Home :: Software :: Business & Office :: Training & Tutorials  

Business Accounting
Communication
Database
Document Management
e-Commerce
Networking
Office Suites
Personal Finance
Presentation
Project Management
Reports & Forms
Schedule & Contact Management
Spreadsheet
Tax Preparation
Training & Tutorials

Word Processing
Microsoft Windows 2000 Implementing Security Curriculum CBT Training CDs

Microsoft Windows 2000 Implementing Security Curriculum CBT Training CDs

List Price:
Your Price:
Product Info Reviews

<< 1 >>

Rating: 5 stars
Summary: Microsoft Windows 2000 Implementing Security Curriculum CBT
Review: Course Overview
In this curriculum, the concepts of encryption and Public Key Infrastructure (PKI) are introduced and security templates and security baselines are covered. Participants learn about Public Key Infrastructure (PKI) and certificates and how to provide secures access to non-Microsoft clients. Participants also learn about policies and protocols used for remote access and Virtual Private Networks (VPN).

# This curriculum consists of five courses: 72446 Microsoft Windows 2000 Implementing Security Part 1: User Accounts
# 72447 Microsoft Windows 2000 Implementing Security Part 2: Additional Security
# 72448 Microsoft Windows 2000 Implementing Security Part 3: PKI and Partners
# 72449 Microsoft Windows 2000 Implementing Security Part 4: Mixed Clients
# 72450 Microsoft Windows 2000 Implementing Security Part 5: RAS and Wireless.

Learn To
See individual course descriptions for specific course objectives and scope.

Audience
Candidates operate in medium to very large computing environments that use Windows 2000 and Active Directory. Operating systems on client computers might include Windows NT Workstation 4.0, Windows 2000 Professional, and Windows XP Professional. Candidates have a minimum of one year's experience in implementing and administering security and network infrastructures.

Deployment Options
e-Learning

Accreditation
NASBA credits: 4 CPE Credits Per Course
CEU credits: 0.70 CEUs

Language Options
US English

Total Learning Time
30 to 40 hours



Microsoft Windows 2000 Implementing Security Part 1: User Accounts
Course Overview
In this course, you are introduced to the basics of Windows 2000 security. The concepts of encryption and Public Key Infrastructure (PKI) are introduced. You are taught how to plan administrative access including remote administrative access. User account policies, software updates, and Remote Installation Services (RIS) are also covered.

Learn To
# To identify risks to data and data access on a network.
# To identify potential security threats to data on a network.
# To identify measures used to assess the security standard of a network.
# To identify guidelines for selecting a centralized administrative model.
# To identify guidelines for selecting a decentralized administrative model.
# To match administrative tasks with their key disciplines.
# To match account policies with their features.
# To identify features of Group Policy prioritization.
# To match Group Policy inheritance options with their descriptions.


Audience
Candidates operate in medium to very large computing environments that use Windows 2000 and Active Directory. Operating systems on client computers might include Windows NT Workstation 4.0, Windows 2000 Professional, and Windows XP Professional. Candidates have a minimum of one year's experience in implementing and administering security and network infrastructures.

Deployment Options
e-Learning

Accreditation
NASBA credits: 4 CPE Credits
CEU credits: 0.70 CEUs

Language Options
US English

Total Learning Time
6 to 8 hours

Objectives
Unit 1: Windows 2000 Security Overview 2 - 3 hours
# Identify risks to data and data access on a network.
# Identify potential security threats to data on a network.
# Identify measures used to assess the security standard of a network.
# Match components of a network security plan with their considerations.
# Identify security features of Active Directory.
# Match types of trust relationships with their descriptions.
# Identify administration functions of Group Policy.
# Sort features of user-account authentication methods.
# Identify methods used to secure resource access.
# Sort characteristics of the security groups used for resource access.
# Identify features of symmetric key encryption that secures data on a network.
# Identify features of public key encryption.
# Sequence the steps of the process used by digital signatures to authenticate data.
# Sequence the steps of the process used by Encrypting File System (EFS) to encrypt stored data.
# Identify features of protocols used to encrypt transmitted data.
# Identify components of a Public Key Infrastructure (PKI).
# Identify elements of a digital certificate.
# Identify features of a certification authority (CA).


