Configuring and Securing IIS
The module "Configuring and Securing IIS" will provide you with the instructions and devices to develop your hands-on skills in the following topics: IIS Setup, IIS Platform Tour, Inetpub Configuration, IIS Configuration and Security Practices.
The module Configuring and Securing IIS will provide you with the instructions and devices to develop your hands-on skills in the following topics.
- IIS Setup
- IIS Platform Tour
- Inetpub Configuration
- IIS Configuration and Security Practices
Lab time: It will take approximately 1 hour to complete this lab.
The following exam objectives are covered in this lab:
- Secure the provisioning of resources
- Understand and apply foundational security operations concepts
- Employ resource protection techniques
Exercise 1 - IIS Setup
We will run through a typical installation of IIS which is usually quite common practice amongst IT teams. We will make a few modifications to the installation defaults along the way but aim to generate an IIS working website.
We are following best practice by not installation to the domain controller and instead making an installation on a domain member. This particular domain member is, in fact, acting under many roles but is a better-suited candidate.
Exercise 2 - IIS Platform Tour
Internet Information Services 8 has quite a few functions built into it automatically, and it’s important to have an understanding of the whole platform. It’s designed to be modular and therefore easy to administer/control changes. It has integration properties for ASP.NET, ASP, PHP. When initially configured, IIS helps to reduce risks by providing a sandbox environment and aims to improve site availability with dynamic caching and compression.
Exercise 3 - Inetpub Configuration
This folder contains all the directories and FTP data that effectively makes up the website as a whole. Knowing the default location to installation is key to security measures as most attackers will assume that default installations have been made on a server and code application to attack those installation paths.
The folder inetpub contains sub-directories for custerr (custom errors), ftproot drives, a general history which holds configuration changes, logs, any require temp, and most importantly the wwwroot folder which holds the main website html.
Exercise 4 - IIS Configuration and Security Practices
We will now begin to follow best practice guidelines and improve the security of the IIS server by changing installation defaults and improving basic security measures.