In this chapter you’ll learn how to manage Web server security. Web servers have different security considerations from those of standard Microsoft Windows servers. On a Web server you have two levels of security:
Windows security. At the operating system level, you create user and group accounts, configure access permissions for files and directories, and set policies.
IIS security. At the level of Internet Information Services (IIS), you set content permissions, authentication controls, and operator privileges.
Windows security and IIS security can be completely integrated. The integrated security model allows you to use authentication based on user and group membership as well as standard Internet-based ...