Unit 2: Administrative Access 2 hours
# Identify guidelines for selecting a centralized administrative model.
# Identify guidelines for selecting a decentralized administrative model.
# Match administrative tasks with their key disciplines.
# Identify security management tasks.
# Identify considerations for designing an administrative group.
# Identify physical security options.
# Identify logical security options.
# Identify methods for using the RunAs command.
# Identify methods used to secure remote administration.
# Identify features of Microsoft Management Console (MMC).
# Identify features of Terminal Services.
# Identify features of Telnet.


Unit 3: Planning User Accounts 2 - 3 hours
# Match account policies with their features.
# Match security events that Windows 2000 can audit with their descriptions.
# Identify considerations for planning an audit strategy.
# Identify features of Remote Installation Services (RIS).
# Sequence the steps to set up a source computer.
# Sort characteristics of CD-based images and RIPrep images.
# Identify features of Group Policy prioritization.
# Match Group Policy inheritance options with their descriptions.
# Identify default security settings of a newly created user account.
# Identify benefits of using scripts and templates to create user accounts.
# Identify consequences of moving user accounts.
# Identify considerations for delegating authority.
# Identify functions of the Microsoft Baseline Security Analyzer (MBSA).
# Identify features of Software Update Services.
# Identify functions of the Hotfix Checker (HFNetChk) command.
# Scan a Windows-based computer by using the Microsoft Baseline Security Analyzer (MBSA).
# Identify functions of an answer file in the installation of a CD-based image.
# Associate an answer file with a CD-based image.
# Create a Remote Installation Services (RIS) startup disk.
# Identify the options for installing an image on a Remote Installation Services (RIS) client computer.
# Identify the options to create a RIPrep image.




Microsoft Windows 2000 Implementing Security Part 2: Additional Security
Course Overview
This course, teaches about security for Windows 2000-based computers. Security templates and security baselines are covered. The learner is guided through additional security configurations including security settings for file and print resources. Web server security and Internet security are also covered.

Learn To
# To identify guidelines for planning physical network security.
# To identify password security features of the system key (SYSKEY) utility.
# To understand hardware security methods.
# To match SQL Server roles with their descriptions.
# To identify security features of Exchange 2000 Server.
# To sort the benefits of NTFS file system and FAT.
# To identify guidelines for protecting a private network from a virus.
# To identify risks of using a modem to access the Internet from a private network.
# To identify features of private networking addressing.


Audience
Candidates operate in medium to very large computing environments that use Windows 2000 and Active Directory. Operating systems on client computers might include Windows NT Workstation 4.0, Windows 2000 Professional, and Windows XP Professional. Candidates have a minimum of one year's experience in implementing and administering security and network infrastructures.

Deployment Options
e-Learning

Accreditation
NASBA credits: 4 CPE Credits
CEU credits: 0.70 CEUs

Language Options
US English

Total Learning Time
6 to 8 hours

Objectives
Unit 1: Windows 2000-Based Computers 2 hours
# Identify guidelines for planning physical network security.
# Identify password security features of the system key (SYSKEY) utility.
# To understand hardware security methods.
# Identify options for applying security settings to a computer upgraded from Windows NT.
# Identify options for running a non-Windows 2000-certified application.
# Match incremental security templates with their descriptions.
# Match security template settings with their descriptions.
# Identify options for customizing a security template.
# Identify tasks for evaluating a security configuration using a security baseline.
# Match secedit command options with their descriptions.
# Identify methods for deploying security configurations.
# Create a security template.
# Assign a security template.


Unit 2: Additional Security 2 - 3 hours
# Match SQL Server roles with their descriptions.
# Identify security features of Exchange 2000 Server.
# Sort the benefits of NTFS file system and FAT.
# Identify features of discretionary access control list (DACL) settings.
# Identify features of Internet Information Services (IIS) authentication methods.
# Identify the benefits of combining share permissions and NTFS file system permissions.
# Identify options for protecting access to print resources.
# Identify methods for protecting the registry.
# Sequence the steps for designing a security plan.
# Identify considerations for planning local network security.
# Identify considerations for planning remote network security.
# Identify considerations for planning public network security.
# Identify considerations for planning partner access to a network.
# Identify sources of security information.
# Identify features of Internet Information Services (IIS).
# Identify steps for configuring authentication methods.
# Configure Web site security.


