Implementing and Administering Security in a Microsoft Windows Server 2003 Network
Credit Toward Certification
When you pass the Implementing and Administering Security in a Microsoft Windows Server 2003 Network exam, you achieve Microsoft Certified Professional (MCP) status. You also earn credit toward the following certifications:
Core credit toward Microsoft Certified Systems Administrator (MCSA): Security on Microsoft Windows Server 2003 certification
Core credit toward Microsoft Certified Systems Engineer (MCSE): Security on Microsoft Windows Server 2003 certification
Elective credit toward Microsoft Certified Systems Engineer (MCSE) on Microsoft Windows Server 2003 certification
Elective credit toward Microsoft Certified Systems Administrator (MCSA) on Microsoft Windows Server 2003 certification
This Training will Cover
Implementing, Managing, and Troubleshooting Security Policies
Plan security templates based on computer role. Computer roles include SQL Server computer, Microsoft Exchange Server computer, domain controller, Internet Authentication Service (IAS) server, and Internet Information Services (IIS) server.
Configure security templates.
Configure registry and file system permissions.
Configure account policies.
Configure .pol files.
Configure audit policies.
Configure user rights assignment.
Configure security options.
Configure system services.
Configure restricted groups.
Configure event logs.
Deploy security templates.
Plan the deployment of security templates.
Deploy security templates by using Active Directory-based Group Policy objects (GPOs).
Deploy security templates by using command-line tools and scripting.
Troubleshoot security template problems.
Troubleshoot security templates in a mixed operating system environment.
Troubleshoot security policy inheritance.
Troubleshoot removal of security template settings.
Configure additional security based on computer roles. Server computer roles include SQL Server computer, Exchange Server computer, domain controller, Internet Authentication Service (IAS) server, and Internet Information Services (IIS) server. Client computer roles include desktop, portable, and kiosk.
Plan and configure security settings.
Plan network zones for computer roles.
Plan and configure software restriction policies.
Plan security for infrastructure services. Services include DHCP and DNS.
Plan and configure auditing and logging for a computer role. Considerations include Windows Events, Internet Information Services (IIS), firewall log files, Netlog, and RAS log files.
Analyze security configuration. Tools include Microsoft Baseline Security Analyzer (MBSA), the MBSA command-line tool, and Security Configuration and Analysis.
Implementing, Managing, and Troubleshooting Patch Management Infrastructure
Plan the deployment of service packs and hotfixes.
Evaluate the applicability of service packs and hotfixes.
Test the compatibility of service packs and hotfixes for existing applications.
Plan patch deployment environments for both the pilot and production phases.
Plan the batch deployment of multiple hotfixes.
Plan rollback strategy.
Assess the current status of service packs and hotfixes. Tools include MBSA and the MBSA command-line tool.
Assess current patch levels by using the MBSA GUI tool.
Assess current patch levels by using the MBSA command-line tool with scripted solutions.
Deploy service packs and hotfixes.
Deploy service packs and hotfixes on new servers and client computers. Considerations include slipstreaming, custom scripts, and isolated installation or test networks.
Deploy service packs and hotfixes on existing servers and client computers.
Implementing, Managing, and Troubleshooting Security for Network Communications
Plan IPSec deployment.
Decide which IPSec mode to use.
Plan authentication methods for IPSec.
Test the functionality of existing applications and services.
Configure IPSec policies to secure communication between networks and hosts. Hosts include domain controllers, Internet Web servers, databases, e-mail servers, and client computers.
Configure IPSec authentication.
Configure appropriate encryption levels. Considerations include the selection of perfect forward secrecy (PFS) and key lifetimes.
Configure the appropriate IPSec protocol. Protocols include Authentication Header (AH) and Encapsulating Security Payload (ESP).
Configure IPSec inbound and outbound filters and filter actions.
Deploy and manage IPSec policies.
Deploy IPSec policies by using Local policy objects or Group Policy objects (GPOs).
Deploy IPSec policies by using commands and scripts. Tools include IPSecPol and NetSh.
Deploy IPSec certificates. Considerations include deployment of certificates and renewing certificates on managed and unmanaged client computers.
Monitor IPSec policies by using IP Security Monitor.
Configure IPSec logging. Considerations include Oakley logs and IPSec driver logging.
Troubleshoot IPSec across networks. Considerations include network address translation, port filters, protocol filters, firewalls, and routers.
Troubleshoot IPSec certificates. Considerations include enterprise trust policies and certificate revocation list (CRL) checking.
Plan and implement security for wireless networks.
Plan the authentication methods for a wireless network.
Plan the encryption methods for a wireless network.
Plan wireless access policies.
Configure wireless encryption.
Install and configure wireless support for client computers.
Deploy, manage, and configure SSL certificates, including uses for HTTPS, LDAPS, and wireless networks. Considerations include renewing certificates and obtaining self-issued certificates instead of publicly issued certificates.
Obtain self-issued certificates and publicly issued certificates.
Install certificates for SSL.
Configure SSL to secure communication channels. Communication channels include client computer to Web server, Web server to SQL Server computer, client computer to Active Directory domain controller, and e-mail server to client computer.
