Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security Configuration Editor (There are numerous other tools which ship…
Security Configuration Editor
The
SCE tools
allow administrators to configure security on Windows 2000 operating systems, and then perform periodic analysis of the systems to ensure that the configuration remains intact or to make necessary changes over time. They effectively give access to everything that shows up in the Security Settings tree in a Group Policy.
There are numerous
other tools
which ship with Windows 2000 for managing security. This section briefly introduces some of them. It is expected that administrators are familiar with these tools and need no further introduction to them.
Windows Explorer – allows configuration of both Discretionary (DACL) and System (SACL) Access Control Lists on the file system
Regedt32.exe – allows configuration of both DACLs and SACLs on the registry
Cacls.exe – command line tool which allows configuration and viewing of file system DACLs.
Net.exe – a family of command line tools which can create and configure user accounts, group memberships, as well as various settings such as whether the system is visible in network browse lists.
Netsh.exe – a command line tool for configuration of network parameters
Secedit.exe – a command line tool providing the same functionality as the GUI SCE.
In order to view these snap-ins a new console must be created
When the MMC comes up, click Console:Add/Remove Snap in
Then click Add and double-click both Security Configuration and Analysis and Security Templates.
To do so click Start:Run and run MMC.
Click Close and OK to return to the console.
For future use, you may now save this console so that it becomes available in the Administrative Tools folder on the Start menu.
(SCE) consists of two Microsoft Management Console (MMC) snap-ins designed to provide a capability for security configuration and analysis of Windows 2000 operating systems
The first snap-in is the Security Templates snap-in which gives administrators a graphical way to manage the inf files used to apply security settings
The second snap-in is the Security Configuration and Analysis snap-in which allows an administrator to analyze a systems security vis-à-vis a particular template and apply the settings in a template to a system
Practical Activity:
https://www.petri.com/using-windows-server-2012-security-configuration-and-analysis-tool
