1 / 30

Module 9

Module 9. Configuring Applications . Module Overview. Install and Configure Applications Managing Apps from the Windows Store Configuring Internet Explorer Settings Configuring Application Restrictions in the Enterprise. Lesson 1: Install and Configure Applications.

gaenor
Download Presentation

Module 9

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Module 9 Configuring Applications

  2. Module Overview • Install and Configure Applications Managing Apps from the Windows Store Configuring Internet Explorer Settings Configuring Application Restrictions in the Enterprise

  3. Lesson 1: Install and Configure Applications • Installing Applications in Windows 8 Configuring Default Program Settings Application Compatibility Issues Resolving Common Application-Compatibility Issues Discussion: When to Use Office 365

  4. Installing Applications in Windows 8

  5. Configuring Default Program Settings You can configure Default Program behavior by selecting Control Panel > Programs > Default Programs

  6. Application Compatibility Issues Common application compatibility problems may relate to the following areas: • Setup and installation of applications • User Account Control • Windows Resource Protection • Internet Explorer Protected Mode • 64-bit architecture • Windows Filtering Platform • Operating system version changes • Kernel-mode drivers

  7. Resolving Common Application-Compatibility Issues Common mitigation methods include: • Modifying the application configuration • Applying updates or service packs • Upgrading the application • Modifying the security configuration • Running the application in a virtualized environment • Using application compatibility features built into the operating system • Selecting another application • Apply a shim

  8. Discussion: When to Use Office 365 • When would you consider implementing • Office 365?

  9. Lesson 2: Managing Apps from the Windows Store • What Is the Windows Store? Managing Access to Windows Store What Is Sideloading?

  10. What Is the Windows Store? The Windows Store provides a convenient, single location for users to access and download apps

  11. Managing Access to Windows Store Use Group Policy to disable the Store application

  12. What Is Sideloading? Sideloading provides a mechanism for distribution of LOB apps to your client computers without using the Windows Store • You must enable the sideloading facility by editing GPO settings • Your LOB apps must be digitally signed • You can use either dism.exe or Windows PowerShell to add, list, or remove LOB apps

  13. Lesson 3: Configuring Internet Explorer Settings • What Is Compatibility View? Privacy Features The SmartScreen Feature Other Security Features Demonstration: How to Configure Internet Explorer

  14. What Is Compatibility View? • None of the improvements in Internet Explorer 10 matter if websites look bad or work poorly • Compatibility View helps display a webpage as it is meant to be viewed

  15. Privacy Features • InPrivate Browsing is inherently more secure than using Delete Browsing History to maintain privacy because there are no logs kept or tracks made during browsing • Tracking Protection helps monitor the frequency of all third-party content as it appears across all web sites visited by the user • Delete Browsing History enables users and organizations to selectively delete browsing history

  16. The SmartScreen Feature

  17. Other Security Features • Per-user ActiveX makes it possible for standard users to install ActiveX controls in their own user profile, without requiring administrative privileges • Per-site ActiveX enables IT professionals to use Group Policy to preset allowed controls and their related domains • XSS Filter identifies and neutralizes a cross-site scripting attack if it is replayed in the server’s response • DEP/NX protection helps thwart attacks by preventing code from running in memory that is marked nonexecutable

  18. Demonstration: How to Configure Internet Explorer In this demonstration, you will see how to: • Enable Compatibility View for all websites • Delete browsing history • Configure InPrivate browsing • View add-on management interface • Manage downloads with the download manager

  19. Lab A: Configuring Internet Explorer Security • Exercise 1: Configuring Windows Internet Explorer Logon Information Virtual Machines 20687B-LON-DC1 20687B-LON-CL1 User Name Adatum\Administrator Password Pa$$w0rd Estimated Time: 15 minutes

  20. Lab Scenario Holly Dickson is concerned about her users’ security settings when they are browsing the Internet, especially if they are browsing the Internet while connected to their customer’s networks. She has asked that you investigate improving the security settings on her users’ computers in Internet Explorer.

  21. Lab Review • In the lab, you added the local intranet home page to the Trusted sites. How else could you have ensured that the required ActiveX controls did run?

  22. Lesson 4: Configuring Application Restrictions in the Enterprise • What Is AppLocker? AppLocker Rules Demonstration: How to Configure AppLocker Rules Demonstration: How to Enforce AppLocker Rules

  23. What Is AppLocker? • AppLocker is a security feature that enables you to specify exactly what applications are allowed to run on user desktops Benefits of AppLocker • Controls how users can access and run all types of applications • Ensures that user desktops are running only approved, licensed software

  24. AppLocker Rules Create default AppLocker rules first, before manually creating new rules or automatically generating rules for a specific folder Default rules enable the following: • All users to run files in the default Program Files directory • All users to run all files signed by the Windows operating system • Members of the built-in Administrators group to run all files • Create custom rules and automatically generate rules using an AppLocker wizard found in the Local Security Policy Console

  25. Demonstration: How to Configure AppLocker Rules In this demonstration, you will see how to: • Create new executable rule • Automatically generate Script rules

  26. Demonstration: How to Enforce AppLocker Rules In this demonstration, you will see how to: • Enforce AppLocker Rules • Confirm the executable rule enforcement • Confirm the Script rule enforcement

  27. Lab B: Configuring AppLocker • Exercise 1: Configuring AppLocker Rules Exercise 2: Testing the AppLocker Rules Logon Information Virtual Machines 20687B-LON-DC1 20687B-LON-CL1 User Name Adatum\Administrator Password Pa$$w0rd Estimated Time: 20 minutes

  28. Lab Scenario Holly is concerned that people in her department are spending time listening to music files. She wants a way to disable the Windows Media® Player from running. You decide to implement AppLocker® to prevent members of the IT group from running this program.

  29. Lab Review • In the lab, you configured an executable path for the executable rule. What could you do if you wanted to allow users to run an earlier version of Windows Media Player?

  30. Module Review and Takeaways • Review Questions Tools Best Practice

More Related