Author:Solomon, Michael G.; [Solomon, Michael G.;]
Language: eng
Format: epub
Publisher: Jones & Bartlett Learning, LLC
Published: 2013-01-22T06:00:00+00:00

Windows defines rights and permissions based on user accounts. Windows runs every program as a specific user. That means even services run as a user. By default, many services run as a local admin account. If an attacker can exploit a vulnerability and compromise a service, it is possible the attacker could assume the identity of the user running the service. For this reason, it is important to run each service as a user that possesses the minimum privileges necessary to perform the service’s functions.

FYI

Windows Server 2008 R2 included the new managed service accounts (MSA) feature. While this made managing service accounts easier, it didn’t solve all of the issues. MSAs did provide automatic password management and instance name registration. However, the accounts could not be shared across multiple servers. Windows Server 2012 introduced group managed service accounts (gMSA). These accounts extend the earlier capabilities. Windows Server 2012 computers can share gMSAs and even use them for scheduled tasks. Administrators can also use the new gMSAs for more common software services, such as Microsoft Exchange or Microsoft SQL Server.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.