Unit 3: Internet Security 2 - 3 hours
# Identify guidelines for protecting a private network from a virus.
# Identify risks of using a modem to access the Internet from a private network.
# Identify features of private networking addressing.
# Identify guidelines for protecting private network Domain Name System (DNS) Namespaces from IP spoofing.
# Identify guidelines for selecting protocols to access the Internet.
# Identify methods for restricting Internet access.
# Match the services provided by Proxy Server with their descriptions.
# Match the authentication methods supported by Proxy Server with their descriptions.
# Identify reasons for auditing Proxy Server logs.
# Identify options to configure a proxy client.
# Match security zones with their features.
# Identify features of Content Advisor.




Microsoft Windows 2000 Implementing Security Part 3: PKI and Partners
Course Overview
In this course, participants learn about Public Key Infrastructure (PKI) and certificates. Encrypting File System (EFS) is also covered. Finally, the learner is guided through the process of extending the network to partners and how to manage partner accounts.

Learn To
# To match components of Public Key Infrastructure (PKI) with their descriptions.
# To identify features of public key cryptography.
# To match applications and services that can be authenticated by using certificates with their functions.
# To identify options for securing the exchange of information with a partner organization.
# To identify considerations for securing extranet network access.
# To identify features of e-mail security.


Audience
Candidates operate in medium to very large computing environments that use Windows 2000 and Active Directory. Operating systems on client computers might include Windows NT Workstation 4.0, Windows 2000 Professional, and Windows XP Professional. Candidates have a minimum of one year's experience in implementing and administering security and network infrastructures.

Deployment Options
e-Learning

Accreditation
NASBA credits: 4 CPE Credits
CEU credits: 0.70 CEUs

Language Options
US English

Total Learning Time
7 to 12 hours

Objectives
Unit 1: PKI and Certificates 3 - 4 hours
# Match components of Public Key Infrastructure (PKI) with their descriptions.
# Identify features of public key cryptography.
# Match applications and services that can be authenticated by using certificates with their functions.
# Identify guidelines for determining certificate requirements.
# Identify features of a certificate template.
# Sequence the steps of the certificate enrollment process.
# Identify features of certificate distribution.
# Revoke a certificate.
# Identify features of certificate renewal.
# Identify features of a certificate audit trail.
# Sort features of private and commercial Certification Authorities (CAs).
# Sort characteristics of enterprise policy and stand-alone policy.
# Identify guidelines for designing a Certification Authority (CA) hierarchy.
# Match certification authority (CA) models with their characteristics.
# Sequence the steps for installing certificate services.
# Sequence the steps to create a subordinate certification authority (CA).
# Identify features of certification authority (CA) security.
# Match Certification Authority (CA) hierarchy plans with their features.
# Sort features of certificate mapping.
# Import a certificate using the Certificate Import Wizard.
# Manually publish a Certificate Revocation List (CRL).
# Identify features of a recovery strategy for certification authority (CA) failure.
# Identify features of certification authority (CA) services backup and restoration.


Unit 2: Partners 4 - 8 hours
# Identify options for securing the exchange of information with a partner organization.
# Identify considerations for securing extranet network access.
# Identify features of e-mail security.
# Identify features of Web communication security.
# Match options to secure tunnel connections with their descriptions.
# Match methods to secure a dial-up connection with their descriptions.
# Identify considerations for securing Terminal Services.
# Identify benefits of creating domains, organizational units (OUs), and accounts for partners in Active Directory.
# Match trusted domains with methods for authenticating partners.






Microsoft Windows 2000 Implementing Security Part 4: Mixed Clients
Course Overview
This course teaches how to provide secures access to non-Microsoft clients. Remote access, and firewalls are covered. Participants also learn about screened subnets. Finally, application-layer security and IP-layer security concepts are taught.

