DonatShell
Server IP : 180.180.241.3  /  Your IP : 216.73.216.252
Web Server : Microsoft-IIS/7.5
System : Windows NT NETWORK-NHRC 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586
User : IUSR ( 0)
PHP Version : 5.3.28
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Windows/Help/Windows/en-US/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /Windows/Help/Windows/en-US/security_start.h1s
MZ@PEL!@0@.rsrc@@.its @@0	HX||4VS_VERSION_INFOStringFileInfo040904b0b!FileVersion1.00.00                         l"FileDescriptionCompiled Microsoft Help 2.0 TitleBFileStampD12A059501CA041F4JCompilerVersion2.5.71210.08579VCompileDate2009-07-14T01:10:03      >TopicCount3I000000000000ALegalCopyright 2005 Microsoft Corporation. All rights reserved.CCCCCCCCCCCCCDVarFileInfo$Translation	ti*6sITOLITLS(X쌡^
V`   x )CAOLPHHC ITSF #g,	-Y쌡^
VY쌡^
VIFCMAOLL)IFCM AOLL//$FXFtiAttribute//$FXFtiAttribute/BTREE_/$FXFtiAttribute/DATA/$FXFtiAttribute/PROPERTYwN/$FXFtiMain//$FXFtiMain/BTREEy/$FXFtiMain/DATA/$FXFtiMain/PROPERTYN/$Index/$ATTRNAMEe\/$Index/$PROPBAG/$Index/$STRINGS	>/$Index/$SYSTEM'j
/$Index/$TOC//$Index/$TOC/$Security_Startn/$Index/$TOPICATTRE /$Index/$TOPICSg@/$Index/$URLSTRG/$Index/$URLTBLO/$Index/$VTAIDXAH/$Index/AssetId//$Index/AssetId/$LEAVES		/$OBJINSTn/assets/0/assets/900e86c2-f159-4465-8090-14ead9c291f7.xmltb/security_start.h1cV9/Security_Start.H1FC/Security_Start.H1T+s/Security_Start.H1VRY/Security_Start_AssetId.H1Kk/Security_Start_BestBet.H1K	k/Security_Start_LinkTerm.H1Ktl/Security_Start_SubjectTerm.H1K`o::DataSpace/NameList<(::DataSpace/Storage/MSCompressed/ContentO,,::DataSpace/Storage/MSCompressed/ControlDataT )::DataSpace/Storage/MSCompressed/SpanInfoL/::DataSpace/Storage/MSCompressed/Transform/List<_::DataSpace/Storage/MSCompressed/Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/InstanceData/i::DataSpace/Storage/MSCompressed/Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/InstanceData/ResetTable{H3::Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/GUp)UncompressedMSCompressedFX쌡^
VLZXCHH<maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Security Information for the IT Professional</maml:title><maml:introduction>
<maml:para>The security features available in the Windows 7 and Windows Server 2008 R2 operating systems allow you to implement and manage important security elements in your IT infrastructure.</maml:para>

<maml:para>In the following sections, learn about some of the security features available to you, how to access those features, and how to use them to manage specific aspects of your overall security design. For other security features, perform another search through Help and Support, or search the Microsoft TechNet Web site (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130210</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130210"></maml:uri></maml:navigationLink>). </maml:para>

<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Access control</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_AC"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>ActiveX Installer Service</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_axis"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Authentication</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_authn"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Authorization Manager</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_AM"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>BitLocker Drive Encryption</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_BDE"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Encrypting File System</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_EFS"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Logon</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_Logon"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Managed service accounts</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_ManagedAccounts"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Passwords</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_Passwords"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Security auditing</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_SA"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Security configuration and analysis</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_SC"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Security Configuration Wizard</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_SCW"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Security policy settings</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_SecPolSet"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Security templates</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_SecTmpl"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Smart cards</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_SCS"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Trusted Platform Module Management</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_TPM"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Virtual accounts</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_VirtualAccounts"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Windows Sysinternals</maml:linkText><maml:uri href="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7#BKMK_SysInternals"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list>

<maml:para>Each server role in Windows Server 2008 R2 requires specific security configurations, depending upon your deployment scenario and infrastructure requirements. The documentation that supports each server role contains security configuration information and other security considerations. Using Server Manager, you can view a complete list of available server roles included with Windows Server 2008 R2. To open Server Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, and then click <maml:ui>Server Manager</maml:ui>.</maml:para>

<maml:para>The most current security documentation for Windows Server 2008 R2 is located in the Windows Server 2008 R2 Technical Library (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=93803</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=93803"></maml:uri></maml:navigationLink>).</maml:para>
<maml:para>The most current security documentation for Windows 7 is located in the Windows 7 Technical Library (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130211</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130211"></maml:uri></maml:navigationLink>).</maml:para></maml:introduction><maml:content><maml:sections><maml:section address="BKMK_AC">
<maml:title>Access control</maml:title><maml:introduction>
<maml:para>Access control is the process of authorizing users, groups, and computers to access objects, for which you can set permissions and grant rights and privileges, on a computer or network. </maml:para>


<maml:para>The following table provides additional information about access control and authorization.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>No changes in functionality from Windows Vista.</maml:para></maml:entry>
<maml:entry><maml:para>No changes in functionality from Windows Server 2008.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>To administer access control on the local computer, you must be an administrator on that computer or have the appropriate rights to the object.</maml:para></maml:entry>
<maml:entry><maml:para>To administer authorization and access control across the domain, you must be a domain administrator for that domain. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing access control</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required.</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required. However, to administer them across a domain, you need to install and configure the Active Directory Domain Services (AD DS) server role and the Group Policy Management Console (GPMC).</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with access control</maml:para></maml:entry>
<maml:entry><maml:para>To administer access control on the local computer, you must be an administrator on that computer or have the appropriate rights to the object.</maml:para></maml:entry>
<maml:entry><maml:para>To administer authorization and access control across the domain, you must be a domain administrator for that domain, and you must install and configure the AD DS server role and the GPMC. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references</maml:para></maml:entry>
<maml:entry><maml:para>For more information about configuring access control settings on computer objects, open the Access Control User Interface help (Aclui.chm), or press F1 from the <maml:ui>Security</maml:ui> tab on the <maml:ui>Properties</maml:ui> dialog box of any computer object.</maml:para></maml:entry>
<maml:entry><maml:para>To learn more about other access control technologies for the enterprise:</maml:para><maml:list class="unordered">
<maml:listItem>
<maml:para>AD DS: You can view the Help (Domainadmin.chm) on your server. To do this, open the Help file, or open the AD DS Users and Computers snap-in and press F1.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Group Policy: You can view the Help (Gpmc.chm or Gpedit.chm) on your server. To do this, open the Help files, or install and open the Local Group Policy Editor or the GPMC and press F1.</maml:para>
</maml:listItem>


</maml:list><maml:para>For more information about access control and authorization, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130213</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130213"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>
</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_axis">
<maml:title>ActiveX Installer Service</maml:title><maml:introduction>
<maml:para>The ActiveX Installer Service allows the system administrator to establish a security policy for standard users to regulate the installation of ActiveX controls on each computer in the enterprise. </maml:para>
<maml:para>When a standard user uses a supported Web browser to browse to a site that requires the user to install an ActiveX control, the ActiveX Installer Service checks whether the host URL requesting the ActiveX control installation is approved in Group Policy. If the host URL is approved, the service installs the ActiveX control for the standard user, and the user does not have to provide administrator credentials or approval. If the host URL is not approved, the default ActiveX control setting is used and the user is required to provide administrator credentials or approval.</maml:para>

<maml:para>The following table provides additional information about the ActiveX Installer Service, which is not available on Windows Server 2008 R2.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>The ActiveX Installer Service supports installing ActiveX controls from specific trusted domains as set by the system administrator and deployed through Group Policy.</maml:para></maml:entry>
</maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Not all Web browsers support the ActiveX Installer Service. </maml:para></maml:entry>
</maml:row>

<maml:row><maml:entry><maml:para>Installing the ActiveX Installer Service</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required. The ActiveX Installer Service can be enabled through Control Panel by using the <maml:ui>Windows Features</maml:ui> dialog box. </maml:para></maml:entry>
</maml:row>

<maml:row><maml:entry><maml:para>Managing security with the ActiveX Installer Service</maml:para></maml:entry>
<maml:entry><maml:para>Use the GPMC to configure the service settings with an administrative template in Group Policy. The administrative template consists of a list of approved installation sites, which the ActiveX Installer Service uses to determine whether an ActiveX control can be installed.</maml:para></maml:entry>
</maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>For more information about the ActiveX Installer Service, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130290</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130290"></maml:uri></maml:navigationLink>.</maml:para></maml:entry>
</maml:row>


</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_authn">
<maml:title>Authentication</maml:title><maml:introduction>
<maml:para>The Windows operating system implements a set of authentication protocols and packages, including Kerberos, NTLM, Transport Layer Security/Secure Sockets Layer (TLS/SSL), Digest, Negotiate, and the Credential Security Service Provider (CredSSP), as part of an extensible architecture. These protocols and authentication packages enable the authentication of users, computers, and services; the authentication process, in turn, enables authorized users and services to access resources in a secure manner. </maml:para>

