Provided by: Boston University Corporate Education Center Implementing and Administering Security in a Microsoft Windows Server 2003 Network Click here for more information or to take this course

---

---

home  : Unfiled

Training Provided by Boston University Corporate Education Center

Elements of this syllabus are subject to change.

This five-day instructor-led course addresses the MCSA and MCSE skills path for IT Pro security practitioners, specifically addressing the training needs of those preparing for the 70-299 certification exam.

The primary product focus is on Microsoft Windows ServerT 2003 based infrastructure solutions but will include some client focused content where appropriate. This learning product is to provide functional skills in planning and implementing infrastructure security.

This course is part of the Security Portfolio and will act as the primary entry point for IT Professionals at the implementation level. MOC 2810 will provide an entry point for students to broaden their awareness of security issues. Students will be encouraged to enhance their security design skills by attending MOC 2830.

Audience
The course is for a system administrator or system engineer who has the foundation implementation skills and knowledge for the deployment of secure Microsoft Windows Server 2003 based solutions. This course is not intended to provide design skills, but will cover planning skills at a level sufficient to enable decision making for the implementation process.

At Course Completion
After completing this course, students will gain the skills to:

Plan and configure an authorization and authentication strategy.
 
Install, configure, and manage certification authorities.
 
Configure, deploy, and manage certificates.
 
Plan, implement, and troubleshoot smart card certificates.
 
Plan, implement, and troubleshoot Encrypting File System (EFS).
 
Plan, configure, and deploy a secure member server baseline.
 
Plan, configure, and implement secure baselines for server roles.
 
Plan, configure, implement, and deploy client computer baselines.
 
Plan and implement software updates.
 
Plan, deploy, and troubleshoot data transmission security.
 
Plan and implement security for wireless networks.
 
Plan and implement perimeter security with Internet Security and Acceleration (ISA) Server 2004.
 
Secure remote access.
 

Prerequisites
Before attending this course, students must have:

Completed MOC 2810 or equivalent knowledge.
 
Experience implementing a Windows 2000 or Windows Server 2003 Active Directory environment. Experience with organizational resources such as Web, FTP and Exchange servers, (not expected to have detailed knowledge) shared resources and network services such as DHCP, DNS and WINS also helpful.
 

Microsoft Certified Professional Exams
No Microsoft Certified Professional exams are associated with this course currently.

Course Materials
The student kit includes a comprehensive workbook and other necessary materials for this class.

The following software is provided in the student kit:

Student CD
 

Course Outline

Module 1: Planning and Configuring an Authentication and Authorization Strategy

This module explains how to evaluate the infrastructure of your organization and create and document an authorization and authentication plan that allows the appropriate level of access to various security principals. It also describes trust relationships, domain and forest functional levels, and basic security principles.

Lessons

Components of an Authentication Model
 
Planning and Implementing an Authentication Strategy
 
Groups and Basic Group Strategy in Windows Server 2003
 
Creating Trusts in Windows Server 2003
 
Planning, Implementing, and Maintaining an Authorization Strategy Using Groups
 
Lab A: Planning and Configuring an Authentication and Authorization Strategy
 
Planning and Implementing a Resource Authorization Strategy
 
Planning and Implementing a Cross-Forest Authentication Strategy
 
Planning and Implementing an Authentication Policy
 

After completing this module, students will be able to:

Describe the components, tools, and protocols that support authentication.
 
Plan and implement an authentication strategy in a multi-forest organization.
 
Determine the necessary group structure for a multi-domain or multi-forest environment.
 
Create trusts in a Windows Server 2003 environment.
 
Plan, implement, and maintain an authorization strategy in a multi-forest organization.
 

Module 2: Installing, Configuring, and Managing Certification Authorities

This module describes the fundamentals of the systems that make secure communication possible. It describes methods, such as a public key infrastructure (PKI), that enable you to securely communicate on networks.

Lessons

Overview of a PKI
 
Introduction to Certification Authorities
 
Installing a Certification Authority
 
Managing a Certification Authority
 
Backing Up and Restoring a Certification Authority
 
Lab A: Installing and Configuring a Certification Authority
 
Installing an Enterprise Subordinate Certification Authority
 
Backing up a Certification Authority
 

After completing this module, students will be able to:

Describe a PKI.
 
Describe the applications and components that are used in a PKI.
 
Install a certification authority.
 