Learn To
# To match components of Public Key Infrastructure (PKI) with their descriptions.
# To match UNIX client authentication methods with their descriptions.
# To identify the guidelines for securing file access.
# To identify the risks of providing remote access.
# To match methods for authenticating remote access users with their descriptions.
# To identify methods for authorizing remote access connections.
# To match the application-layer security protocols with their definitions.
# To identify characteristics of Server Message Block (SMB) Signing.
# To identify guidelines for securing communication for a Web application.


Audience
Candidates operate in medium to very large computing environments that use Windows 2000 and Active Directory. Operating systems on client computers might include Windows NT Workstation 4.0, Windows 2000 Professional, and Windows XP Professional. Candidates have a minimum of one year's experience in implementing and administering security and network infrastructures.

Deployment Options
e-Learning

Accreditation
NASBA credits: 4 CPE Credits
CEU credits: 0.70 CEUs

Language Options
US English

Total Learning Time
6 to 8 hours

Objectives
Unit 1: Access to Non-Microsoft Clients 2 - 3 hours
# Match components of Public Key Infrastructure (PKI) with their descriptions.
# Match UNIX client authentication methods with their descriptions.
# Identify the guidelines for securing file access.
# Identify guidelines for securing TCP/IP-based applications.
# Identify the features of services for NetWare.
# Identify features of authenticating NetWare Clients.
# Identify security risks of accessing NetWare resources.
# Identify methods for authenticating Macintosh clients.
# Identify methods for providing Macintosh clients secure access to network resources.
# Identify steps for configuring authentication protocols to support mixed Windows client-computer environments.
# Identify methods for securing a DHCP server.
# Identify methods for securing DNS servers.
# Identify risks of using Simple Network Management Protocol (SNMP) to manage a network infrastructure.
# Identify features of Network Monitor.


Unit 2: RAS and Firewalls 2 - 3 hours
# Identify the risks of providing remote access.
# Match methods for authenticating remote access users with their descriptions.
# Identify methods for authorizing remote access connections.
# Identify functions of a remote access policy.
# Match remote access policy models with their descriptions.
# Identify features of remote access based on Windows NT 4.0 servers.
# Identify Connection Manager Administration Kit (CMAK) security options for dial-up connections.
# Identify benefits of a VPN connection.
# Sort VPN security requirements according to their most suitable tunneling protocol.
# Identify features of public and private networks.
# Identify features of router security.
# Identify security features provided by a Windows 2000-based router.
# Identify types of common network security attacks.
# Identify risks from denial of service (DoS) attacks.
# Identify methods for minimizing the risk of port scanning.
# Identify options for filtering protocols allowed through a firewall.
# Identify features of a three-pronged firewall used to create a screened subnet.
# Identify features of a mid-ground screened subnet.
# Identify considerations for securing VPN connections between remote offices.
# Identify methods to protect a private network.
# Identify features of static address mapping.
# Identify design considerations for a screened subnet.
# Identify firewall configuration options for securing traffic to Microsoft Exchange Server.
# Identify firewall configuration options for securing Layer Two Tunneling Protocol (L2TP) traffic to a tunnel server.
# Identify firewall configuration options for securing traffic to a Terminal Services server.
# Identify features of network load balancing.
# Identify firewall configuration options for securing traffic to a Hypertext Transfer Protocol (HTTP) and FTP server.
# Identify firewall configuration options for securing traffic to a DNS server.
# Identify firewall configuration options for securing traffic to an application server.
# Identify firewall configuration options for securing Point-to-Point Tunneling Protocol (PPTP) traffic to a tunnel server.


Unit 3: Application-Layer and IP-Layer Security 2 hours
# Match the application-layer security protocols with their definitions.
# Identify characteristics of Server Message Block (SMB) Signing.
# Identify guidelines for securing communication for a Web application.
# Identify the authentication methods supported by Internet Protocol Security (IPSec).
# Identify the types of security provided by Internet Protocol Security (IPSec).
# Match IPSec predefined policies with their descriptions.
# Sequence the steps for applying an IPsec filter.