<maml:para>The following table provides additional information about authentication.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>To strengthen Windows authentication in support of new features, the following improvements have been made: the ability to reduce NTLM usage, additional Kerberos encryption support, Windows Vault to support the Credential Manager, additional Advanced Encryption Standard (AES) cryptography support, Suite B compliance, authenticated access to enhanced storage devices, and smart card credential enhancements. For more information, see  <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130237</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130237"></maml:uri></maml:navigationLink>.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Different versions of Windows client and server operating systems support different forms and strengths of authentication protocols. </maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing authentication protocols</maml:para></maml:entry>
<maml:entry><maml:para>Windows authentication is a built-in feature of all Windows operating systems. Authentication protocols and packages are core components of the authentication architecture.</maml:para></maml:entry>
<maml:entry><maml:para>Configuration is essential to achieve the most effective authentication scheme for your network and for each server role.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security for authentication</maml:para></maml:entry>
<maml:entry><maml:para>Local security policies relevant to authentication can be configured through the Local Security Policy snap-in of the MMC under <maml:phrase>Security Settings\Local Policies\Security Options</maml:phrase>. </maml:para><maml:para>Authentication strength for Web communication can be set in your Web browser, if supported. </maml:para></maml:entry>
<maml:entry><maml:para>For configuration and management information about Windows authentication core services and features, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130238</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130238"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry><maml:entry><maml:para>For additional information, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130238</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130238"></maml:uri></maml:navigationLink>. </maml:para></maml:entry><maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>






</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_AM">
<maml:title>Authorization Manager</maml:title><maml:introduction>
<maml:para>Authorization Manager is a role-based management tool that can be used to control access to resources by assigning users to roles. It gives you a central place to manage and track what permissions have been granted to each role, and therefore to manage and track each user included in that role. </maml:para>
<maml:para>The following table provides additional information about Authorization Manager.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>No changes in functionality from Windows Vista.</maml:para></maml:entry>
<maml:entry><maml:para>No changes in functionality from Windows Server 2008.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>There are no operational differences in Authorization Manager between x86-based computers and x64-based computers.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing Authorization Manager</maml:para></maml:entry>
<maml:entry><maml:para>You install Authorization Manager by using the MMC and developing or establishing a connection to your authorization store.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with Authorization Manager</maml:para></maml:entry>
<maml:entry><maml:para>As an Authorization Manager administrator, you can provide effective access to network and computer resources from Windows 7 by assigning users to roles and managing what permissions have been granted to each role.</maml:para></maml:entry>
<maml:entry><maml:para>As an Authorization Manager administrator, you can provide effective access to network and computer resources from Windows Server 2008 R2 by assigning users to roles and managing what permissions have been granted to each role. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references</maml:para></maml:entry>
<maml:entry>
<maml:para>On this computer, open the file Authm.chm, or open the Authorization Manager snap-in and press F1 for detailed information.</maml:para>
</maml:entry>
<maml:entry>
<maml:para>On this computer, open the file Authm.chm, or open the Authorization Manager snap-in and press F1 for detailed information.</maml:para>
<maml:para>For more information about Authorization Manager, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130241</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130241"></maml:uri></maml:navigationLink>. </maml:para></maml:entry></maml:row>


</maml:table>



</maml:introduction></maml:section><maml:section address="BKMK_BDE">
<maml:title>BitLocker Drive Encryption</maml:title><maml:introduction>
<maml:para>BitLocker Drive Encryption is a data protection feature available in Windows Server 2008 R2 and in some editions of Windows 7. BitLocker enhances data protection by combining full drive encryption with integrity checking of boot components.</maml:para>

<maml:para>The following table provides additional information about BitLocker.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>The introduction of a key protector based on a certificate issued by a certification authority (CA) allows you to create and unlock the following:
</maml:para><maml:list class="unordered">
<maml:listItem><maml:para>BitLocker data volume via the key protector based on a CA-issued certificate.</maml:para></maml:listItem>
<maml:listItem><maml:para>BitLocker key protector based on a smart card–stored certificate.</maml:para></maml:listItem>
<maml:listItem><maml:para>BitLocker key protector based on a self-signed certificate.</maml:para></maml:listItem>
<maml:listItem><maml:para>BitLocker key protector based on Windows Live ID.</maml:para></maml:listItem>
</maml:list><maml:para>You can encrypt your removable media by opening Windows Explorer, right-clicking on the drive, and selecting <maml:ui>Turn On BitLocker</maml:ui>.</maml:para><maml:para>New Group Policy settings provide functionality to:</maml:para><maml:list class="unordered">
<maml:listItem><maml:para>Require all removable drives be BitLocker-protected before data can be saved on them.</maml:para></maml:listItem>
<maml:listItem><maml:para>Require or disallow specific methods for unlocking BitLocker-protected drives.</maml:para></maml:listItem>
<maml:listItem><maml:para>Configure methods to recover data from BitLocker-protected drives if the user's unlock credentials are not available.</maml:para></maml:listItem></maml:list><maml:para>For additional information about changes in features and functionality for BitLocker, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130248</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130248"></maml:uri></maml:navigationLink>.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para><maml:para>For additional information about changes in features and functionality for BitLocker, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130249</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130249"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>The following are requirements for using BitLocker on a computer running Windows 7:</maml:para>
<maml:list class="unordered">
<maml:listItem>
<maml:para>An operational Trusted Platform Module (TPM) microchip, version 1.2, or a removable USB device.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>A Trusted Computing Group (TCG)-compliant BIOS.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Two NTFS drive partitions, one for the system volume and one for the operating system volume.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>A BIOS setting that starts the computer from the hard disk drive first, not the USB or CD drives.</maml:para>
</maml:listItem>
<maml:listItem>
<maml:para>To use certificate-based key protectors, Active Directory Certificate Services (AD CS) must be deployed in your environment.</maml:para>
</maml:listItem>
</maml:list>
</maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing BitLocker</maml:para></maml:entry>
<maml:entry><maml:para>BitLocker is installed by default. To enable Bitlocker for this computer, click <maml:ui>Security</maml:ui> in Control Panel, and then select <maml:ui>BitLocker Drive Encryption</maml:ui>. The computer must be restarted to complete the process.</maml:para></maml:entry>
<maml:entry><maml:para>BitLocker is installed by default. To enable BitLocker for this server, run the Add Features Wizard in Server Manager. To open Server Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, and then click <maml:ui>Server Manager</maml:ui>. The computer must be restarted to complete the process.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with BitLocker</maml:para></maml:entry>
<maml:entry>
<maml:para>With TPM, add the TPM Management snap-in to the MMC.</maml:para>

<maml:para>Without TPM, a removable USB startup key is required.</maml:para><maml:para>Group Policy settings have been extended to include configurable options for removable data drives as well as fixed data drives, and most have separate settings to be applied to operating system drives, fixed drives, and removable drives as appropriate. BitLocker Group Policy settings can be viewed by using either the Local Group Policy Editor or the GPMC. Group Policy settings for BitLocker that are applied globally are located in <maml:ui>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption</maml:ui>. Subfolders for fixed data drives, operating system drives, and removable drives support configuration of policy settings specific to those drives.</maml:para>
</maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para>

</maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>For more information about BitLocker Drive Encryption, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=130248</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=130248"></maml:uri></maml:navigationLink>.</maml:para></maml:entry>
<maml:entry><maml:para>For more information about BitLocker Drive Encryption, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=130249</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=130249"></maml:uri></maml:navigationLink>.</maml:para><maml:para>To learn more about BitLocker when used with TPM, you can view the Help on your server. To do this, open the TPM Management snap-in, and press F1.</maml:para></maml:entry></maml:row>
</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_EFS">
<maml:title>Encrypting File System</maml:title><maml:introduction>
<maml:para>Encrypting File System (EFS) provides the core file encryption technology used to store encrypted files on NTFS file system volumes. Because EFS is integrated with the file system, it is particularly useful for protecting data on computers that may be vulnerable to access by other users. Once you encrypt a file or folder, you work with the encrypted file or folder just as you do with any other files and folders.</maml:para>

<maml:para>The following table provides additional information about EFS.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>FIPS-compliant EFS has been strengthened to include Suite B cryptographic standards while compatibility with FIPS-compliant systems has been preserved. </maml:para><maml:para>For additional information about changes in features and functionality for EFS, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130252</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130252"></maml:uri></maml:navigationLink>.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para><maml:para>For additional information about changes in features and functionality for EFS, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130253</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130253"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>There are no operational differences in EFS between x86-based computers and x64-based computers.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing EFS</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry>
</maml:row>

