Clinic Introduction 11 Facilities 12 Clinic Introduction About This Clinic This section provides you with a brief description of the clinic, objectives, and target audience. Description This clinic introduces you to the new features of the Microsoft Windows Vista™ operating system that are relevant to IT professionals. These features include security enhancements, user productivity enhancements, monitoring enhancements, and manageability enhancements. Objectives After completing this clinic, you will be able to: • Describe potential security risks. • Understand the malware protection features in Windows Vista. • Understand the network protection features in Windows Vista. • Describe the security enhancements in Internet Explorer 7.0. • Understand the data protection features in Windows Vista. • Describe how Windows Vista enhances user productivity. • Describe the Windows Vista User Interface Enhancements. • Describe the Windows Vista Productivity enhancements. Clinic Introduction 13 • Understand the Windows Features for Mobile PCs. • Manage the Windows Vista Boot Process. • Configure Power Management. • Describe the benefits of enhanced monitoring and management. • Describe Windows Vista system monitoring features. • Monitor and control applications. • Describe Group Policy enhancements in Windows Vista. • Understand the remote management features in Windows Vista. • Automate management tasks. Audience The target audience for this clinic includes the following: • IT Professionals who generally perform desktop support for Windows computers. Typical duties for this IT Professional are user support, desktop configuration, and desktop troubleshooting. They will be particularly interested in the new features of Windows Vista and how the changes affect Windows security, reliability, performance, productivity and manageability. • Technical decision makers can gain an overview of Windows Vista features and benefits. 14 Clinic Introduction Prerequisites This clinic requires that you meet the following prerequisite: • 1 year experience with Windows client and server operating systems in a corporate environment Clinic Introduction 15 Clinic Outline Session 1, “Security Enhancements in Windows Vista,” provides an overview of new security features in Windows Vista. Many of the changes in Windows Vista have been made to prevent user-initiated security problems and to prevent unknown future attacks. Security features relevant to malware, networks, Microsoft Internet Explorer® 7, and data protection are covered. Session 2, “User Productivity Enhancements in Windows Vista,” provides an overview of the new features in Windows Vista that are seen and configured by users. IT Professionals must be aware of these features to help and educate their users. Areas covered include user interface enhancements, productivity tools, features for mobile PCs, the startup process, and power management. Session 3, “Monitoring and Managing Windows Vista,” provides an overview of the new monitoring and management features in Windows Vista. For most organizations, the cost of software management is far greater than that of software acquisition. The new monitoring and management features in Windows Vista include Application Error Reporting, Event Viewer enhancements, Group Policy enhancements, remote management enhancements, reduced restarts, and Task Scheduler enhancements. 16 Clinic Introduction Next Steps The next step after completing this session is: • Clinic 5057A, First Look: Windows Vista for IT Professionals Hands-On Labs. Session 1: Security Enhancements in Windows Vista Table of Contents Session Overview 1 Security Risks 2 Malware Protection Features 8 Network Protection Features in Windows Vista 25 Internet Explorer 7 Security Enhancements 37 Data Protection Features 50 Session Summary 61 Questions and Answers 62 Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. © 2006 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, ActiveX, Aero, Bitlocker, BizTalk, DirectX, Internet Explorer, NetMeeting, Visual Studio, Windows, Windows Media, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Session 1: Security Enhancements in Windows Vista 1 Session Overview Introduction Computer security is a critical issue for all organizations. Increased regulation has fueled the need to ensure compliance with heightened security requirements such as privacy laws. In addition to software flaws, many security issues are user initiated. The Microsoft® Windows Vista™ operating system includes a variety of new features to increase security. Objectives After completing this session, you will be able to: • Describe potential security risks. • Understand the malware protection features in Windows Vista. • Understand the network protection features in Windows Vista. • Describe the security enhancements in Microsoft Internet Explorer® 7. • Understand the data protection features in Windows Vista. 