Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Designing a Microsoft SharePoint 2010 Infrastructure Vol 1 part 27. This course is intended for IT Professionals who use Microsoft SharePoint 2010 in a team-based, medium-sized to large environment. While they may have implemented a SharePoint deployment, they have limited experience in designing a SharePoint infrastructure. They likely work as a senior administrator who acts as a technical lead over a team of administrators. Members of this audience should have at least 6 months experience with SharePoint 2010. | Designing a Security Plan 5-5 Installation privileges. SharePoint 2010 has its own account that you use to run the initial setup process and the SharePoint Products Configuration Wizard. You should not use your own account or a generic administrative account. This specific SharePoint account must be a local administrator but should not be a domain administrator. Administrator privileges. Administrative privileges should only be granted if these privileges are necessary. Never grant them where they are not specifically required. This applies to domain administrators local administrators site collection administrators and Internet Information Services IIS administrators. Services. Each service relies on a service account. Some services require a separate account that is dedicated to their specific role. You can create a separate account for a particular service to provide isolation for that service. For example you can create a separate account for the Search Crawl Service. This service is often configured to use the service account for the SharePoint farm which grants more privileges than are required. This creates a security risk by exposing confidential information in the search results. By creating a separate account for the Search Crawl Service you mitigate this security risk. Application pools. IIS hosts application pools and they use the application pool account which identifies the application pools. You can isolate applications that host sensitive data by hosting them in their own application pool. MCT USE ONLY. STUDENT USE PROHIBITED 5-6 Designing a Microsoft SharePoint 2010 Infrastructure Security Architecture in SharePoint 2010 Service accounts are typically domain accounts Permission levels group individual permissions to simplify setting security Site collection and site permissions control user access Security groups can be SharePoint Active Directory or local groups Permission policies centrally configure and manage permissions SSL encryption is .