Microsoft Windows 2000 Implementing Security Part 5: RAS and Wireless
Course Overview
In this course, participants learn about policies and protocols used for remote access and Virtual Private Networks (VPN). How to secure communication channels including wireless networks is covered. Participants also learn about troubleshooting and responding to security incidents.

Learn To
# To identify advantages of computer certificate auto-deployment.
# To identify features of centralization IPSec policy.
# To match methods for verifying IPSec communications with their descriptions.
# To identify features of Internet Authentication Service (IAS).
# To sequence the stages to install Internet Authentication Service (IAS).
# To identify features of Remote Authentication Dial-In User Service (RADIUS) single sign-on capability.
# To identify methods for monitoring the remote access server.
# To match remote access tracing values with their descriptions.
# To identify guidelines for troubleshooting communication hardware.


Audience
Candidates operate in medium to very large computing environments that use Windows 2000 and Active Directory(r). Operating systems on client computers might include Windows NT(r) Workstation 4.0, Windows 2000 Professional, and Windows XP Professional. Candidates have a minimum of one year's experience in implementing and administering security and network infrastructures.

Deployment Options
e-Learning

Accreditation
NASBA credits: 4 CPE Credits
CEU credits: 0.70 CEUs

Language Options
US English

Total Learning Time
6 to 8 hours

Objectives
Unit 1: Remote Access Process and Protocols 2 - 3 hours
# Identify advantages of computer certificate auto-deployment.
# Identify features of centralization IPSec policy.
# Match methods for verifying IPSec communications with their descriptions.
# Sort features of remote access connectivity types.
# Sort data transport protocols according to their type.
# Sort features of Virtual Private Network (VPN) protocols according to protocol type.
# Identify configuration options for inbound Virtual Private Network (VPN) and dial-up connections.
# Configure ports for inbound connections.
# Identify user dial-in configuration settings.
# Identify options for configuring outbound connections.
# Create a dial-up connection.
# Create a VPN connection.
# Create a direct connection to another computer through a cable.
# Identify features of Multilink connections.
# Configure an outbound VPN connection.
# Match authentication protocols with their descriptions.
# Identify features of Microsoft Point-to-Point Encryption (MPPE) and Internet Protocol Security (IPSec) encryption protocols.
# Identify the components of a remote access policy.
# Identify considerations for evaluating a remote access policy.
# Create a remote access policy.
# Identify features of Connection Manager Administration Kit (CMAK).
# Identify features of policy, auditing, and accounting centralization.
# Install Routing and Remote Access Service (RRAS).
# Disable Routing and Remote Access Service (RRAS).


Unit 2: Securing Communication Channels 2 - 3 hours
# Identify features of Internet Authentication Service (IAS).
# Sequence the stages to install Internet Authentication Service (IAS).
# Identify features of Remote Authentication Dial-In User Service (RADIUS) single sign-on capability.
# Configure a remote access server to use Remote Authentication Dial-In User Service (RADIUS) authentication.
# Identify features of NAT.
# Identify options for configuring NAT.
# Configure settings for accounting logs.
# Match wireless network types with their descriptions.
# Identify features of Wired Equivalent Privacy (WEP) and 802.1x.
# Identify options for configuring a wireless network connection.
# Identify features of backup data security.
# Identify features of a system state data backup.
# Identify features of a backup schedule.
# Identify methods for protecting data from viruses.
# Match network communication risks with their descriptions.
# Identify risks to a physical network.
# Identify costs of network encryption.


Unit 3: Troubleshooting and Security Incidents 2 hours
# Identify methods for monitoring the remote access server.
# Match remote access tracing values with their descriptions.
# Identify guidelines for troubleshooting communication hardware.
# Identify guidelines for troubleshooting communication lines.
# Identify guidelines for troubleshooting configuration settings.
# Identify options in the EventCombMT tool.
# Identify available options in Event Viewer.
# Identify features of IIS log files.
# Identify features of Network Monitor.
# Identify guidelines for maintaining evidence of security incidents.


<< 1 >>

© 2004, ReviewFocus or its affiliates