<maml:row><maml:entry><maml:para>Managing security with EFS</maml:para></maml:entry>
<maml:entry><maml:para>To use EFS, open Windows Explorer, and right-click the file or folder that you want to encrypt. Click <maml:ui>Properties</maml:ui>. On the <maml:ui>General</maml:ui> tab, click <maml:ui>Advanced</maml:ui>. Select the <maml:ui>Encrypt contents to secure data</maml:ui> check box, and then click <maml:ui>OK</maml:ui>. Additional encryption options are available. </maml:para><maml:para>You can also use the Cipher command-line tool to display or change the encryption of folders and files on NTFS partitions.</maml:para></maml:entry>
<maml:entry><maml:para>You can manage EFS by using Group Policy or the Encrypting File System wizard.</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para>To view the EFS policies that are defined, open the Local Security Policy snap-in (Secpol.msc), and navigate to <maml:phrase>Security Settings\Public Key Policies\Encrypting File System\Properties</maml:phrase>.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>To start the Encrypting File System wizard, open Control Panel, and double-click <maml:ui>User Accounts</maml:ui>. Under <maml:ui>Tasks</maml:ui>, click <maml:ui>Manage your file encryption certificates</maml:ui>.</maml:para>
</maml:listItem>
</maml:list>

<maml:para>To use EFS, open Windows Explorer, and right-click the file or folder that you want to encrypt. Click <maml:ui>Properties</maml:ui>. On the <maml:ui>General</maml:ui> tab, click <maml:ui>Advanced</maml:ui>. Select the <maml:ui>Encrypt contents to secure data</maml:ui> check box, and then click <maml:ui>OK</maml:ui>. Additional encryption options are available. </maml:para>

<maml:para>You can also use the Cipher command-line tool to display or change the encryption of folders and files on NTFS partitions.</maml:para>

</maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references</maml:para></maml:entry>
<maml:entry><maml:para>Command-line Help (/?) is available for Cipher. </maml:para></maml:entry>
<maml:entry><maml:para>For more information about EFS, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=130253</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=130253"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>
</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_Logon">
<maml:title>Logon</maml:title><maml:introduction>
<maml:para>Logon technologies provide access to Windows resources through the management of user or services credentials. Logon technologies include network logon (Net Logon), domain logon, Windows logon (Winlogon or local logon), and logon scripts. Logon is coupled with various forms of authentication such as smart cards and passwords, pass phrases, and personal identification numbers (PINs).</maml:para>

<maml:para>The following table provides additional information about logon technologies in Windows.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>Credential Manager permits computer users to link their Windows account to online IDs and store that credential information in the Windows Vault. This allows Windows to recall the stored credentials for access to resources.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>The ability to link online IDs with Windows logon accounts is not available for Windows operating systems earlier than Windows 7.</maml:para><maml:para>There are no operational differences in logon technologies between x86-based computers and x64-based computers.</maml:para></maml:entry>
<maml:entry><maml:para>There are no operational differences in logon technologies between x86-based computers and x64-based computers.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing Windows logon technologies</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with Windows logon technologies</maml:para></maml:entry>
<maml:entry><maml:para>Logon configurations, including the use of customized logon scripts and smart card logon, can be set through the Local Group Policy Editor. </maml:para><maml:para>Credential Manager allows a user to link online IDs with a local or domain Windows account and can be configured through <maml:ui>User Accounts</maml:ui> in Control Panel.</maml:para></maml:entry>
<maml:entry><maml:para>Logon configurations, including the use of customized logon scripts and smart card logon, can be set through security policies. </maml:para><maml:para>Group Policy can be used to control credential management, logon appearance, and behavior. The <maml:ui>Network access: Do not allow storage of credentials or .NET Passports for network authentication</maml:ui> security policy setting now applies to Credential Manager and the Windows Vault and not Stored User Names and Passwords.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references</maml:para></maml:entry>
<maml:entry><maml:para>Help for user accounts and Credential Manager is available through Help and Support or from <maml:ui>User Accounts</maml:ui> in Control Panel.</maml:para></maml:entry>
<maml:entry><maml:para>For more information about Windows logon technologies, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130255</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130255"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>
</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_ManagedAccounts">
<maml:title>Managed service accounts</maml:title><maml:introduction>
<maml:para>Managed service accounts are domain accounts that offer automatic password management and simplified SPN management. Managed service accounts provide crucial applications such as SQL Server or Exchange with the isolation of their own accounts. This eliminates the need for an administrator to manually administer the service principal name (SPN) and credentials for these accounts, thereby enhancing security with little or no additional management.</maml:para>


<maml:para>The following table provides additional information about managed service accounts.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>The managed service account is a new type of account that provides applications such as SQL Server or Exchange with:
</maml:para><maml:list class="unordered"><maml:listItem><maml:para>Automatic password management, which can better isolate these services from other services on the computer.</maml:para></maml:listItem><maml:listItem><maml:para>Simplified SPN management, which allows service administrators to set SPNs on these accounts. In addition, SPN management can be delegated to other administrators.</maml:para></maml:listItem></maml:list></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Managed service accounts are supported only on client computers running Windows 7.</maml:para></maml:entry>
<maml:entry><maml:para>Windows Server 2008 R2 domains provide native support for both automatic password management and SPN management for managed service accounts. If the domain is running in Windows Server 2003 mode or Windows Server 2008 mode, additional configuration steps will be needed to support managed service accounts. This means that if the domain controller is on a computer running Windows Server 2008 or Windows Server 2003 and the Active Directory schema has been upgraded to support this feature, managed service accounts can be used and service account passwords will be managed automatically. However, the domain administrator using these server operating systems will still need to manually configure SPN data for managed service accounts.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing managed service accounts</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required.</maml:para></maml:entry>
<maml:entry><maml:para>You must first install AD DS on a computer running Windows Server 2008 R2 and then perform additional configuration on the domain controllers.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with managed service accounts</maml:para></maml:entry>
<maml:entry><maml:para>You can use Windows PowerShell to manage service accounts in AD DS.</maml:para></maml:entry>
<maml:entry><maml:para>You can use Windows PowerShell to manage service accounts in AD DS.</maml:para><maml:para>To use managed service accounts in Windows Server 2008, Windows Server 2003, or mixed-mode domain environments, the following schema changes must be applied:
</maml:para><maml:list class="unordered">
<maml:listItem><maml:para>The service account schema must be applied at the forest level.</maml:para></maml:listItem>
<maml:listItem><maml:para>The schema must be changed at the domain level to create the default Managed Service Account container.</maml:para></maml:listItem></maml:list><maml:para>For more information about managed service accounts, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130214</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130214"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>For information about user accounts and local groups: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Open <maml:ui>User Accounts</maml:ui> from Control Panel, and press F1 to view Help topics.</maml:para></maml:listItem>
<maml:listItem><maml:para>Add the Local Users and Groups snap-in to the Microsoft Management Console (MMC), and press F1 for Help (Lug.chm).</maml:para></maml:listItem></maml:list>
</maml:entry><maml:entry><maml:para>For more information about managing service accounts with PowerShell, see Managed Service Accounts (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=143864</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=143864"></maml:uri></maml:navigationLink>).</maml:para><maml:para>For more information about managed service accounts, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130214</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130214"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>
</maml:table></maml:introduction></maml:section><maml:section address="BKMK_Passwords">
<maml:title>Passwords</maml:title><maml:introduction>
<maml:para>Windows passwords are designed to be a form of secret authentication data used to control access to resources in a Windows environment. Password policies are set by the administrator of the computer or domain and affect password expiration, complexity, and length limits. Windows passwords can contain numerals, uppercase and lowercase letters, special characters, and spaces.</maml:para>

<maml:para>The following table provides additional information about passwords.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>No changes in functionality from Windows Vista.</maml:para></maml:entry>
<maml:entry><maml:para>No changes in functionality from Windows Server 2008.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>There are no operational differences in passwords between x86-based computers and x64-based computers.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing passwords</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with passwords</maml:para></maml:entry>
<maml:entry><maml:para>You can create and reset passwords by using CTRL+ALT+DELETE or through <maml:ui>User Accounts</maml:ui> in Control Panel. </maml:para><maml:para>Use the Local Security Policy snap-in from the MMC to manage password policy settings: enforce a password history, maximum and minimum age, minimum length, use of complexity rules, and store passwords using reversible encryption.</maml:para></maml:entry>
<maml:entry><maml:para>Group Policy is used to set and maintain password security policies, and AD DS is used to maintain domain passwords.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>Use Control Panel search to view administrative help for passwords.</maml:para></maml:entry>
<maml:entry><maml:para>For more information about password management, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130257</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130257"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>
</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_SA">
<maml:title>Security auditing</maml:title><maml:introduction>
<maml:para>Security auditing is a means to track security-related events on a computer or computer system by logging specified events. Security auditing helps you to monitor the creation or modification of objects, gives you a way to track potential security problems, helps to ensure user accountability, and provides evidence in the event of a security breach.</maml:para>

<maml:para>The following table provides additional information about Windows security auditing.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>"Reason for access" reporting provides the privileges on which the decision to allow or deny access to the object was based.  </maml:para>

<maml:para>Global system access control lists (SACLs) can be applied to the file system or registry for an entire computer.</maml:para>