Create and publish Certificate Revocation Lists (CRLs) and Authority Information Access (AIA) distribution points.
 
Back up and restore a certification authority.
 

Module 3: Configuring, Deploying, and Managing Certificates

This module explains how to ensure that the certificates are issued to the correct security principals and for the intended purpose. It describes, for example, how to make the deployment of certificates an easy and straightforward task for end users.

Lessons

Overview of Digital Certiificates
 
Deploying and Revoking User and Computer Certificates
 
Configuring Certificate Templates
 
Managing Certificates
 
Lab A: Deploying and Managing Certificates
 
Configuring Multipurpose Certificate Templates
 
Configuring Certificate Autoenrollment
 
Updating a Certificate Template
 
Implementing a Key Archiving Strategy
 

After completing this module, students will be able to:

Configure certificate templates in a Microsoft Windows ServerT 2003 PKI environment.
 
Deploy, enroll, and revoke certificates in a Windows Server 2003 PKI environment.
 
Describe the applications and components that are used in a PKI.
 
Export, import, and archive certificates and keys in a Windows Server 2003 PKI environment.
 

Module 4: Planning, Implementing, and Troubleshooting Smart Card Certificates

This module describes how to deploy, manage, and configure certificates and certificate templates in a public key infrastructure (PKI) environment.

Lessons

Introduction to Multifactor Authentication
 
Planning and Implementing a Smart Card Infrastructure
 
Managing and Troubleshooting a Smart Card Infrastructure
 
Lab A: Implementing Smart Cards
 
Configuring a Smart Card Enrollment Station
 
Simulation: Enrolling Users for Smart Cards
 

After completing this module, students will be able to:

Describe the concepts of and applications for multifactor authentication.
 
Plan and implement a smart card infrastructure.
 
Manage and troubleshoot a smart card infrastructure.
 

Module 5: Planning, Implementing, and Troubleshooting Encrypting File System

This module describes how to plan, implement, and troubleshoot Encrypting File System (EFS).

Lessons

Introduction to EFS
 
Implementing EFS in a Standalone Microsoft Windows XP Environment
 
Planning and Implementing EFS in a Domain Environment
 
Implementing EFS File Sharing
 
Troubleshooting EFS
 
Lab A: Planning, Implementing, and Troubleshooting Encrypting File System
 
Implementing Certificates to Support EFS
 
Configuring Group Policy to Support EFS
 

After completing this module, students will be able to:

Describe EFS and how it works.
 
Implement EFS in a standalone Microsoft Windows XP environment.
 
Plan and implement EFS in a domain environment that has a PKI.
 
Implement EFS file sharing.
 
Troubleshoot EFS problems.
 

Module 6: Planning, Configuring, and Deploying a Secure Member Server Baseline

The security of a network depends on the security configuration of the servers that make up the network. Any breach of security on a single server can jeopardize the security of all computers in the network, thereby jeopardizing the security of the network itself. In this module, students will learn how to create secure baselines for servers.

Lessons

Overview of a Member Server Baseline
 
Planning a Secure Member Server Baseline
 
Configuring Additional Security Settings
 
Deploying Security Templates
 
Securing Servers by Using the Security Configuration Wizard
 
Lab: Planning a Member Server Baseline
 
Planning a Secure Member Server Baseline
 

After completing this module, students will be able to:

Describe the components that make up a secure member server baseline.
 
Plan a secure member server baseline.
 
Configure additional security settings.
 
Deploy security templates.
 
Secure servers by using the Security Configuration Wizard (SCW).
 

Module 7: Planning, Configuring, and Implementing Secure Baselines for Server Roles

In this module, students will learn how to create secure baselines for various server roles.

Lessons

Planning and Configuring a Secure Baseline for Domain Controllers
 
Planning and Configuring a Secure Baseline for DNS Servers
 
Planning and Configuring a Secure Baseline for Infrastructure Servers
 
Planning a Secure Baseline for File and Print Servers
 
Planning and Configuring a Secure Baseline for IIS Servers
 

After completing this module, students will be able to:

Plan and configure a secure baseline for domain controllers.
 
Plan and configure a secure baseline for Domain Name System (DNS) servers.
 
Plan and configure a secure baseline for infrastructure servers.
 
Plan a secure baseline for file and print servers.
 
Plan and configure a secure baseline for Internet Information Services (IIS) servers.
 

Module 8: Planning, Configuring, Implementing, and Deploying a Secure Client Computer Baseline

In this module, students will learn how to create secure baselines for client computers.

