1. Security Analysis
The status of the operating system and applications on the computer is dynamic.
For example, to immediately resolve management or network problems, you may need to temporarily change the security level. However
Change. This means that computers cannot meet the security requirements of enterprises.
As part of the Enterprise Risk Management Program, regular analysis allows administrators to track and ensure a high level of security on each computer.
Administrators can adjust the security level. The most important thing is to detect any security faults that occur during the long-term operation of the system.
"Security Configuration and analysis" allows you to quickly view the security analysis results. Put forward suggestions next to the current system settings and use visual tags
Or the comment highlights the areas that do not match the recommended security level. "Security Configuration and analysis" also provides solutions for analysis display
Any conflicting functions.
2. Security Configuration
"Security Configuration and analysis" can also be used to directly configure the security of the local system. Using the personal database, you can import
Full template "created security templates, and apply these templates to local computers. This will immediately use the level specified in the template to configure system security
Completeness.
Microsoft Help and Support Center description.
Run ---> mmc console ---> file ---> Add/delete a management unit ---> independent --> Add --> Security Configuration and Analysis --> right
Key, Security Configuration and Analysis --> open data --> select database. Here we select "create database". The file name is:
Right) --> open and select the security template (updated project, file system, registry, group policy, security policy, etc., and, setup
Security. inf (all default configurations) --> here I want to restore the default permission configuration of the system.
Rootsec. inf ---> analyze the computer now ---> error file path (select it as needed) ----> Import template ---> select
Windwos. onf (The following is the content of the rootsec. inf file. I want to only restore the default windows permissions, so
C: \ disk "% SystemDrive % \" is changed to windows. inf \ "% windir % \".
Change "% SystemDrive % \ To the drive letter to be configured, for example, d: \, e: \...) --->
Configure the computer now
------------------------------------------------------
Let's take a look. The default permission is back, baby kiss '~~ Pai_^
Windwos. inf
_____________________________________________________
; Copyright (c) Microsoft Corporation. All rights reserved.
; Security Configuration Template for Security Configuration Manager
[Version]
Signature = "$ CHICAGO $"
DriverVer = 10/01/2002, 5.2.20.0.0
[Profile Description]
% SCEProfileDescription %
[File Security]
"% Windir % \", 0, "D: AR (A; OICI; GA; BA) (A; OICI; GA; SY) (A; OICIIO; GA; CO) (A; CIOI; GRGX; BU)
(A; CI; 0x00000004; BU) (A; CIIO; 0x00000002; BU) (A; GRGX; WD )"
[Strings]
SCEProfileDescription = "apply the default root directory permission to the OS disk partition and spread this permission to
Sub-object. The propagation time is determined by the number of unprotected sub-objects. For more information, see online help. "
Bytes -------------------------------------------------------------------------------------
Other functions have not been tried. If you need them, you can do it yourself. But I have struggled for two days to find such a thing.
