Windows XP Operating System Security Analysis
Abstract
Windows XP, released in October 2001, brought new features to improve the work environment throughout organizations. The purpose of this research is to determine if Windows XP, when used as a workstation operating system in domain- based networks, provides adequate security policy enforcement for organizations. In this research we performed a security analysis of the Windows XP operating system, assessed its vulnerabilities and made recommendations for XP configurations and use as an extension of enterprise network, In order to analyze Windows XP, we set up a Windows 2000 Server based-domain. Windows XP was installed on one of the workstations in the domain. In this lab environment, the security architecture and all new security features of Windows XP have been analyzed. Then we made vulnerability scans to assess the security of Windows XP in three configurations: after clean installation, after applying current patches and updates, and after applying security templates. Windows XP comes with selectable built-in templates. A new security template was created by combining the best of these templates. The new template also contains additional security settings not found in the built-in templates. This study provides recommendations for secure Windows XP configuration in Windows 2000 domains.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 01, 2002
- Accession Number
- ADA407022
Entities
People
- Meftun Goktepe
Organizations
- Naval Postgraduate School