<maml:para>There are 53 new advanced audit policy settings that allow administrators to more specifically target the types of activities they want to audit and eliminate the unnecessary auditing activities that can make audit logs difficult to manage and decipher.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Support for "reason for access" reporting, global SACLs, and advanced auditing policy settings is available on computers running Windows 7 and Windows Vista.</maml:para><maml:para>There are no operational differences in security auditing between x86-based computers and x64-based computers.</maml:para></maml:entry>
<maml:entry><maml:para>Support for "reason for access" reporting, global SACLs, and advanced auditing policy settings is available on computers running Windows Server 2008 R2 and Windows Server 2008. </maml:para><maml:para> There are no operational differences in security auditing between x86-based computers and x64-based computers.</maml:para><maml:para>The ability to configure and apply advanced audit policy settings via Group Policy is only available from domain controllers running Windows Server 2008 R2.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing security auditing</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required, but security auditing requires configuration.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with advanced auditing</maml:para></maml:entry>
<maml:entry><maml:para>You can manage the following tasks by using the Local Security Policy snap-in:</maml:para><maml:list class="unordered">
<maml:listItem>
<maml:para>Define or modify auditing policy settings for an event category.</maml:para>
</maml:listItem>
<maml:listItem>
<maml:para>Apply or modify auditing policy settings for a local file or folder.</maml:para></maml:listItem>


</maml:list><maml:para>To set auditing policies on local and domain computer objects, right-click the object, click <maml:ui>Properties</maml:ui>, click the <maml:ui>Security</maml:ui> tab, click <maml:ui>Advanced</maml:ui>, and then click the <maml:ui>Auditing</maml:ui> tab.</maml:para></maml:entry>
<maml:entry><maml:para>In an environment with different Windows operating systems, detailed audit policies are managed through the use of various tools, including Auditpol.exe, scripts, AD DS, and Group Policy. For more information about security auditing, including detailed audit policies, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=93806</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=93806"></maml:uri></maml:navigationLink>.</maml:para>

<maml:para>For more information on configuring and managing Group Policy objects (GPOs), see Group Policy Management Console (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=143867</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=143867"></maml:uri></maml:navigationLink>).     </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry>
<maml:para>Command-line Help (/?) is available for Auditpol. </maml:para>


</maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para><maml:para>For more information about security auditing in an enterprise, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=93806</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=93806"></maml:uri></maml:navigationLink>. </maml:para></maml:entry></maml:row>
</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_SC">
<maml:title>Security configuration and analysis</maml:title><maml:introduction>
<maml:para>You can use the Security Configuration and Analysis snap-in to analyze and configure local computer security. It presents recommendations alongside of current system settings and uses visual flags or remarks to highlight any areas where the current settings do not match the proposed level of security. It offers the ability to resolve any discrepancies that an analysis reveals and allows you to directly configure local system security through the import of security templates.</maml:para>

<maml:para>The following table provides additional information about the Security Configuration and Analysis snap-in.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>No changes in functionality from Windows Vista.</maml:para></maml:entry>
<maml:entry><maml:para>No changes in functionality from Windows Server 2008.</maml:para></maml:entry>
</maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>There are no operational differences in the Security Configuration and Analysis snap-in between x86-based computers and x64-based computers.</maml:para>
<maml:para>Because this snap-in uses the current security template as a basis for analysis, you must install the security template that is correct for your environment.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para>
</maml:entry>

</maml:row>

<maml:row><maml:entry><maml:para>Installing the Security Configuration and Analysis snap-in</maml:para></maml:entry>
<maml:entry><maml:para>From the MMC, add the Security Configuration and Analysis snap-in. </maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with the Security Configuration and Analysis snap-in</maml:para></maml:entry>
<maml:entry><maml:para>Only use Security Configuration and Analysis to configure security areas not affected by Group Policy settings, which will override the local settings. This includes areas such as security on local files and folders, registry keys, and system services.</maml:para><maml:para>Do not use Security Configuration and Analysis when you are configuring security for a domain or an organizational unit. Otherwise, you must configure each client individually. In that case, you can use the Security Templates snap-in to create a template and apply it to the appropriate GPO.</maml:para><maml:para>You can also use the Secedit command-line tool for some management tasks.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>Command-line Help (/?) is available for Secedit.</maml:para><maml:para>For more information about Security Configuration and Analysis, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130259</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130259"></maml:uri></maml:navigationLink>.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para>


</maml:entry></maml:row>


</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_SCW">
<maml:title>Security Configuration Wizard</maml:title><maml:introduction>
<maml:para>The Security Configuration Wizard (SCW) determines the minimum functionality required for a server's role or roles and disables functionality that is not required. </maml:para>
<maml:para>The wizard guides you through the process of creating, editing, applying, or rolling back a security policy based on the selected roles of the server. The security policies that are created with SCW are .xml files that, when applied, configure services, network security, specific registry values, and audit policy.</maml:para>
<maml:para>The following table provides additional information about SCW, which is not available in Windows 7.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>

<maml:entry><maml:para>No changes in functionality from Windows Server 2008.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>

<maml:entry><maml:para>There are no operational differences in SCW between x86-based computers and x64-based computers.</maml:para><maml:para>SCW is used for server security configuration.</maml:para>

<maml:para>All applications that use the Internet Protocol (IP) and ports must be running on the server on which you run SCW.</maml:para>

<maml:para>SCW disables unnecessary services and provides Windows Firewall with Advanced Security support.</maml:para>

<maml:para>SCW does not install or uninstall the components necessary for the server to perform a role. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing SCW</maml:para></maml:entry>

<maml:entry><maml:para>No installation is required.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with SCW</maml:para></maml:entry>

<maml:entry><maml:para>SCW can be run independently from the command line (Scw.exe), from <maml:ui>Administrative Tools</maml:ui>, or from Server Manager. The wizard guides you through the process of creating, editing, applying, or rolling back a security policy based on the selected roles of the server. Additionally, you can configure security policies by using the Scwcmd command-line tool.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>

<maml:entry>
<maml:para>To access Help (Scwhelp.chm) when you run SCW, press F1.</maml:para>
<maml:para>Command-line Help (/?) is available for Scwcmd.</maml:para>
<maml:para>For more information about SCW, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=130260</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=130260"></maml:uri></maml:navigationLink>.</maml:para>

</maml:entry></maml:row>


</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_SecPolSet">
<maml:title>Security policy settings</maml:title><maml:introduction>
<maml:para>A security policy is a combination of security settings that affect the security on a computer. For example, security policy settings can control who accesses your computer, what resources users are authorized to use on your computer, and whether a user or group's actions are recorded in the event log.</maml:para>

<maml:para>The following table provides additional information about security policy settings.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>There are no changes in the way security policies are applied. However, there are changes in the way security policies are configured as well as new security policies for Windows 7 that are applicable to earlier versions of Windows. </maml:para></maml:entry>
<maml:entry><maml:para>There are no changes in the way security policies are applied. However, there are changes in the way security policies are configured as well as new security policies for Windows Server 2008 R2 that are applicable to earlier versions of Windows. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Local security policies are applicable only to the computer on which they are configured.</maml:para><maml:para>There are no operational differences in security policies between x86-based computers and x64-based computers.</maml:para></maml:entry>
<maml:entry><maml:para>Most, but not all, security policy settings are backward compatible. You need to check each policy description to understand the effect of applying that security policy.</maml:para><maml:para>There are no operational differences in security policies between x86-based computers and x64-based computers.
</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing security policies</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required. You can customize existing security policy settings or create new ones.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with security policies</maml:para></maml:entry>
<maml:entry><maml:para>From the MMC, add the Local Group Policy Editor to edit the local GPOs stored on this computer.</maml:para></maml:entry>
<maml:entry><maml:para>Use the GPMC or the Local Group Policy Editor to do the following:</maml:para><maml:list class="unordered">
<maml:listItem><maml:para>Configure existing security policy settings.</maml:para>
</maml:listItem>
<maml:listItem><maml:para>Create new security policy settings.</maml:para>
</maml:listItem>
<maml:listItem><maml:para>Propagate security policy settings.</maml:para></maml:listItem>
</maml:list></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>Security policy settings descriptions are located on the <maml:ui>Explain Text</maml:ui> tab for each setting. 
</maml:para></maml:entry>
<maml:entry><maml:para>Security policy settings descriptions are located on the <maml:ui>Explain Text</maml:ui> tab for each setting. 
</maml:para><maml:para>For more information about security policy management, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130265</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130265"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>

</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_SecTmpl">
<maml:title>Security templates</maml:title><maml:introduction>
<maml:para>You can use the Security Templates snap-in to create security policies for servers deployed in new scenarios and to modify existing policies prior to deployment. With this snap-in, all security settings are available to configure individually. The policy created with a security template can be imported into a GPO to configure multiple servers or to configure a single server by using the Security Configuration and Analysis snap-in.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>There are no default security templates included with Windows 7 or Windows Server 2008 R2.</maml:para></maml:alertSet>

