As you’ve seen throughout this book, security features are integrated into many areas of Internet Information Services (IIS) 7.0. In this chapter, you’ll learn how to manage areas of Web server security that we have not yet discussed. Web servers have different security considerations from those of standard Windows Server 2008 configurations. On a Web server, you have three levels of security:
Windows security. At the operating system level, you create user and group accounts, configure access permissions for files and directories, and set policies.
IIS security. At the level of Internet Information Services (IIS), you set content permissions, authentication controls, and delegated privileges.
.NET security ...