百度文库-让每个人平等地提升自我-1-中国石化Windows服务器系统安全配置指南V2007年05月16日百度文库-让每个人平等地提升自我-2-目录1概述.............................................................................................................................................-3-1.1适用范围............................................................................................................................-3-1.2实施....................................................................................................................................-3-1.3例外条款............................................................................................................................-3-1.4检查和维护........................................................................................................................-3-2适用版本.....................................................................................................................................-4-3用户账号控制.............................................................................................................................-4-3.1密码策略............................................................................................................................-4-3.2复杂性要求........................................................................................................................-4-3.3账户锁定策略.....................................................................................................................-5-3.4内置默认账户安全.............................................................................................................-5-3.5安全选项策略.....................................................................................................................-6-4注册表安全配置.........................................................................................................................-8-4.1注册表访问授权.................................................................................................................-8-4.2禁止匿名访问注册表.........................................................................................................-9-4.3针对网络攻击的安全考虑事项.........................................................................................-9-4.4禁用格式文件名的自动生成........................................................................................-10-4.5禁用LMHASH创建.........................................................................................................-10-4.6配置NTLMSSP安全......................................................................................................-11-4.7禁用自动运行功能...........................................................................................................-11-4.8附加的注册表安全配置...................................................................................................-11-5服务管理...................................................................................................................................-12-5.1成员服务器......................................................................................................................-12-5.2域控制器............................................................................................................