<maml:para>The following table provides additional information about security templates.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>There are no changes or differences in creating or maintaining security templates from Windows Vista.</maml:para></maml:entry>
<maml:entry><maml:para>There are no changes or differences in creating or maintaining security templates from Windows Server 2008.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Security templates can be created by using the Security Templates snap-in and can be applied to this computer.</maml:para></maml:entry>
<maml:entry><maml:para>Security templates can be created by using the Security Templates snap-in, installed by using Group Policy, and applied to either 32-bit or 64-bit Windows operating systems.</maml:para><maml:para>Some security settings within a security template may not be backward compatible with previous versions of Windows.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing security templates</maml:para></maml:entry>
<maml:entry><maml:para>Security templates are installed by using Group Policy and can be viewed by using the MMC.</maml:para></maml:entry>
<maml:entry><maml:para>Security templates are installed by using Group Policy on Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with security templates</maml:para></maml:entry>
<maml:entry><maml:para>Security templates can be created from the MMC by using the Security Templates snap-in and applied to this computer.</maml:para></maml:entry>
<maml:entry><maml:para>For procedural help with the following tasks, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130266</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130266"></maml:uri></maml:navigationLink>.</maml:para><maml:list class="unordered"><maml:listItem><maml:para>Add security templates to the MMC. </maml:para></maml:listItem><maml:listItem><maml:para>Customize a predefined security template.</maml:para></maml:listItem><maml:listItem><maml:para>Define a security template.</maml:para></maml:listItem><maml:listItem><maml:para>Set a new security template path.</maml:para></maml:listItem><maml:listItem><maml:para>Create a Restricted Groups policy in a security template.</maml:para></maml:listItem><maml:listItem><maml:para>Apply a security template to local policy.</maml:para></maml:listItem><maml:listItem><maml:para>Import a security template to a GPO.</maml:para></maml:listItem></maml:list><maml:para>The Security Configuration Wizard is the preferred method for creating and propagating a security profile for Windows Server 2008 R2, Windows Server 2008, and Windows Server 2003 SP1.</maml:para></maml:entry>
</maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>For procedural help, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130266</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130266"></maml:uri></maml:navigationLink>.</maml:para></maml:entry>
<maml:entry><maml:para>For information about using security templates in your server security policy management design, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130268</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130268"></maml:uri></maml:navigationLink>.</maml:para></maml:entry></maml:row>


</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_SCS">
<maml:title>Smart cards</maml:title><maml:introduction>
<maml:para>Smart cards are a tamper-resistant and portable way to provide security solutions for tasks such as client authentication, logging on to domains, code signing, and securing e-mail. </maml:para>

<maml:para>The following table provides additional information about Windows smart card technology.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>Enhanced support for smart card–related Plug-and-Play and the Personal Identity Verification (PIV) standard means that users will be able to use smart cards from vendors who have published their driver that displays the Designed for Windows logo through Windows Update without having to deploy special middleware. Instead, these drivers will be downloaded to the host in the same way as drivers for other devices in Windows.  </maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Smart cards and smart card readers require additional purchase, installation, and administration. </maml:para><maml:para>Enhanced support for smart card–related Plug-and-Play and the PIV standard is only available on computers running Windows 7 or Windows Server 2008 R2.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing smart cards</maml:para></maml:entry>
<maml:entry><maml:para>Smart card reader installation should follow manufacturer instructions. Certificate issuance is required.</maml:para><maml:para> For PIV-compliant smart cards, when inserted into a smart card reader, Windows will first attempt to download the driver from Windows Update. If an appropriate driver is not available from Windows Update, a PIV-compliant mini-driver that is included with the operating system is used for these cards.
</maml:para></maml:entry>

<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with smart cards</maml:para></maml:entry>
<maml:entry><maml:para>Management is handled through certificate enrollment, Group Policy, and management tools provided by your hardware manufacturer.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>For information about Windows implementation of smart cards, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=93851</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=93851"></maml:uri></maml:navigationLink>.</maml:para>

<maml:para>For information about smart card enrollment, see the Certification Authority snap-in Help (Certsvr.chm) through the MMC.</maml:para>

<maml:para>For development information for smart card credential providers for your environment, see the MSDN Library.</maml:para>

</maml:entry><maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry>
</maml:row>




</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_TPM">
<maml:title>Trusted Platform Module Management</maml:title><maml:introduction>
<maml:para>Trusted Platform Module (TPM) Services is a feature that is used to administer the TPM security hardware in a computer. The TPM Services architecture provides the infrastructure for hardware-based security by providing access to and assuring application-level sharing of a TPM. 
</maml:para>

<maml:para>The following table provides additional information about TPM management and administration.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>You can now reset the TPM lockout from within TPM Management.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry>
<maml:para>The following are requirements for using TPM:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para>An operational TPM microchip, version 1.2.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>A Trusted Computing Group (TCG)-compliant BIOS that is operational.</maml:para>
</maml:listItem>
</maml:list>
</maml:entry>
<maml:entry><maml:para>Same as Windows 7. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing TPM</maml:para></maml:entry>
<maml:entry><maml:para>If your computer has an operational TPM microchip, no further installation is required.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing TPM</maml:para></maml:entry>
<maml:entry><maml:para>The TPM Management console is an MMC snap-in that allows the computer administrator to configure and administer TPM Services.
</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7. </maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>The TPM Administration Help (TPMAdmin.chm) can be accessed through the TPM Administration MMC snap-in by pressing F1. For technical information about TPM Administration, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130273</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130273"></maml:uri></maml:navigationLink>. </maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7. </maml:para></maml:entry></maml:row>


</maml:table>
</maml:introduction></maml:section><maml:section address="BKMK_VirtualAccounts">
<maml:title>Virtual accounts</maml:title><maml:introduction>
<maml:para>Virtual accounts are local service accounts that do not require password management.</maml:para>

<maml:para>The following table provides additional information about virtual accounts.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>A virtual account is a new type of local service account that does not require password management. A virtual account is separate from the Local Service, Local System, and Network Service accounts. It uses the computer's account and credentials when it needs network access in a domain environment.
</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Virtual accounts can be used only on computers running Windows 7 or Windows Server 2008 R2.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing these accounts</maml:para></maml:entry>
<maml:entry><maml:para>No installation is required.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para><maml:para>To configure virtual accounts for IIS application pools, the Web Server (IIS) server role must be installed on the server.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with virtual accounts</maml:para></maml:entry>
<maml:entry><maml:para>Open the Services snap-in console from <maml:ui>Administrative Tools</maml:ui> to configure a service to use a virtual account. </maml:para></maml:entry><maml:entry><maml:para>To configure a service to use a virtual account, open the Services snap-in console from <maml:ui>Administrative Tools</maml:ui>.</maml:para><maml:para>To configure an IIS application pool to use a virtual account, open the Internet Information Services (IIS) Manager from <maml:ui>Administrative Tools</maml:ui>.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>For more information about managed service accounts, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130214</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130214"></maml:uri></maml:navigationLink>.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>
</maml:table></maml:introduction></maml:section><maml:section address="BKMK_SysInternals">
<maml:title>Windows Sysinternals</maml:title><maml:introduction>
<maml:para>Windows Sysinternals are downloadable utilities to help you manage, troubleshoot, and diagnose your Windows systems and applications. The security utilities contain configuration and management utilities, including programs to detect rootkits and spyware.</maml:para>

<maml:para>The following table provides additional information about Windows Sysinternals.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row><maml:entry><maml:para>Topics</maml:para></maml:entry><maml:entry><maml:para>Windows 7</maml:para></maml:entry><maml:entry><maml:para>Windows Server 2008 R2</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row><maml:entry><maml:para>Changes in functionality</maml:para></maml:entry>
<maml:entry><maml:para>Windows Sysinternals utilities are updated as needed.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Hardware and software considerations</maml:para></maml:entry>
<maml:entry><maml:para>Utilities can be used on versions of Windows that are specified on the download page.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Installing Windows Sysinternals security utilities</maml:para></maml:entry>
<maml:entry><maml:para>Windows Sysinternals utilities are downloadable and licensed tools. Installation and operating instructions are included with the download.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Managing security with Windows Sysinternals</maml:para></maml:entry>
<maml:entry><maml:para>Each utility has separate operation documentation.</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>

<maml:row><maml:entry><maml:para>Additional references </maml:para></maml:entry>
<maml:entry><maml:para>For all the utilities, documentation, and discussions, see Windows Sysinternals (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=130295</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=130295"></maml:uri></maml:navigationLink>).</maml:para></maml:entry>
<maml:entry><maml:para>Same as Windows 7.</maml:para></maml:entry></maml:row>


