On a nuclear submarine, it takes two keys to initiate the launch of a nuclear missile (if movies like Hunt for the Red October are to be believed).  At Microsoft, it looks like we use THREE cards to allow access to our Public Key Infrastructure.

Microsoft IT created security worlds with administrative card sets composed of six smart cards, any three of which were required to perform administrative functions. The administrative cards were needed whenever a new CA was brought online and added to the associated security world. Two cards were distributed to the Legal and Corporate Affairs department, two others were distributed to a separate internal auditing team, and the final two were retained by the IT Security team in Microsoft IT. The requirement of three smart cards provided role separation and guaranteed that performing such high-level functions required the involvement of members from at least two of these three groups.

Great approach for protecting against a rogue administrator, but probably overkill for a PKI deployment at Joe’s Crab Shack.  Great whitepaper if you are interested in reading about a real-world large PKI implementation.

Read Here: IT Showcase: Deploying PKI Inside Microsoft

In my Inbox today from (ISC)2:

Congratulations! It gives me great pleasure to be the first to address you with the Certified Information Systems Security Professional (CISSP®) designation!

Based upon your examination results, a review of your application and acceptance of your endorsement, the (ISC)2 Board of Directors awarded you with the CISSP designation.

Yaaay! :)

It looks like the Threats and Countermeasures guide has been updated for Windows Vista.

This guide is a reference to security settings that provide countermeasures for specific threats against current versions of the Windows® operating systems.

This guide is a companion for two other publications that are available from Microsoft:

• Windows Server 2003 Security Guide
• Windows Vista Security Guide

Many of the countermeasures that are described in this guide are not intended for specific computer roles in the companion guides, or in some cases for any roles at all. These countermeasures help ensure compatibility, usability, manageability, availability, or performance.

Generally, as security increases, functionality decreases, and vice versa. However, there are exceptions, and some security countermeasures actually help to improve functionality.

Each section begins with a brief explanation of what is in the section, followed by a list of subsection headers, each of which corresponds to a setting or group of settings. Each subsection includes a brief explanation of what the countermeasure does, and includes the following three additional subsections:

• Vulnerability. Explains how an attacker might exploit a feature or its configuration.
• Countermeasure. Explains how to implement the countermeasure.
• Potential impact. Explains the possible negative consequences of countermeasure implementation.

Section Overviews

This guide consists of seven sections that provide a reference to the settings that you should consider while planning the security policy for your organization.

Domain Level Account Policies discusses the Group Policy settings that are applied at the domain level: password policies, account lockout policies, and Kerberos authentication protocol policies. Collectively, these policies are referred to as account policies.

Audit Policy discusses the use of audit policies to monitor and enforce your security measures. It describes the various settings and provides examples of how audit information is modified when the settings are changed.

User Rights discusses the various logon rights and privileges that are provided by the Windows operating systems and provides guidance about which accounts should be assigned these rights.

Security Options discusses the security settings for digital data signatures, Administrator and Guest account names, access to floppy disk and CD-ROM drives, driver installation behavior, and logon prompts.

Event Log discusses how to configure the settings that relate to the various event logs on computers running Windows Server 2003 or Windows Vista.

System Services describes the services that are included withWindows Vista and Windows Server 2003. Many of these services are configured to run by default, but others are not present unless you install specific components.

Software Restriction Policies provides a brief overview of the software restriction policy mechanism used in Windows Vista and Windows Server 2003. It provides links to additional resources about how to design and use software restriction policies.

Additional System Countermeasures describes a number of additional security measures that may need to be applied to your computers. However, these countermeasures cannot be easily applied through Group Policy or other automated means. These countermeasures include securing accounts on member servers, NTFS settings, data and application segmentation, SNMP community name settings, disabling NetBIOS bindings, Terminal Services configuration, Dr. Watson, and IPsec policies. A short overview on Windows Firewall is also provided along with a pointer to more extensive guidance on Windows Firewall that you should review if your organizational security policy includes Windows Firewall settings.

Additional Registry Entries provides information about additional registry entries that should be considered in configuring your overall security policy.

Additional Resources provides links to additional information sources about Windows security subjects from Microsoft that you may find useful.

If you have any need to find out what your computer is really doing under the hood, you know that Process Monitor is the tool.  Today, Process Monitor 2.0 was released.  From the Sysinternals blog:

This major update to Process Monitor adds real-time TCP and UDP monitoring to its existing process, thread, DLL, file system and registry monitoring. You can now see the TCP and UDP activity processes performed, including the operation (e.g. connect, send, receive), local and remote IP addresses and DNS names, and operation transfer lengths. On Windows Vista, Process Monitor also collects thread stacks for network operations.

Download here: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

As before, Process Monitor includes:

• Monitoring of process and thread startup and exit, including exit status codes
• Monitoring of image (DLL and kernel-mode device driver) loads
• More data captured for operation input and output parameters
• Non-destructive filters allow you to set filters without losing data
• Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an operation
• Reliable capture of process details, including image path, command line, user and session ID
• Configurable and moveable columns for any event property
• Filters can be set for any data field, including fields not configured as columns
• Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data
• Process tree tool shows relationship of all processes referenced in a trace
• Native log format preserves all data for loading in a different Process Monitor instance
• Process tooltip for easy viewing of process image information
• Detail tooltip allows convenient access to formatted data that doesn't fit in the column
• Cancellable search
• Boot time logging of all operations

And now, for some screenshots to whet your appetite.