Re: AD Security Questions

In news:%23U%23Q4GWPGHA.3896@xxxxxxxxxxxxxxxxxxxx,
msadexchman <msadexchman@xxxxxxxxx> stated, which I commented on below:
Hello,

I'm trying to find a good reference for a list of questions to ask a
customer with respect to their Active Directory accounts security. This
customer said that they have some users who have 3+ accounts
each, some that are shared accounts, etc.

I'm basically looking for a set of best practice questions to provide
them with talking about the best way to provision user accounts in AD
from a security standpoint. There has to be regulations for things
like HIPPA, SOX, GLBA?

We're trying to figure out if the answers to these questions warrant
an AD audit from a security standpoint.

Make sense?

Any help or references would be appreciated.

Three accounts and some of them shared? That's a red flag right there.

SourceFire has a tool to scan for HIPAA compliance:
http://www.sourcefire.com/compliance/hipaa.html

So do many others. Officials will also audit for HIPAA compliancy if your
org falls under that category.

There are other tools you can use, such as eEye's Retina, GFI Languard, or
even the MBSA to scan the network and AD to produce a report. THere are
other tools as well. You can also go to www.microsoft.com/security for more
info.

Check this article out too-
Network scanners pinpoint problems:
http://www.networkworld.com/reviews/2002/0204bgrev.html


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.

It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Assimilation Imminent. Resistance is Futile
Infinite Diversities in Infinite Combinations

"Very funny Scotty. Now, beam down my clothes."

The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy.


.

Relevant Pages

  • Re: Netkkkop alert.
    ... Reference the attached, beginning at ... People don't post from email accounts you dipshit. ... You are either Mark tyring to distract the focus of the thread or you ... Mark was arrogant then as he is now. ...
    (rec.models.railroad)
  • Re: Add Next Number To A Field from another Form
    ... Library is already a reference, and I'm still getting the error message as: ... in the VB Editor) and add a reference to Microsoft DAO 3.6 Object Library. ... ACCOUNTS SEARCH which would open the Table ACCOUNT NUMBER look at the ... Dim strSQL As String ...
    (microsoft.public.access.forms)
  • Re: Ask not what your country can do for you
    ... reference with "this" could only be pointing forward. ... Lincoln Portrait," which has the pre-refrain "This is what Abe Lincoln ... radio glitch. ... appropriately healthy skepticism when it comes to accounts of scientific ...
    (sci.lang)
  • Re: VT Killer Was A Muslim Extremist!!!
    ... Sources told the Tribune that the words "ISMAIL AX" were also found ... of Abraham, where God commands the patriarch to sacrifice his own son. ... Abraham uses a knife in most versions of the story, but some accounts ... A more obscure reference may be to a passage in the Koran referring to ...
    (alt.sports.football.pro.ne-patriots)
  • AD Security Questions
    ... I'm trying to find a good reference for a list of questions to ask a ... customer with respect to their Active Directory accounts security. ...
    (microsoft.public.win2000.active_directory)
Quantcast