Implementing And Administering Security in a Microsoft Windows 2000 Network
Corso
A Torino
Hai bisogno di un coach per la formazione?
Ti aiuterà a confrontare vari corsi e trovare l'offerta formativa più conveniente.
Descrizione
-
Tipologia
Corso
-
Luogo
Torino
Obiettivo del corso: This five-day instructor-led course provides students with the knowledge and skills required to implement and administer security services on Windows 2000. Rivolto a: Attendees will be current information technology (IT) professionals close to completion of the MCSA, partial or completed MCSE certifications or equivalent experience.
Sedi e date
Luogo
Inizio del corso
Inizio del corso
Opinioni
Materie
- Web master
- Server
- Security
- MCSE
- MCSA
- Active Directory
- Wireless
- Windows
- Networking
- Amministrazione di sistemi
Programma
Implementing and Administering Security in a Microsoft Windows 2000 Network
Elements of this syllabus are subject to change.
This five-day instructor-led course provides students with the knowledge and skills required to implement and administer security services on Windows 2000.
Audience
Attendees will be current information technology (IT) professionals close to completion of the MCSA, partial or completed MCSE certifications or equivalent experience. The students will be in an environment where they are responsible for aspects of security management and deployment associated with their internal network infrastructure and services available from the Internet.
This course is intended for IT professionals who need to design, plan, implement and support a Microsoft Windows 2000 network infrastructure or who plan to take the related Microsoft
Certified Professional exam 70-214, Implementing and Administering Security in a Microsoft Windows 2000 Network.
At Course Completion
After completing this course, students will be able to:
§ Implement Group Policy
§ Create and work with user accounts and security groups
§ Implement account policies and security templates
§ Administer account based security
§ Install and maintain certificate authorities
§ Manage a public key infrastructure (PKI)
§ Secure early versions of Windows clients
§ Configure and troubleshoot IPSec
§ Secure remote access and VPNs
§ Configure wireless security
§ Secure public application servers
§ Secure web services
§ Monitor events and intruder detection
§ Maintain software, service pack and hotfix deployments
Prerequisites
Before attending this course, students must have:
§ Familiarity with Windows 2000 core technologies, such as those described in the following Microsoft Official
Curriculum (MOC) course: o
Course 2152: Implementing Microsoft Windows 2000
Professional and Server
§ Familiarity with Windows 2000 networking technologies, such as those described in the following MOC course: o
Course 2153: Implementing a Microsoft Windows 2000
Network Infrastructure
§ Familiarity with Windows 2000 directory services technologies, such as those described in the following MOC course: o 2154: Implementing and Administering Microsoft Windows 2000 Directory
Services
§ Familiarity with fundamental network security technologies, such as those described in the following MOC course: o 2810: Fundamentals of Network Security or equivalent knowledge
Student Materials
The student kit includes a comprehensive workbook and other necessary materials for this class.
Module 1: Implementing Group Policy
The information in this module explains in detail what Group Policy is and how it works. Group Policy is used to configure user's desktop environments and to deploy applications. Although
Group policy is primarily a centralized configuration tool rather than a security mechanism, administrators need to be familiar with the security implications of Group Policy configuration.
Lessons
§ Active Directory and Group Policy
§ Configuring and Managing Group Policy
§ Using Group Policy to Control User Environments
§ Troubleshooting Group Policy Application
§ Security Limitations of Group Policy
Lab: Implementing Group Policies in Active Directory
After completing this module, students will be able to:
§ Describe and create Active Directory structures.
§ Describe and manage Group Policy.
§ Configure client computer security policies.
§ Troubleshoot
Group Policy application.
§ Describe the security limitations of Group Policy.
Module 2: Creating User Accounts and Security Groups
The information in this module explains how to use local user accounts and security groups to secure access to resources on local computers and how to use domain accounts and security groups to secure access to resources in the domain.
Lessons
§ Creating Local User Accounts and Security Groups
§ Working with Active Directory Domain Accounts and Security Groups
Lab: Creating Users and Security Groups in a Domain
After completing this module, students will be able to:
§ Create and manage user accounts and security groups on local computers.
§ Create and manage user accounts and security groups in a domain.
Module 3: Restricting Accounts, Users, and
Groups
This module builds on the security features introduced in Module 2, "User Accounts and Security Groups". It explains the restrictions applied to users when they log on by the use of account policies configured in Group Policy. It also describes how to manage user rights, how to restrict users to specific security group membership, and how to use security templates to establish a level of security across the network. It discusses what you need to know to manage and deploy security templates and provides information about troubleshooting common problems with them.
Lessons
§ Understanding Account Policies
§ Managing User Rights
§ Controlling Access ThroughRestricted Groups
§ Administering Security Templates
Lab:
Using Security Features in Active Directory to Restrict Users and Groups
After completing this module, students will be able to:
§ Configure and apply account policies.
§ Manage user rights.
§ Control access using restricted groups.
§ Administer security templates.
Module 4: Configuring Account Based
Security
The information in this module explains the use of a user's account credentials and how the permissions secure various types of resources in Windows 2000.
Lessons
§ Managing File System Permissions
§ Implementing Share ServiceSecurity
§ Using Audit Policies
§ Including Registry Security
Lab:
Using Security Templates to Configure Account
Based SecurityAfter completing this module, students will be able to:
§ Manage file system permissions.
§ Implement share service security.
§ Using audit policies.