</maml:table>
</maml:introduction></maml:section></maml:sections></maml:content></maml:conceptual><?xml version="1.0" encoding="utf-8"?>
<HelpCollection Id="Security_Start" DTDVersion="1.0" FileVersion="" LangId="1033" Copyright="© 2005 Microsoft Corporation. All rights reserved." Title="Security_Start" xmlns="http://schemas.microsoft.com/help/collection/2004/11">
	<CompilerOptions CompileResult="H1S" CreateFullTextIndex="Yes" BreakerId="Microsoft.NLG.en.WordBreaker">
		<IncludeFile File="Security_Start.H1F" />
	</CompilerOptions>
	<TOCDef File="Security_Start.H1T" Id="Security_Start_TOC" />
	<VTopicDef File="Security_Start.H1V" />
	<KeywordIndexDef File="Security_Start_AssetId.H1K" />
	<KeywordIndexDef File="Security_Start_BestBet.H1K" />
	<KeywordIndexDef File="Security_Start_LinkTerm.H1K" />
	<KeywordIndexDef File="Security_Start_SubjectTerm.H1K" />
	<ItemMoniker Name="!DefaultTOC" ProgId="HxDs.HxHierarchy" InitData="AnyString" />
	<ItemMoniker Name="!DefaultFullTextSearch" ProgId="HxDs.HxFullTextSearch" InitData="AnyString" />
	<ItemMoniker Name="!DefaultAssetIdIndex" ProgId="HxDs.HxIndex" InitData="AssetId" />
	<ItemMoniker Name="!DefaultBestBetIndex" ProgId="HxDs.HxIndex" InitData="BestBet" />
	<ItemMoniker Name="!DefaultAssociativeIndex" ProgId="HxDs.HxIndex" InitData="LinkTerm" />
	<ItemMoniker Name="!DefaultKeywordIndex" ProgId="HxDs.HxIndex" InitData="SubjectTerm" />
</HelpCollection><?xml version="1.0" encoding="utf-8"?>
<HelpFileList xmlns="http://schemas.microsoft.com/help/filelist/2004/11">
	<File Url="assets\900e86c2-f159-4465-8090-14ead9c291f7.xml" />
</HelpFileList><?xml version="1.0" encoding="utf-8"?>
<VTopicSet DTDVersion="1.0" xmlns="http://schemas.microsoft.com/help/vtopic/2004/11">
	<Vtopic Url="assets\900e86c2-f159-4465-8090-14ead9c291f7.xml" RLTitle="Security Information for the IT Professional">
		<Attr Name="assetid" Value="900e86c2-f159-4465-8090-14ead9c291f7" />
		<Keyword Index="AssetId" Term="900e86c2-f159-4465-8090-14ead9c291f7" />
		<Keyword Index="AssetId" Term="900e86c2-f159-4465-8090-14ead9c291f71033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1870" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="900e86c2-f159-4465-8090-14ead9c291f7" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
</VTopicSet><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpTOC>
<HelpTOC xmlns="http://schemas.microsoft.com/help/toc/2004/11" DTDVersion="1.0" Id="Security_Start_TOC" FileVersion="" LangId="1033" ParentNodeIcon="Book" PluginStyle="Hierarchical">
	<HelpTOCNode Url="mshelp://windows/?tocid=4f2035b8-de13-48f1-a994-5f1502db6cc5" Title="">
		<HelpTOCNode Url="mshelp://windows/?id=900e86c2-f159-4465-8090-14ead9c291f7" Title="Security Information for the IT Professional" />
	</HelpTOCNode>
</HelpTOC><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="AssetId" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="BestBet" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="LinkTerm" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="SubjectTerm" /> ~y`FEO"U(셮D%"R*UJRQB.U$$]R;QRB$H[;l@D̬
w낽\` Cf¬b$%ilj)dCH`7@.ZH
P2@D	$jNk*3ǽ:ڻ=ώ߹-On5|y7ѩΛ{⼝7y#Oy<ynyלw`{_鼑nGI~B녅Nt
/?Os_~T^)5uao|y߾gĹɀ]넋u9|/yKp`AnsxpϸU۽epq5%q'wߝ7;qqyw!vxo<ww~ײ<8N$G%g۞ͷymrOm#>?壜wrޝUʹco
gғśQ=ǜo<ϜO捾['/iHO;8ң|c_Iw=3y<YNt-GIH~:e_[kukCu߆]׵ފ'_0^[axbQw̖:un]U˼)˚~΍]ϡkH~x}M_yckφM6kk}|k_su6}'lu׭|k~ٽ~ݵo;[6x~ׯz{wk5]28gq&kF\l];_gQ[z]>7:gsk~(]ϻ;@wз}}cFcHN?i^>6V{}cC}cK{~\Q|6߶U[[}gg՝vpܽ[scnp-{םw}>nwuvg₵̞w]xzܾ۹}sn݉^ݪGɹWvrKp^~Tk]MQ/g;9-6|XϾg8#:gg'V|}|^f||n=v/RF::;=R-Rg=vM||ή||ϾԈcg_3S]v+|֩mv;|ީ||}vӝR;xyAlǴ|Aι'wjqwAo\sD>jOwQ}ؖ?w;5wPޑԇU7[~3Ay|;^ñd<1G>}q.<F׏
qxB"-cs߽O6/~syZ3k?YKs_ၼ3~/<w߯⯸o==SJΈ?S:g{JtfQY:OSs=S:guJ\N):_S3:t{JtJuOt\vO|OxY)=:S=S:s=:S:t]O,N靽)yS:3>:SJgvN))ҝ)Y)ҝ);>S:>:CSsK>S:;t&ʧJg|tg|JţJg|teN)yҝ9)ҹS:gvJN);tfmN);t}JtЧJwN)>S:;tuLOΥlN):߼SJgF}tyYS)YҝW)>S:s>:SJg~}t}N)>:S<txJOYҝk)o):SJg\xO
)F<t9ΒtY'q:o8x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^r)/fhGCh

