Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Vista

Troubleshoot Security Configuration Issues (part 1) - The Windows Security Center & Securing the Operating System and Data in Storage with BitLocker

- Windows 10 Product Activation Keys Free 2019 (All Versions)
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
3/13/2011 4:06:48 PM
In the following section, you learn about ways to secure data in storage and how to configure security templates to deploy to one or many computers. These topics include
  • Windows Security Center

  • BitLocker

  • The Encrypting File System (EFS)

  • Security Configuration and Analysis Tool (SCAT)

  • The SecEdit command-line utility

The Windows Security Center

The Windows Security Center is installed by default in Windows Vista. It integrates, monitors, and alerts problems for the following security-related tools:

  • Windows Firewall

  • Windows Update

  • Antivirus Protection—Even some third-party AV products

  • Windows Defender

  • Internet Security Settings—Mostly Internet Explorer configuration

  • User Account Control

You can access the Security Center in the Control Panel > Security > Security Center or by double-clicking the yellow or red shield in the system tray.

Tip

The yellow or red shield in the system tray is presented only if the Security Center detects a problem with one or more of the security components that it monitors. A yellow shield in the system tray indicates a security warning, and a red shield indicates a critical security problem.


In the Security Center, you can view the security status of each of these security services and gain quick access to each of the tools to make any desired configuration changes. You can configure the level of alerts and whether the Security Center places an icon in the system tray in the right corner of the taskbar. As you can see in Figure 1, the shield icon in the system tray is a warning, and it’s alerting you to the fact that the Security Center cannot identify an antivirus application running on your computer.

Figure 1. The Windows Security Center is a single stop to configure Windows Update, Windows Firewall, Windows Defender, and Internet Options settings.

Alert

This warning can be eliminated if you simply install an antivirus software product that is Windows Vista compliant. Antivirus software for earlier versions of Windows is not necessarily compliant with Windows Vista. The antivirus software packaging must specifically say that it is Windows Vista compliant.

The way these third-party antivirus products properly report to the Security Center is through a Microsoft Windows Management Instrumentation (WMI) interface. If the antivirus software uses the WMI interface, the Windows Security Center can monitor it and should change the yellow shield warning indication to a green shield indicating a healthy, protected computer system.


Another option you have to eliminate the yellow shield warning from the Windows Security Center is to install and subscribe to a new subscription product from Microsoft called Windows Live OneCare, as shown in Figure 2.

Figure 2. The Windows Live OneCare product integrates with the Vista operating system and provides monitoring of Windows updates, tuneups, scheduled backups for the system, virus and spyware protection, firewall services, and logging.


Tip

The Windows Security Center also provides quick access to the Backup and Restore Center.


Securing the Operating System and Data in Storage with BitLocker

BitLocker is an encrypting technology that has been introduced in Windows Vista. It is included with Windows Vista Ultimate and with Windows Vista Enterprise. BitLocker encrypts the entire volume (partition) that holds the operating system. This is referred to as the boot partition. BitLocker is designed to protect against a bad guy who could take the hard drive out of your computer, install it into his computer, and access all your content. After BitLocker is installed, the operating system and file system cannot be accessed without the decryption key.

Caution

Use Caution with BitLocker BitLocker is powerful security but may also cause you to lose valuable data. It requires a specialized partition structure and a lengthy process to encrypt the entire boot partition. Repartitioning and encrypting the partition are both opportunities for total data loss. Also, if you lose the decryption key, you could never see your OS or data again. Even when it works correctly, the system is now operating like it never did before.

Consider implementing BitLocker carefully. Read all the documentation on BitLocker from Microsoft. Then back up all your data, drivers, and so on, from the computer as if you know that you’re going to lose it all. And most importantly, know how to recover your content if necessary, from your backup and from BitLocker, before you ever begin the BitLocker process.


The decryption key for the BitLocker partition is held in a special chip on the motherboard called the Trusted Platform Module (TPM) chip. Not all motherboards have this TPM chip; in fact, most computers today don’t have one because the technology is relatively new.

If your computer doesn’t have a TPM chip, you can export the decryption key to a Universal Serial Bus (USB) thumb drive. This makes the USB thumb drive a sort of SmartCard. Without the USB thumb drive with the decryption key inserted into a USB port during the bootup process, the entire boot partition remains encrypted and inaccessible. This is strong security.

This security is a good thing and a bad thing. If the TPM chip fails (I don’t really think that these chips have a high failure rate, but just in case) or if you lose your USB thumb drive that holds the decryption key (something more likely to happen), you simply cannot access your computer’s Vista operating system and whatever data the partition held ever again.

Alert

When you implement BitLocker, you should generate a recovery password and store it on something other than the computer you are protecting. Storing this password on the same computer would defeat the purpose of using BitLocker. You should store the recovery password on a USB thumb drive in an ASCII text file. (This is a different USB thumb drive from the BitLocker bootup USB thumb drive.) This drive with the BitLocker recovery password should be stored securely someplace where only you can find it when you need it.

After you have generated and recorded the BitLocker Recovery Password, if the TPM chip ever fails, or if you lose your BitLocker bootup USB thumb drive, you can open the text file, retrieve your BitLocker recovery password, and boot into the BitLocker Drive Encryption Recovery Console to access the encrypted operating system. Once there, you can generate a new BitLocker bootup USB thumb drive, export data, or do whatever else you need to do to regain access to your system.

Other -----------------
- Configure and Troubleshoot Security for Windows Internet Explorer 7 (part 4) - Digital Certificates
- Configure and Troubleshoot Security for Windows Internet Explorer 7 (part 3) - Cookie-Handling & ActiveX Opt-In
- Configure and Troubleshoot Security for Windows Internet Explorer 7 (part 2) - Internet Explorer’s Protected Mode
- Configure and Troubleshoot Security for Windows Internet Explorer 7 (part 1) - Pop-Up Blocker & Phishing Filter
- Troubleshooting Deployment Issues
- Perform Post-Installation Tasks (part 3) - Managing Computers with Multiple Operating Systems
- Perform Post-Installation Tasks (part 2) - Managing User Data
- Perform Post-Installation Tasks (part 1) - Restoring User State Data & Ensuring Driver Availability
- Deploy Windows Vista from a Custom Image
- Configuring Windows Vista Productivity Applications - Windows Mail
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 windows Phone 7 windows Phone 8
programming4us programming4us
Celebrity Style, Fashion Trends, Beauty and Makeup Tips.
 
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server