Saturday, November 2, 2019

Windows 7 Workgroup Consultation for Sally Chu Assignment

Windows 7 Workgroup Consultation for Sally Chu - Assignment Example Keywords: UAC, user access controls, administrative users, users, Windows 7, workgroup, network Windows 7 Workgroup Consultation for Sally Chu In order for Sally to grant all six of her administrative staff members the same computer-access privileges, to allow them to run applications and use network printers, but not be able to make any accidental changes that can adversely affect their computers, the most effective and efficient way to create user accounts for these employees would be as follows. The first step would be to setup the profile for Sally’s administrators. In order to ensure that the administrators cannot make any changes that would adversely affect the computers themselves, the best bet is to setup the administrators on a standard user profile, instead of an administrator profile, as the administrator profile would have complete access to make any and all changes, while the standard use can use most software and change system settings that do not affect other us ers or the security of the computer itself. Once the standard user is setup, the next step is to setup the parental controls for that standard user, allowing for the use of games to be filtered out, and blocking any specific programs that she does not want the administrators to have access to, by setting the profile to only be able to use the programs from an allowed list, as specified by herself. Once the account is setup, and the parental controls are put in place, the settings in UAC, or User Account Controls, would need to be set, providing notification when programs try to make changes to the computer. This must be done for each profile that needs to be created, for a total of six (Microsoft, 2013). As Sally would like to provide a high level of authentication for her network’s users, she would like a dual authentication process. Two of the different methods that she could use in conjunction with requiring a password for network access are the option to use EAP (Extensib le Authentication Protocol), and setting to allow certain protocols. Selecting â€Å"Use Extensible Authentication Protocol† allows the selection of using one of three protocols for authenticating the VPN connection: Protected EAP (PEAP), EAP-MSCHAPv2, or Smart Card or Other Certificate; all three options will ensure the security and data integrity of the EAP conversation through the use of encryption. The default setting is EAP-MSCHAPv2, which is also known as Secure Password. By selecting the properties for EAP-MSCHAPv2, the ability to configure the connection to use the Windows login credentials in order to authenticate the connection. Selecting â€Å"Allow These Protocols† instead as the other alternative for providing the second level of security to the network connection will allow for the choice between three different connection types, all of which can be set to configure the Windows login credentials to be used; the three different authentication protocols tha t can be used by the connection are PAP, CHAP, or MS-CHAPv2. â€Å"The choice of these three types of authentication methods will only apply to PPTP, L2TP/IPsec, or SSTP tunnels; IKEv2 tunnels can only use EAP-MSCHAPv2 or certificates as their authentication methods† (, 2008). While there is an advantage into having the user’s use their Windows login credentials, namely that they will not have to remember a third set of login credentials, the disadvantage is that if an unauthorized user obtains that information, that will give them that much more access to the network itself. The user access controls set for the profiles themselves will ensure that the web based applications will run in protected mode, and by allowing the particular programs on the intranet in the

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.