	GChx>
A!h>
EGCph8$|4<?CGh??CGaP>W>


GC04~
CGѰ4~4
GC04T~
CG!4l~
çGhF_>
0ԏ8h4~
êGhh4|>
kGhhf?ZG!h~4
Gáh~>
w<؏!4~
>؏Hhf?ßG!0h(>
DâGh4<"}>
Japh?l@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@x@r'/yG`00``00``00``00``00``00``00``00`e_x5;/^{3/v:pfNU7S9MZIo^6Wÿ
>X:JrN:JpsJ:Jz%8?>CiEMvA#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b																																																																																																																																																																																																																																																														y	LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLcy2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CkwEl8m;]WMG6¸p.\…p\.¸p.\…pոW…p\.¸p.\…p\.Gq7…p᣸¸p.\…p\.d<\ʲp\.¸p.\ꇯG<\βp\.¸p.\…p\.¸p.\ƅH{C펵;h|>}Gr}1uH>0}Ww&'gs}~x߰w#<fAڇn>1x63b &$kSpM\#niiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii۞mV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[Ǹ4M4=Mp4MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM4w?[mVmV[[mVmV[[mVmV[ջmkjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګm~\,>iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii?[[…7\.?jګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګmc\ϋiiiiiiiiiiiiiiiiiiiiiii{)xiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiimiiiiiiiiiiiiiiiiiiiiiiiiiiiiOM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44Mn	㚦iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii,[4MM6~spf^Ӯ+jOpӟ+)>?:?Ϲ5߻Y^v;_Oe{sy/'Ӟ~_U|"75}_Ve{{פ㿄{ͻ멿]EkCFs7~OH)	;n'O4fFn*C/=a:7m
v*(v]/8ϙ;L2+t8|9?v^X]\:9E&83e:QGId1dl)jQ
PzLJeN=e)됚ȒPٻ,nnˋ-KZژLxȪ_Tw=5!p ^(bAQ$ҟ;_)"b?o#c~6^atmТ
񋺡K>h}qdf"tthټ0=<Zi<[iؚHg	 \}
qtωѵ{_,3a)uEqvn1PkVZuo0FE+Nܟ8}kPmB=~I{;ph0Z,umS>nYITmrxZVhuz>giE=s3'PEK;E2rM 9[euIhɁ6aYZkW֠NK)WY6zPJҵ06oZc1
tܳ*[H)Z(qW#Ҹm82!E^߶,s8$d_厥vөoAErkhŜ⢃yx\+ZrzHIgsiK-QLj4U.g/屃eRxb|Q$FϔU4! ҉_zolw:m2-k>j&x_2z:/HlGԑ5{)r6ES%R8՜e"ACjƔ[Lf^_|FH'I&ר+)Rxla-Ւhٗ-ܥU1s<
2B+*9HTHRٶ<u~ʲpR;09&#ߣiv`qX5)A~%uybC!%0sg`(*ŐCz,]D{-'ʃkEhg4daM3Yf1Ì{g'-(P]J
J/[[u'j֙yɈWA&bI"!i@A"#	ϵ&`1&GZ.9JX95/Iڒ1$o^D9Ϋ|gHRFr/W+½Ta<AV\<Ufi_pּ&2d`UG
+ܟkgPVOk NAKNb>D[6tW@׀DY%d+}
2/]DDžrsDIH:𹪝7޼feql|JO/6f;`}"1'QvSP>R`>"JYI/}Jp(Rt܍~9JMoiB2hl5SKE
Eꏼne
	{G*r[lkw^@<	woHHakT*Yi:Rm|QW>3NU2lX%m.AO^I\5a|0njWd喂^5+OR
D-`,=(QĜMK"7"^"EFńviz#LUj(JO
CLG2epxbyC!scŸ`]R5daS=,~*$n(Jm4`C0'ur9AYJC]i0_U,׶iUO(Yͯ9}աpr?Tpǰ[^g)z;<[
|}؛%v@WzzS/YcY-IiXݜvJh?L,DS,mEhuhޏ\&'=ۖW7'w ?%rE6:b(2x}XEVUo)̑8¾&3\ʪ6TU.Ŗ"K5W05%pq
3:8:Jp4Έf-Ȋ֣,KJ2
,
%0	6?Epqjsq1t߲O-mSv9C&K~f&Sتo@*NHd:6G}Mggf$с!6&OCB#
FS/>zxqY˜7zUIag>l	`]$҂jy}f[ι
ƀG	ڊpB`w)?z.'τT^96Nݯ`(PK XNʢ߿/dW_C*U3UW'"}L{4,Ga<B*dWd3(,kf=+}_<zBˆ~1{_U'ͻOI(9#WaiO8zrz> ƫMa&oI9DC
_PؙӁ`[=+/EwA"νLqSְI5%K82'0eD|4!/Jco7	C9Y^vn$#ֵe/qÑg'y=)6n=-EXjXr8 X/mz4n.)(;/0aPCp+S:M¨x#	r@
Õ#NnݫO.akJrI(v;HJ :
ˀVC1a
{1xLpڏ.M3/-S,q
և
šs|QL|Wi^~Ep8E(ٜו9l[TX@:]$СK`)ʨWK<(w,6ưF.Ψ1bؾx/@l'Z\44$}E|S`%/UyiG5ii,K%++5Pڷ	fZeo񭠙<?tWGnHҳIhC<=u`{dΎAM(B-kI'+pVtuѝ0/v%)vI*RH%IzGyy;B낡YtKGUϭKAXCuhzm"TSӰ1w&3-m!LAڱJv]6F&&!DTf3~{»}
Xs0O6:k@Q2$^)R\6YZڽ)%:ƸA5MG1ڑ\zF/У~DXRo^pNeurMUۺ	m< gQ
0ew$mM+/@O%wq*UtK*x…6Ly~m?MxB^}ꆗKRÇtcY곺B<Sv:1%G[=@lDebnI;\ό"e^i3-Aį(UWq(!cT#hKJ<lEY*_pb&"tO8BcrAЮhXt~OW@ՌMM{>P֕[x`Nts,^z$B)=“V`_ҵ°QL4	;%NzZ>r#jt+'nz:&`5_ElES-fV.ZFI.?'~=oPmn<Qqٯ#zwSL:dS5ijʕ#
zWXdlayD.H7|8u5Ȉǣ :Z !U7jSq0a+=0}nS;IjNp!)?2]oن!,ވ4[O]4SYnL;]8~Y$ͻAh2*B j($24Tw|MjԫMb'5{VKb-ܼoJ|Mh;U*YqI6[OK}6ߋPg,nklu/`1z>w]qD
>}zo2	nhfGJEl'nʉ¥20U취45W8Z)x=T}n@eG8P\/3b?K5$CfLY>ӥQTv)xv&9xI[QCj +.iCB:w)Chqe:'	S3Է5pb-~el'jeS?EeyܛF#\70o/ӱoI٫J	G`wE$o҃F':|a$(Mߓ#59K	eٝ/djo漏?Z6TϗbsIEp)ld"L~|7VX?tʼn;dQI(t6>,8>tּ	[l63K%6R	hZ3Ǭ8o=	DQj_fMwCŒ6cB?\ǴmaL3Q?`ǂ&|ʱr+_pɡ*L>rSHGAN*]Nw![-P^@_f^!4J!4 [-%8ZVfƁ|`RS)(YKIɋd0dvPU!$z%;ت886W%I`]3O`00``00`"y@^W ag3OD¥2Jbf=
xLdw?
0:sdHq#&\p^VH,m̴|>>ӧW<bFB.|I@
K"f68ͩdAZ=hYL8ޟj.m\ӠЈO,
	FwJV4PEcTk,o@wk(gl6
͕?l
DVw2&D^2O	^x	GqD[zx3ōc}˃TyI\8☉Jh'LuMJBp=D:nRk&7)#D5W%ƄDMNE{ʼ@;]*$e_b:p
XW_@Oa&β8RJ"NEHEY>[s!4+-954IMl=x)U9G4\>pl߭;^Kx6wT
2%yM!=W|yV0
Bxc_fEs
AG[ߤDI^bv>ѭ Wó9c}4qUHv&Ā.?F8?SLZÍT({~|:f1	7W	l"c4ۉ˽fIhK>#Sͺ<-c 
Ohy2.4,z<U.:ܢWF;aKfN	k03ꎲ?+
G·/E.Qdٕ͉]搾_K]wq"VlqX/]$HKI̾XknFo+k{*/dCIDoLL["/:Y~*D幅/hN8zl}@)1^|FcUF7_$!5(qUb<,ƍo2P[bMJCGH0"E.=,WW2O'q@3"Fݴ;5|QӁi
<֝a|a.G>67$n؁	:_u@ǭef^RP]vajAh)Wlw3s
JāWhq&64Még@k7Am6	4M]rG
=l?`Lh?S-*
o>ijc6G_d%FO?+ԣ^'^@L ›i@I*! =9'	EuvbOɅ{pK::]Xnp1<RRՕ!TY"ewV^ M tlRkuEeEzAшn)&_
׹UQ"FSpUhݝOH0;ARs8
Iy
qQkP/k0K=Q=Kk".67Tf9VQB\1ש(U:Z)WeS?eAצ/%oo.&%p5){meZfuå9N`ix;vp4j
la#Ggs|V@ݧZeo	k+mȂ2*O;S/s1䦵CuP993oqR&2ɼS[/sN8>=<|ֺ9XG#"p'ԏ:3_K'r>|Ҹ!91]gȴj/sv#.T.S;8FCUݎ==[)GoFt&YoN6uۖMZGf&qw@h^:GN;_*<G3]p,v1DAzfd`vP&'4`&rtƂ_5OIJh+BIiѬAݾkک^MՔOYap
܎(SE
VntO_Ʈ$*pJKes ھ]S*`BM~ V’|JF*Nhtv6Q#z#]N(/sAUqJUM"2VGgCyy`7xC3%WOQs]K
.zx64.TqhtW[[`̮$`J6}֜PlV	&pP.<tئh|o348UbȵK~T}cGpfWD%V	0:r=xt]\ª+_sSgc~Ce"<ߖ~䆧+pC3XE9,(#9'qB?5r2ҔX]Bhŏ8faQwbFI'#niW
$fsN{'ni:s5񑲔ev g;w	Wǯ$0KlL2(OLyl4TM3-ZGs30zbc1t4jGpBVҔDžSŠD`鲡1ECX6ģgg
c*	ts`9aU z{q
Z/3Cd+V̽JP.F'L
ܑy9GW<)-v <!}pCi,ȧJCN-0Ӹ1(r?A/2oZvԝSG7wAnΰ}rȾO2a^?'o\ͦחI1|[d~olt3Y
rhSLq׺RkqYƒ2o't^\-բCG/rf1mE	Q	gN1?m`sBF~%Z3q1CKgm38Y]UUO
>v&O:4)_\lB8R7"A38hقc\‚3NBTy21̬,RH-`R.90aak!+ >А(
3HDka;*uZi=1,|HS<>tR7?>Lab2IylOpW©Z-[mJbC/q$Ú"/\es
=6ZVF&ۨD냉ˢ3&)pݛ
3gm+V
ζdkev4QAVX]u+B|R2mpL$`N!*({0pZ7liYŬR鎷NBhoRr̎]`>|{v5O!.TKSZ?<@cQ<1BCŋR7uDuࠨ_ݾ^S_,PD}|`
lt%!ҥɔ1"-%=G7.,YR@j⒰)M7]7Aբ	}]w7gZ#z?9o˝uvahWcfz`ҳ;?AZQH/?-<{C]YT6Fy( FFVc,I` 7g74m]fؑ"x)=#Bj{7^GGWIG>~^8tgA2!}Q`<^E
OfCmud{oC|OGBP]gGmwK.:n_0L~o-FlyU2u=i>ny}%n6̅
~<˺}~.m<͒M	ΒH^;TPGJNdw|O0x:hZb.]Ƴ:9Wjщf{ʖm}q!ǑTPppԊ-s:F\K62oV"pl6ЫWpaqw폦ݐ/=%h+85,G4Y;~Mꬁ6Db_,\d@	_{:^ӊ담tEkS34QȡvvMnLbܒ,*P(nx˟C!?*+'C-??dp_Ew`B^LE in4*jz}[]UqN^㙸mXE-j,ji
'_Le+hþ"kL>C~_		lVB6QLćySr0"Xyz
Umv}SEaa	:[ZvT;kT&kiU	cH??+
zW]WSd9ӴaAS"p+H6!.H芛3-QV(O-ShkpNJ('6jӊдr1PX(l^qK6]5f8
A(҈`J[^"z+^K]MECg޿”
:9EpZ[l}̘<Dm\D&b21M1VVAǗ;j}}H=#$Uq4OKOgvƿȷsv?S[9*W{qwRCE[8STaohb4IƝKpZV˒e!R6G;]/8jڦvS<c	Lbcvbw<d{nq󣆬!Ťrx
hގ-/ߟU^,3oNjR5ud]&ԢH8;Em/L+d0;f‚EZ5N#	!+UaճP%YbT||HJq628҆IӝmBPD,^!9&Rˢf3\)4GQ#xoǡLo+K?Z}tQyTMܮX9	tN<en>?&H<ǀOPNTƦַ*TkD|}7D%{zvQNc[%q\aLt¾씸z‡)CЉ/ǰM_`M7oJFߜbt)%?JqC|׷#V%v;JLuv^;9;^j|vJ7>dDlZcGcu	\7
ҳvbN:Z+K\86;o_#rr1MH8hZ$	լBg-	$7f(ŗvO!,oMfr
i Y8G}r_`*a6,	M2i%%Dk4N/V-*]*-հ۠zwX%x!w;KMj9(ﳫ1r(JxJp=V|zŻsBaA++ƒ"Gɨf_z)jФ҄#~^}+ٚ7MLF/o3>DžT%[2QkeS;[F8/^ݙ6$tD={f$̽Q|ɍ.طE]e]<_qd%	DŽ-2R5K,;0)
TX><{b50Zz|p^>ص|?!_!lt'Y[Q*Ƣ~UM\dFɦVˣ-D0ݢFP)pow[JAgowx!5пc<!EH]sZU'8Z}Qn֠hV{j
A="s2&if
!K*^~tΑͣsvEwQq3Pd8>AM0itNjgRwƸRTǶd(SaN1꯲!G<hN+.ex0ڂ⥵46=R
d+
	O$V)4yoV<,GI`GoN#HA'Ff6Xc"CmmpҨȶxy|>T>)a:4ܚFܟMyl{^z
l/,CAmI#)b	Fבi+<ם8ț5$V'ȑEH4R\*yƊWRn##<ÞpHbR~
Z'
Я՞J,5.+"*z,n7H^=^&1`v0|R9J@i}P9MۯZ="oF]+b^Yo(YcM,K)lױGX>ZUX5ņRaUɨInT3%b\a
OzKsw!
e>bQ,m
qN3D/H;#s3ʏ=ыĭGEHZ"9[~WGh:P
=KE=ҦUc
eXMvL<܇AշeJ[a(xK̹(.`>|oxL	]CrLEuZC(2R-toEZSkZg4_sPAyJ~k݃6?V (7^WzxF,Ez-l]73Jv,DKޑd2.B
196k8;i!@
aԓ[S#D;БqJC,.uEwIzY%;>OS{&kתm=$dCVmO/\0=OAHk}:ݳlހxz7S[G=¸:g>dФr([òԍda	[(a?Y?HdžGMPcC	U6>Ybh>4rC*HY04]Ҁ=M_IiFIxh̻5

