Microsoft Windows 2000 Implementing Security Part 5: RAS and Wireless

Audience

Candidates operate in medium to very large computing environments that use Windows 2000 and Active Directory(r). Operating systems on client computers might include Windows NT(r) Workstation 4.0 Windows 2000 Professional and Windows XP Professional. Candidates have a minimum of one year's experience in implementing and administering security and network infrastructures.

Objective

Upon completion of this course the student will be able to:

• identify advantages of computer certificate auto-deployment.
• identify features of centralization IPSec policy.
• match methods for verifying IPSec communications with their descriptions.
• identify features of Internet Authentication Service (IAS).
• sequence the stages to install Internet Authentication Service (IAS).
• identify features of Remote Authentication Dial-In User Service (RADIUS) single sign-on capability.
• identify methods for monitoring the remote access server.
• match remote access tracing values with their descriptions.
• identify guidelines for troubleshooting communication hardware.

Topics Include

Unit 1: Remote Access Process and Protocols

• Identify advantages of computer certificate auto-deployment.
• Identify features of centralization IPSec policy.
• Match methods for verifying IPSec communications with their descriptions.
• Sort features of remote access connectivity types.
• Sort data transport protocols according to their type.
• Sort features of Virtual Private Network (VPN) protocols according to protocol type.
• Identify configuration options for inbound Virtual Private Network (VPN) and dial-up connections.
• Configure ports for inbound connections.
• Identify user dial-in configuration settings.
• Identify options for configuring outbound connections.
• Create a dial-up connection.
• Create a VPN connection.
• Create a direct connection to another computer through a cable.
• Identify features of Multilink connections.
• Configure an outbound VPN connection.
• Match authentication protocols with their descriptions.
• Identify features of Microsoft Point-to-Point Encryption (MPPE) and Internet Protocol Security (IPSec) encryption protocols.
• Identify the components of a remote access policy.
• Identify considerations for evaluating a remote access policy.
• Create a remote access policy.
• Identify features of Connection Manager Administration Kit (CMAK).
• Identify features of policy auditing and accounting centralization.
• Install Routing and Remote Access Service (RRAS).
• Disable Routing and Remote Access Service (RRAS).

Unit 2: Securing Communication Channels

• Identify features of Internet Authentication Service (IAS).
• Sequence the stages to install Internet Authentication Service (IAS).
• Identify features of Remote Authentication Dial-In User Service (RADIUS) single sign-on capability.
• Configure a remote access server to use Remote Authentication Dial-In User Service (RADIUS) authentication.
• Identify features of NAT.
• Identify options for configuring NAT.
• Configure settings for accounting logs.
• Match wireless network types with their descriptions.
• Identify features of Wired Equivalent Privacy (WEP) and 802.1x.
• Identify options for configuring a wireless network connection.
• Identify features of backup data security.
• Identify features of a system state data backup.
• Identify features of a backup schedule.
• Identify methods for protecting data from viruses.
• Match network communication risks with their descriptions.
• Identify risks to a physical network.
• identify costs of network encryption.

Unit 3: Troubleshooting and Security Incidents

• Identify methods for monitoring the remote access server.
• Match remote access tracing values with their descriptions.
• Identify guidelines for troubleshooting communication hardware.
• Identify guidelines for troubleshooting communication lines.
• Identify guidelines for troubleshooting configuration settings.
• Identify options in the EventCombMT tool.
• Identify available options in Event Viewer.
• Identify features of IIS log files.
• Identify features of Network Monitor.
• Identify guidelines for maintaining evidence of security incidents.

Duration

8 Hours

Minimum Requirements

The CDROM version of this course requires:

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).
• At least a double speed CDROM drive.
• An MPC compliant sound card with attached speakers or headphones is recommended (Currently only the CDROM version supports audio).

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM and 22MB available hard disk space or file server space.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).

Media