Configure security for remote access users.
Configure authentication for secure remote access. Authentication types include PAP, CHAP, MS-CHAP, MS-CHAP v2, EAP-MD5, EAP-TLS, and multifactor authentication that combines smart cards and EAP.
Configure and troubleshoot virtual private network (VPN) protocols. Considerations include Internet service provider (ISP), client operating system, network address translation devices, Routing and Remote Access servers, and firewall servers.
Manage client configuration for remote access security. Tools include remote access policy and the Connection Manager Administration Kit.
Planning, Configuring, and Troubleshooting Authentication, Authorization, and PKI
Plan and configure authentication.
Plan, configure, and troubleshoot trust relationships.
Plan and configure authentication protocols.
Plan and configure multifactor authentication.
Plan and configure authentication for Web users.
Plan and configure delegated authentication.
Plan group structure.
Decide which types of groups to use.
Plan security group scope.
Plan nested group structure.
Plan and configure authorization.
Configure access control lists (ACLs).
Plan and troubleshoot the assignment of user rights.
Plan requirements for digital signatures.
Install, manage, and configure Certificate Services.
Install and configure root, intermediate, and issuing certification authorities (CAs). Considerations include renewals and hierarchy.
Configure certificate templates.
Configure, manage, and troubleshoot the publication of certificate revocation lists (CRLs).
Configure archival and recovery of keys.
Deploy and revoke certificates to users, computers, and CAs.
Backup and restore the CA.
Make The Best Choice Chose - Certkingdom
Make yourself more valuable in today's competitive computer industry Certkingdom's preparation material includes the most excellent features, prepared by the same dedicated experts who have come together to offer an integrated solution. We provide the most excellent and simple method to pass your Microsoft MCSE 2003 70-299 exam on the first attempt "GUARANTEED".
Unlimited Access Package
will prepare you for your exam with guaranteed results, 70-299 Study Guide. Your exam will download as a single 70-299 PDF or complete 70-299 testing engine as well as over +4000 other technical exam PDF and exam engine downloads. Forget buying your prep materials separately at three time the price of our unlimited access plan - skip the 70-299 audio exams and select the one package that gives it all to you at your discretion: 70-299 Study Materials featuring the exam engine.
Certkingdom 70-299 Exam Preparation Tools
Certkingdom Microsoft MCSE 2003 preparation begins and ends with your accomplishing this credential goal. Although you will take each Microsoft MCSE 2003 online test one at a time - each one builds upon the previous. Remember that each Microsoft MCSE 2003 exam paper is built from a common certification foundation.
70-299 Exam Testing Engines
Beyond knowing the answer, and actually understanding the 70-299 test questions puts you one step ahead of the test. Completely understanding a concept and reasoning behind how something works, makes your task second nature. Your 70-299 quiz will melt in your hands if you know the logic behind the concepts. Any legitimate Microsoft MCSE 2003 prep materials should enforce this style of learning - but you will be hard pressed to find more than a Microsoft MCSE 2003 practice test anywhere other than Certkingdom.
70-299 Exam Questions and Answers with Explanation
This is where your Microsoft MCSE 2003 70-299 exam prep really takes off, in the testing your knowledge and ability to quickly come up with answers in the 70-299 online tests. Using MCSE 2003 70-299 practice exams is an excellent way to increase response time and queue certain answers to common issues.
70-299 Exam Study Guides
All Microsoft MCSE 2003 online tests begin somewhere, and that is what the Microsoft MCSE 2003 training course will do for you: create a foundation to build on. Study guides are essentially a detailed Microsoft MCSE 2003 70-299 tutorial and are great introductions to new Microsoft MCSE 2003 training courses as you advance. The content is always relevant, and compound again to make you pass your 70-299 exams on the first attempt. You will frequently find these 70-299 PDF files downloadable and can then archive or print them for extra reading or studying on-the-go.
70-299 Exam Video Training
For some, this is the best way to get the latest Microsoft MCSE 2003 70-299 training. However you decide to learn 70-299 exam topics is up to you and your learning style. The Certkingdom Microsoft MCSE 2003 products and tools are designed to work well with every learning style. Give us a try and sample our work. You'll be glad you did.
70-299 Other Features
* Realistic practice questions just like the ones found on certification exams.
* Each guide is composed from industry leading professionals real Microsoft MCSE 2003notes, certifying 100% brain dump free.
* Study guides and exam papers are guaranteed to help you pass on your first attempt or your money back.
* Designed to help you complete your certificate using only
* Delivered in PDF format for easy reading and printing Certkingdom unique CBT 70-299 will have you dancing the Microsoft MCSE 2003 jig before you know it
* MCSE 2003 70-299 prep files are frequently updated to maintain accuracy. Your courses will always be up to date.
Get MCSE 2003 ebooks from Certkingdom which contain real 70-299 exam questions and answers. You WILL pass your MCSE 2003 exam on the first attempt using only Certkingdom's MCSE 2003 excellent preparation tools and tutorials.