2 Session 1: Security Enhancements in Windows Vista Security Risks Introduction There are security risks inherent to all computer systems regardless of the operating system that they run. Understanding security risks with computing systems is the first step toward mitigating those risks. This section describes some of the security risks to computing systems and provides a brief overview of how Windows Vista mitigates them. Objectives After completing this section, you will be able to: • Describe security risks to computer systems. • Describe how Windows Vista addresses security risks. • Describe Windows Vista platform improvements. [...]... Session 1: Security Enhancements in Windows Vista 5 How Windows Vista Addresses Security Risks One of the major focuses in Windows Vista development is increased security Many of the new features in Windows Vista are specifically designed to make Windows Vista more secure than any previous version of Windows Windows Vista security features include: • Hardened services to reduce the risk of a Windows service... within an Active Directory® directory service forest and end-to-end certificate life cycle management scenarios Session 1: Security Enhancements in Windows Vista • 7 Enhanced auditing Windows Vista auditing capabilities make it easier to track what users do Auditing areas now include multiple subcategories, making it much easier to focus on events of interest Windows Vista integrated audit event forwarding... software that purports to remove spyware is actually spyware itself Session 1: Security Enhancements in Windows Vista 11 How Windows Vista Protects Against Malware Windows Vista protects against malware with three specific enhancements: • Windows Service Hardening Windows Service Hardening restricts critical Windows services from doing abnormal activities in the file system, registry, network, or other resources... Understand how to administer UAC • Describe Windows Defender • Understand Windows Defender scanning modes Session 1: Security Enhancements in Windows Vista How Is Malware Installed? Malware is installed without your explicit consent It needs to either exploit a flaw in the operating system or trick you into installing it In most cases, viruses and worms exploit flaws to install themselves, but spyware... security risks, there are also some specific platform improvements The platform improvements change some of the security systems in Windows Vista to make them more effective and easier to use The platform improvements in Windows Vista are: • Flexible authentication Windows Vista authentication capabilities are more flexible, providing a variety of choices for customized authentication mechanisms, such... it afterwards 12 Session 1: Security Enhancements in Windows Vista What Is Service Hardening? Windows services represent a large percentage of the overall attack surface in Windows from the perspective of the amount of overall always-on code footprint in the system, and the privilege level of that code Windows Vista limits the number of services that are running and operational by default Before Windows. .. collects and forwards critical audit data to a central location, enabling small networks as well as enterprises to better organize and analyze audit data 8 Session 1: Security Enhancements in Windows Vista Malware Protection Features Introduction Malware is malicious software that is installed without your explicit consent Malware includes spyware, viruses, and worms Malware can steal personal information... successful • BitLocker Drive Encryption to secure data on portable computer hard drives • Rights management to control how data is used, even outside your organization The preceding security topics are discussed in detail later in this session 6 Session 1: Security Enhancements in Windows Vista What Are the Platform Improvements? In addition to the new features in Windows Vista that address security risks,... Web browser risks Almost every information worker in an organization uses a Web browser to perform research and access Internet and intranet applications Some malicious Web sites attempt to modify the configuration of the local computer by exploiting flaws in Web browsers Other Web sites attempt to impersonate legitimate Web sites such as online banks to steal personal information in an attack known as... 1: Security Enhancements in Windows Vista • Data risks As workers have become more mobile with portable computers, more corporate data is being carried outside the physical walls of the organization When a portable computer is lost or stolen, it is often easy for unauthorized people to gain access to corporate data stored on the portable computer In addition, corporate data is often transmitted outside . features of Windows Vista and how the changes affect Windows security, reliability, performance, productivity and manageability. • Technical decision makers can gain an overview of Windows Vista. “Security Enhancements in Windows Vista, ” provides an overview of new security features in Windows Vista. Many of the changes in Windows Vista have been made to prevent user-initiated security. 5057A, First Look: Windows Vista for IT Professionals Hands-On Labs. Session 1: Security Enhancements in Windows Vista Table of Contents Session Overview 1 Security Risks 2 Malware Protection