Subscribe to Windows IT Pro
March 27, 2008 12:00 AM

Access Denied

Answers to your Windows security questions
Randy Franklin Smith
Windows IT Pro
InstantDoc ID #98102
Rating: (0)

Executive Summary:
It’s dangerous to place a domain controller (DC) at a branch office because if an attacker can physically take over a DC, he can take over all the computers in the domain. Windows Server 2008’s read-only domain controller (RODC) feature can limit the risks associated with placing domain controllers (DCs) at remote sites, but RODCs don’t address all the risks. The combination of BitLocker Drive Encryption and a Trusted Platform Module in Windows Server 2008 can make it difficult for someone to exploit physically vulnerable domain controllers (DCs).

This is Randy Franklin Smith’s last Access Denied column. Watch for Jan De Clercq’s new Windows Gatekeeper Q&A column in the April Security Pro VIP.

Related Content:

ARTICLE TOOLS

Comments
Add A Comment
    There are no comments to display. Be the first one!
You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

Dev Pro Left-Brain SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.