The Best Damn Windows Server 2003 Book Period

In the last chapter, we looked at planning server roles and associated security measures. In this chapter we will examine two of Microsoft's key security tools for Windows Server 2003, the Security Configuration and Analysis management console and the Software Update Service.
The Security Configuration and Analysis management console provides a utility for testing baseline security settings and a method for applying a consistent security configuration to machines throughout the enterprise. The Software Update Service provides a mechanism to consistently apply hot fixes and updates to all Microsoft systems in your enterprise. When used together, the Security Configuration and Analysis tool and the Software Update Service are intended to reduce administrative overhead while providing consistent application of current security settings to all Microsoft-based machines in your network.
With the release of Service Pack 4 (SP 4) for Windows NT 4.0, Microsoft introduced a new security configuration tool to ease administration of your Windows NT network. The release of the NT 4.0 Service Pack 4 CD introduced the Security Configuration Manager (SCM). The Security Configuration Manager is a product originally designed for Windows NT 5.0 (now known as Windows 2000). Now, with the release of Windows Server 2003, Microsoft continues to expand on the functionality of the Security Configuration Manager with the Security and Configuration Analysis management console. The Security Configuration and Analysis utility provides a tool for configuring, comparing, and applying security templates.
A security template is a Windows initialization (.ini) file that lists configuration parameters for...