CIS 170F: Windows 7 Administration

Week 7

Windows 7 Security Features
Security Policies
Local Security Policies

The main areas of security configuration of the LGPO are as follows:

  • Account Policies:

    You can use Account policies to configure password and account lockout features. Some of these settings include Password History, Maximum Password Age, Minimum Password Age, Minimum Password Length, Password Complexity, Account Lockout Duration, Account Lockout Threshold, and Reset Account Lockout Counter After.


  • Local Policies:

    You can use Local policies to configure auditing, user rights, and security options.


  • Windows Firewall with Advanced Security:

    Windows Firewall with Advanced Security provides network security for Windows computers. Through this LGPO you can set Domain, Private, and Public profiles. You can also set this LGPO to authenticate communications between computers and inbound/outbound rules.


  • Network List Manager Policies:

    This section allows you to set the network name, icon, and location group policies. Administrators can set Unidentified Networks, Identifying Networks, and All Networks.


  • Public Key Policies:

    You can use the Public Key Policies settings to specify how to manage certificates and certificate life cycles.


  • Software Restriction Policies:

    Software Restriction Policies allow you to identify malicious software and control that software's ability to run on the Windows 7 machine. These policies allow an administrator to protect the Microsoft Windows 7 operating system against security threats such as viruses and Trojan horse programs.v


  • Application Control Policies:

    You can use these policies to set up AppLocker. AppLocker allows you to configure a Denied list and an Accepted list for applications. Applications that are configured on the Denied list will not run on the system and applications on the Accepted list will operate properly.


  • IP Security Policies on Local Computer: You can use these policies to configure the IPSec policies. IPSec is a way to secure data packets at the IP level of the message.


  • Advanced Audit Policy Configuration:

    You can use Advanced Audit Policy configuration settings to provide detailed control over audit policies. This section also allows you to configure auditing to help show administrators either successful or unsuccessful attacks on their network.