You are here:About>Business & Finance>Business Security> Security Testing> Network Security Testing> Authentication
About.comBusiness Security
Newsletters & RSSEmail to a friendSubmit to Digg

The QAD (Quick and Dirty) Checklist for the Security Audit of a Windows Server

From Ryan Groom,
Your Guide to Business Security.
FREE Newsletter. Sign Up Now!

Authentication

Authentication is what controls who is allowed to have access to what.

The following list is a set of items that should be reviewed when creating an security audit of your authentication system.

  • Is administrative access controlled by multi-factor authentication?
  • LM and NTLM authentication is disabled?
  • Allow anonymous SID/Name Translation is disabled?
  • Let everyone permissions apply to anonymous users is disabled?
  • Do not allow anonymous enumeration of SAM accounts is enabled?
  • Do not allow anonymous enumeration of shares is enabled?
  1. Server Accounts
  2. Server Operating System
  3. Security Logging
  4. Software Currency
  5. Disaster Recovery
  6. Authentication
  7. Anti-Virus

<< Previous | Next >>
Financial Planning

Personal Finance BasicsGuide to Financial SuccessCreating a BudgetHow to Save MoneyFinding a Financial Planner

 All Topics | Email Article | | |
Advertising Info | News & Events | Work at About | SiteMap | Reprints | HelpOur Story | Be a Guide
User Agreement | Ethics Policy | Patent Info. | Privacy Policy©2008 About, Inc., A part of The New York Times Company. All rights reserved.