MCP 70-299 Server Security Admin
Implementing and Administering Security in a Microsoft Windows Server 2003 Network
Exam 70-299
This course will give you the ability to implement, manage, maintain, and troubleshoot security in a Windows Server 2003 network infrastructure and also plan and configure a Windows Server 2003 PKI. When you pass the Implementing and Administering Security in a Microsoft Windows Server 2003 Network exam, you achieve Microsoft Certified Professional (MCP) status. You also earn credit toward the following certifications:
- Core credit toward Microsoft Certified Systems Administrator (MCSA): Security on Microsoft Windows Server 2003 certification
- Core credit toward Microsoft Certified Systems Engineer (MCSE): Security on Microsoft Windows Server 2003 certification
- Elective credit toward Microsoft Certified Systems Engineer (MCSE) on Microsoft Windows Server 2003 certification
- Elective credit toward Microsoft Certified Systems Administrator (MCSA) on Microsoft Windows Server 2003 certification
- Core or elective credit toward Microsoft Certified Systems Engineer on Microsoft Windows 2000 certification
Learning / Exam module:
- MCSA/MCSE Certification - Implementing and Administering Security in a Microsoft Windows Server 2003 Network - Exam 70-299
- Course Duration: 40 hours
Learning Segments:
Course Overview
Module 1 - Authorization and Authentication
Group Strategy
Group Scopes
Built-in Groups
System or Special Groups
Administering Security Groups
Restricted Groups
Demo - Create a Restricted Group Policy
Trusts
Authentication
SID
Demo - Trust Relationship
Resource Access
Authentication - Cont.
Kerberos
Password Security
Tools for Troubleshooting Authentication
Considerations for Evaluating Your Environment
Password Policy
NTLM
Module 1 - Lab
Module 1 - Review
Module 2 - Certification Authorities
PKI and Certification Authorities
Components of a PKI
Accounts That Use PKI-Enabled Applications
PKI Tools
Certification Authorities
CA Hierarchy
Installing a Certification Authority
Demo - Installing a Certification Authority
Managing a Certification Authority
Revoking Certificates
Publishes CRLs
Backing Up and Restoring a Certification Authority
Module 2 - Lab
Module 2 - Review
Module 3 - Certificate Management
Configuring Certificate Templates
Digital Certificates
Digital Certificate Life Cycle
Certificate Templates
Certificate Template Permissions
Updating a Certificate Template
Deploying and Revoking User and Computer Certificates
Managing Certificates
Module 3 - Lab
Key Recovery
File Formats and Tools Used for Exporting Keys
Key Recovery Process
Demo - Keys
Module 3 - Review
Module 4 - Smart Card Certificates
Introduction to Multifactor Authentication
Multifactor Authentication Devices
Applications That Use Smart Cards
Smart Card Network Support
Smart Card Infrastructure
Certification Authority Requirements
Smart Card Certificate Templates
Certificate Enrollment Methods
Managing and Troubleshooting
Demo - Smart Cards
Module 4 - Review
Module 5 - Encrypting File System
What Is EFS?
How EFS Works
Best Practices for Implementing EFS
Self-Signed Certificates
Managing Plaintext Data
EFS in a Domain Environment with a PKI
EFS File Sharing
Moving or Copying Encrypted Files
Managing Remotely Encrypted Files
Module 5 - Lab
Module 5 - Review
Module 6 - Member Server Baseline
Trusted Computing Base
Secure Baseline Elements
Server Configuration
Planning a Secure Member Server
Predefined Security Templates
Security Environments in Windows Server 2003
Storing Security Templates
Administrative Group Design
Additional Security Settings
Demo - Security Templates
Time Synchronization
Security Templates - Part 2
Module 6 - Review
Module 7 - Secure Baselines for Server Roles
Planning and Configuring Domain Controllers
Security Threats to Domain Controllers
Domain Controller Baseline Policy
Active Directory Database and Log files
Ntdsutil.exe
SYSKEY
Security for DNS Servers
Infrastructure Servers
Securing WINS Servers
Demo - DHCP
File and Print Servers
IIS Servers
Configuring IIS Logging
Demo - IIS
Module 7 - Review
Module 8 Secure Client Computer Baseline
Security Templates
Templates for Securing Clients
Administrative and Security Template Differences
Demo - Loopback Policy Processing
Client Computer Baseline
Planning a Software Restriction Policy
Software Restriction Policies
Planning a Software Restriction Policy
Security for Mobile Clients
Demo - Software Restrictions
Module 8 - Review
Module 9 - Software Update Services
Benefits of Software Update Services
Update Management Tools for Applications
SUS Components
Planning an Update Management Strategy
Update Management Life Cycle
Analyzing Network Environment for Status Updates
Demo - MBSA
Installing SUS
Updates Client Configuration
Managing an SUS Server
Demo - SUS Admin
Module 9 - Review
Module 10 - Data Transmission Security
Why Protect Network Data
Threats to Secure Data Transmission
SSL and TLS
Demo - Enabling SSL
Securing Data with PPTP
Server Message Block
Lightweight Directory Access Protocol
IPSec
IPSec Policies
IPSec Implentation
IPSec Functionality
Demo - IPSec Implentation
IPSec Troubleshooting
Tools for Verification
Demo - IPSec Traffic
Module 10 - Review
Module 11 - Wireless Networks
Securing Wireless Networks
How to make your network more secure
Wireless Network Architecture
802.1x Authentication
Hardware Requirements
Best Practices
Secure WLAN Strategy
IAS Configuration
Demo - IAS Installation
Registering Wireless ap as RADIUS Client
Back Up and Export IAS Configuration
IAS Remote Access Policies
Wireless Access Policy
Demo - Wireless Access Policy
Troubleshooting
Module 11 - Review
Module 12 - Perimeter Security with Internet Security
What Is ISA Server?
ISA Server Versions & Benefits
ISA Server Modes
ISA Server Clients
Traffic Control with ISA Server
Installing ISA Server 2000
Pre-Installation Tasks for ISA Server 2000
Demo - ISA Installation
Perimeter Networks
ISA Server Services
Common ISA Server Deployments
Packet Filtering and Routing
Publishing Servers
Securing ISA Server Computers
Best Practices
Module 12 - Review
Module 13 - Securing Remote Access
Remote Access Methods
Threats to Remote Access
Tunneling Protocols
Access Protocols
Connection Manager
Quarantine Service
Demo - Remote Access
Planning a Remote Access Strategy
Components Provided by an ISP
Guidelines for Deploying Remote Access Servers
Data Encryption
Remote Access Connection Conditions
Deploying a VPN Server
Demo - Configure a VPN Server
Quarantine Service Components
Demo - Creating RA policy with Quarantine Properties
Connection Manager Administration Kit
Module 13 - Review