§ Secure the registry.
Module 5: Managing Certificate Authorities
The information in this module explains the installation and maintenance of certificate authorities and Microsoft Certificate Services.
Lessons
§ Understanding Certificates
§ Installing Windows 2000Certificate Services
§ Maintaining Certificate
Authorities
Lab:
Implementing a PKI
After completing this module, students will be able to:
§ Describe Certificates.
§ Install Windows 2000 Certificate Services.
§ Maintain Certificate Authorities.
Module 6: Managing a Public Key Infrastructure
The information in this module explains the installation and maintenance of certificate authorities and Microsoft Certificate Services.
Lessons
§ Working with ComputerCertificates
§ Deploying User Certificates
§ Using Smart Card Certificates
§ Deploying S/MIME Certificates
Lab:
Using S/MIME Certificates in Windows 2000
After completing this module, students will be able to:
§ Work with computer certificates.
§ Deploy user certificates.
§ Use Smartcard certificates.
§ Deploy S/MIME certificates.
Module 7: Increasing Authentication SecurityThe information in this module explains how to keep a network as secure as possible while still allowing access to the network resources for clients that run earlier versions of Microsoft Windows and third-party operating systems. The module goes on to explain how to keep authentication secure when transiting between domains within the same organization.
Lessons
§ Supporting Earlier Versions of Windows Clients
§ Supporting Macintosh Clients
§ Trust Relationships
After completing this module, students will be able to:
§ Support earlier versions of Windows clients.
§ Support Macintosh computers.
§ Describe and configure Trust Relationships.
Module 8: Implementing IP SecurityThe information in this module introduces IPSec and the use of authentication and encryption methods that are compatible with IP networks. It goes on to explain the appropriate tools and techniques for troubleshooting IPSec.
Lessons
§ Configuring IPSec Within aDomain
§ Configuring IPSec BetweenUntrusted Networks
§ Configuring IPSec on InternetServers
§ Troubleshooting IPSec
Configuration
Lab:
Implementing IP
Security in a Windows 2000 Network
After completing this module, students will be able to:
§ Configure IPSec within a domain.
§ Configure IPSec between untrusted networks.
§ Configure IPSec on Internet servers.
§ Troubleshoot IPSec configuration.
Module 9: Securing Remote Access and VPN
The information in this module introduces the Routing and Remote Access service which is the Windows 2000
component that manages both routing between networks and remote access to networks.
Lessons
§ Securing RRAS Servers
§ Managing RRAS Authentication
§ Securing Remote Clients
§ Securing Communications Using a VPN
Lab:
Implementing and Securing a Server Running RRAS
After completing this module, students will be able to:
§ Secure
RRAS servers.
§ Manage
RRAS authentication.
§ Secure remote clients.
§ Secure communications using a VPN.
Module 10: Configuring Clients for Wireless
Security
The information in this module introduces the security implications of running a wireless network. The lesson explains that security standards for wireless protocols are still evolving and introduces both the existing Wired Equivalent Privacy (WEP) protocol and the newer 802.1X port authentication protocol.
Lessons
§ Setting Up a Wireless Network
§ Securing Wireless Networks
§ Configuring Clients forWireless SecurityAfter completing this module, students will be able to:
§ Setup a wireless network.
§ Secure a wireless network.
§ Configure clients for wireless security.
Module 11: Securing Public Application Servers
The information in this module explains the types of attacks that can be expected and the methods for defending against them when running servers that provide public services. A secure
Internet services infrastructure must be built by using firewalls, properly securing e-mail servers, and protecting the database servers that frequently provide back-end data for Web servers.
Lessons
§ Providing Internet Security
§ Configuring Microsoft SQLServer for Internet Security
§ Securing Microsoft Exchange
Server for the Internet
Lab:
Designing an External Firewall Configuration
After completing this module, students will be able to:
§ Provide
Internet Security.
§ Configure
Microsoft SQL Server for Internet Security.
§ Secure
Microsoft Exchange Server.
Module 12: Implementing Web Service SecurityThe information in this module explains how to configure Internet Information Services (IIS) security features correctly to make Web servers as secure as possible.
Lessons
§ Securing Public Web Servers
§ Web Authentication
§ Using Secure Sockets Layer
Lab:
Implementing
Web Service SecurityAfter completing this module, students will be able to:
§ Secure public web servers.
§ Describe web authentication.
§ Use
Secure Sockets Layer.
Module 13: Detecting Intrusions and Monitoring
Events
The information in this module explains how to configure IIS security features correctly to make Web servers as secure as possible.
Lessons
§ Establishing IntrusionDetection for Public Servers
§ Event Monitoring in the
Private Network
After completing this module, students will be able to:
§ Establish intrusion detection for public servers.
§ Monitor events in the private network.
Module 14: Maintaining Software
The information in this module explains the various tools that can be used update client and server computers.
Lessons
§ Working with Service Packs and Hotfixes
§ Automating Updates withMicrosoft Software Update Services
§ Deploying Updates in the Enterprise
Lab:
Maintaining Software
After completing this module, students will be able to:
§ Work with Service Packs and Hotfixes.
§ Automate updates with Microsoft Software Update Services.
§ Deploy updates in the enterprise.
Hai bisogno di un coach per la formazione?
Ti aiuterà a confrontare vari corsi e trovare l'offerta formativa più conveniente.
Implementing And Administering Security in a Microsoft Windows 2000 Network