=================================
Uhm, actually, I am a network administrator for a company of 150 users (Toronto) and 58 (Montreal) and I have never seen an MCSE study book in my life.
=================================

Most of my experience is on Wall Street, and financial houses have quite a bit more users than 208. Not that any of that means anything in this discussion.




=================================
Now, the things I listed above are the basic requirements for setting up a secure Windows 2000/3 AD environment, and I (and my team) have implemented all of these measures. Not being a windows administrator, this may sound like really complex stuff for you, but its really the basics.
=================================

I've administered NT 3.51/4.0 systems and you're right, it is the basics. But take your "How would you configure your domain trusts..." question; is that a one-size fits all configuration, or do you take into consideration actual business requirements?

I haven't touched a production Windows server since about 1997, but if I were configuring a trust relationship between two divisions I'd set it up differently than a trust relationship with a business partner. Also the sensitivity of data would dictate, wouldn't it? You wouldn't want M&A data to float out to a domain that doesn't have users authorized to view that data, would you?




=================================
Anyone with any experience would have an answer to the questions (one liners, I'm not expecting a speech).
=================================

Wow, if one line answers are all that's required to keep anything secure, I'm going back to operations!


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/157/19750#19750