Who should attend: System and network administrators, and programmers, who work with NT systems and need to understand its security principles. Those accustomed to working with UNIX systems will benefit from the comparisons between UNIX and NT.

This tutorial explains how to maximize the security of networked NT systems. Windows NT offers security features to satisfy the most avid control freak: centralized control over user accounts, file sharing, desktop appearance, fine grained object access, encryption, a security monitor, and auditing sensitive enough to capture most security related events. But, Windows NT also suffers from an API which has been the main target for virus writers and for applications which were programmed without any notion of security. After taking this tutorial participants will understand the complex security model of Windows NT which, when correctly configured, can make it reasonably secure.

Go behind the scenes to discover the file and directory hierarchy of the trusted computing block, Web server (IIS), registry and event logs, system files and libraries, as well as review NT's security-related GUI's. We will explore the command line interfaces and tools for controlling and auditing security of NT systems. Particular emphasis will be placed on:

	The NT registry, a file system-like construct for storing device and application configuration, passwords, and other system values, all of which protected by access control lists (ACLs)
	User accounts, local and global groups, rights, and privileges
	Domains, domain controllers, local and network authentication
	NT Passwords, collecting and cracking passwords
	ACLs for file, directories, and other objects
	NT's event and audit mechanism
	Correct configuration of IIS, RAS, network services, and protecting NT systems with firewalls