0z
ܣ_D|>u\O+{)Qm݂sw$u\	HOP
6{>WG^$r?d0(d$++]
JJƁB3ي+IqcIeIt%[bODC_ʃAsᰂS}?XPg(2
Kw	3
z_ vc`<eMCͱMoaX2Pqs)kx;eu+ N9_C&19Cėgtı%pa:wxw,Ⱥ9Ԙ=^
ùH8!~ݞ[9IY}}i?=:~#-JF
|RUm#yaE߇6-T^B~.\~٨;-0O"ԯܺ
! w/EhLRo~o䐏G}8%tuRQ	 ʫn"ͼg(ƶ P1ΕlbIǶ/[?_ž/aC[jY-U85ƃ_.nΪ̬W5a}[
fwOWVʼ5&JKcXAFd g<OJ2(̘R}58Nq0(Fb\MEk//WEJPd0S"Z8D1FΛI'5YTa}j+~DIS$Q4
Pc"Li9`J62jG	3y0|xi=){>Ej:'f1ȳT.Xar<VnysKh݆gȃKYgs
\bajc?9ˮӕ*\B ޸Гh8!6y3>X"g\h8g*?;%\uYGTqH+t[9]VT,jU(,aZ"ئQl"ǥ%ka߂c)7cn\J‡ͦpk.=uO[„"r%uk`!҂6ĈD4%fNsߓI) Њa$EUJVsT!	tFVYs?'beĻy(SʰM+-*z"ͳ,KOȌRGhS53 Agr$)vk1]X[PuaKubULvvcRfK7mٛg[VVR-AMH!:KGЍ&3V#s83t}VGdBaMNP<?Nt~nK
8/Sߔ_X;<n.K<Bno2i7NSK8/#_A5󶑿"G3n>f6$]+ AOdQ‘I|Yz/k^yJ61io#2O`D:\e{")2Aџ{-4p[we^Tݎ
'=!Ng{=[4UyRZ7$岤5x*(cFLazB<3巴>j7O1DWL56j DG56|?n?4K&39YEXȋ/uy[fY>t`i3vWKX>6Vq\ۛxWM?&h`/3½B#xǛ~[g[`
Be7 P5.( O)Jt
}]wU
k \PiLlFpv /!z'Qpu],V"^GUh(ðތn]_RTw8!Rͤ2IjQzmȳxm	ɯ IVf~>Զgv1%QJIz3
H/?)?䯁aiNC/CZ8|hݞdn#t{٩	QwSIA>ZUla^/|ܪ%;^ssQ1.Ȗ2j .Ʃ]{5
燇\
`Ů*"Ys@r1rAmb0k/֕9Fa``a@QǔQIWJB	xZe8ڧXBq
K8XH5F7g^PDv
vD)J
#CWׄJHش|$Q9Mn{ɌrxࢗQBUpp0%͖jtTmbTk4GH#6#T"7[o</Nk
<7Nm``;S/2U_}{QI,BK
wG9^[A+T]reHS$81d<᜵T`q2Ɨ6b?C0IS"^xM([/h_
0` ?@`040c,I$#ӂrcm C)ń\	S?@D
GCP;+
O'0pԳOŀ,=mk>e?Cr@$B2{
1t#1rg7+:\RA}|_]Qx}bߝDF8ºF
P'yMLOwH ǒb~;H_AC񟹯A`jswjSXxrܩ%@@;wtA;x0ڔçbS&>?oif+TRNX[W;@K_fYD'ޡOX"z˥^׹bǎݛ;e9F
>
FmũZ0*(P`ze)B$|c6r
xř^lT!7N;X1E;?){s篩@ȼGŻeE.%HTEƝ#헲LZ;J8@\/Q}/0``00`g! dNX<Dp@+dޫ۝I1;rК8Z&TTG/:uiS˙T><TF!YeH`:)F+7W?Pdyrw#ʬ]"wEw- B@ԳxOxAbɫHhSF+iD]D3'"͈_Nɋt2$LLBت~iP!dYN0?`Rntf'_KF~L%zĮn?ݍe#	(dPcTTTNci*i'_g󨐦@1(#顤AnX(j415^׃uD	
1ZfH$(jjqՠsx6VwSRNI575=U4Pjr8_n驝PQҒj)J)eG\okt&G$Hu(%;jޓ7dGGsn	
ٹv(P77l}͐{2@OvZ;1
1)=?wPv!	x{#
F1"u10BxVk+x<} ]&;/hn*	>bzRҐrL2׌xo$or53U袡Zwj}4}ḐHS
ihD(jl^k%F~×ұe<K5KI]?QQ^^#%G#7G{PG3&)'p}IMy<^$STR<&m9bxL/fTd%?CƇQ*uE̱9<Ɋ#d|.v%0

1)V?=?O55j73|qi#K|^1_eq0]?9ł"<ͨmsc*pk|xo׿#Ms!K|k3շ}-=G(>}v{A?;k!y~!Qi3ӻ?ɫg]~C쫦&)xP?X'sR5_^xe(:S_/^?_^hRo[CR Xx3V?iM(ŅCt @Ш
@;:8 e/.a7?IGwVH2?/-4y=JQR]GJ9rM@ZS
)A婧vڨs]ui`]{R;<F.@O
Q^B)|&#=N{X4,4}q:uѧ;v&>@e 8]=#Qs{>Y+x ,?!^R^죤訮 	OTlM}%C/=my'!I:p{ј+Pe=ܴq27}.(TBvޏ
myF;uC'y'c!{)غ<wIO)"5ugX?`TdmfZPN<DZK>+_`ERM.UNjG},nz-cXs`ED-^]كqȸkO>~_eIΦiO%DC0BBA
):Jm>DH?Y~`ў(l~V󹐂1C
.


@BYf'6=W"@vق:((0wz|~bZ'	F`Z> hD[WgeqQٗa{ͯwnp>oPjCPo$+0``00``0(\d'"R

Anon7 - 2022
AnonSec Team