5 New Security Planning Guides

The Microsoft Solutions for Security (MSS) team had published five new security planning guides:

The Administrator Accounts Security Planning Guide

This guide is designed to be an indispensable resource when organizations plan their strategy to secure administrator-level accounts in Microsoft Windows NT–based operating systems such as Windows Server 2003 and Windows XP. It addresses the problem of intruders who acquire administrator account credentials and then use them to compromise the network. The main goal of this guide is to provide prescriptive guidance in terms of the steps an organization can take to secure local and domain-based administrator-level accounts and groups.

The Secure Access Using Smart Cards Planning Guide

This guide is designed to help IT security professionals understand how to plan and implement secure access using smart cards for administrator accounts and remote access user accounts. It enables the reader to understand how to secure access using smart cards and examines the issues and challenges.

The Security Monitoring and Attack Detection Planning Guide

This guide is designed to help IT security professionals understand how to use the security event logs in Microsoft Windows as the basis for monitoring security and detecting attacks on a network. The guide helps the reader to identify relevant security events and interpret sequences of events that might indicate that an attack is in progress.

The Services and Service Accounts Security Planning Guide

This guide is designed to be an important resource when organizations plan their strategy to run services more securely under the Microsoft® Windows Server 2003™ and Windows® XP operating systems. The guide addresses the common problem of Windows services that are set to run with the highest possible privileges, which an attacker could compromise to gain full and unrestricted access to the computer, domain, or even to the entire forest. It describes ways to identify services that can run with lesser privileges and explains how to downgrade those privileges methodically. This guide can help organizations assess their existing services infrastructure and make some important planning decisions in relation to future service deployments.

Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide

This guide is designed to help IT security professionals understand how to plan and implement Virtual Private Network (VPN) Quarantine services featured in Windows Server 2003 Service Pack 1. The guide enables the reader to understand the approaches to VPN quarantine and examines the issues faced.