Lessons

Planning and Implementing a Secure Client Computer Baseline
 
Securing Applications on Client Computers
 
Planning and Implementing a Software Restriction Policy
 
Implementing Security for Mobile Clients
 
Lab A: Planning, Implementing, Configuring, and Deploying a Secure Client Computer Baseline
 
Planning Security Templates for Client Computers
 
Implementing Security Templates for Client Computers
 

After completing this module, students will be able to:

Plan a secure client computer baseline.
 
Secure applications on client computers.
 
Plan and implement a software restriction policy on client computers.
 
Implement security on mobile computers.
 

Module 9: Planning and Implementing Software Updates

In this module, students will learn how to plan and implement update management strategies on computers.

Lessons

Introduction to Software Update Management
 
Implementing Microsoft Baseline Security Analyzer
 
Installing Windows Server Update Services
 
Managing a WSUS Infrastructure
 
Lab: Planning and Implementing Software Updates
 
Configure MBSA Integration with WSUS Server
 

After completing this module, students will be able to:

Describe the need for update management and the tools that you can use to implement update management strategies.
 
Implement MBSA.
 
Install WSUS.
 
Manage a WSUS infrastructure.
 

Module 10: Planning, Deploying, and Troubleshooting Data Transmission Security

This module provides students with the information they need to plan and troubleshoot data transmission security.

Lessons

Secure Data Transmission Methods
 
Introducing IPSec
 
Planning and Implementing Data Transmission Security Using IPSec
 
Troubleshooting IPSec Communications
 
Lab A: Implementing and Troubleshooting Data Transmission Security
 
Planning IPSec Security
 
Implementing IPSec Security
 

After completing this module, students will be able to:

Describe various methods for securing data transmission.
 
Describe the purpose and function of IPSec.
 
Plan and implement data transmission security using IPSec.
 
Troubleshoot IPSec communication.
 

Module 11: Planning and Implementing Security for Wireless Networks

A wireless network uses technology that enables two or more devices to communicate through standard network protocols and electromagnetic waves-not network cabling-to carry signals over part or all of the communication path. This module describes how to plan and implement security for wireless networks.

Lessons

Introduction to Securing Wireless Networks
 
Implementing 802.1x Authentication
 
Planning a Secure WLAN Strategy
 
Implementing a Secure WLAN
 
Troubleshooting Wireless Networks
 
Lab A: Planning and Implementing Security for Wireless Networks
 
Configuring Active Directory for Wireless Networks
 
Configuring Certificate Templates and Certificate Autoenrollment
 
Configuring Remote Access Policies for Wireless Devices
 
Configuring Group Policy for Wireless Networks
 

After completing this module, students will be able to:

Describe the components and features of a secure wireless LAN (WLAN) and a wireless infrastructure.
 
Plan a secure WLAN infrastructure.
 
Implement a secure WLAN infrastructure.
 
Troubleshoot WLAN errors and components.
 

Module 12: Planning and Implementing Perimeter Security with Internet Security and Acceleration Server 2004

Networks in organizations today are commonly interconnected-various networks within an organization connect to each other, and corporate networks connect to the Internet. Although this presents new business opportunities, it can also cause concerns about security, performance, and manageability.

Lessons

Introduction to Internet Security and Acceleration Server 2004
 
Installing and Managing ISA Server 2004
 
Securing a Perimeter Network by Using ISA Server 2004
 
Publishing Servers on a Perimeter Network
 
Lab A: Implementing Perimeter Network Security Using ISA Server 2000
 
Planning a Perimeter Network
 
Implementing a Perimeter Network
 
Securing an ISA Server 2000 Computer
 

After completing this module, students will be able to:

Describe the ISA Server 2004 features.
 
Install and manage ISA Server 2004.
 
Configure a perimeter network by using ISA Server 2004.
 
Publish servers on a perimeter network by using ISA Server 2004.
 

Module 13: Securing Remote Access

Remote access enables remote access clients to access corporate networks as if they were directly connected to the corporate network. The remote access clients connect to the network by using dial-up communication links. The security of a network is compromised if unauthorized remote users gain access to intranet-based resources. An effective network access security design ensures confirmation of the identity of the clients attempting to access your organization's network resources and protection of specific resources from inappropriate access by users.

Lessons

Introduction to Remote Access Technologies and Vulnerabilities
 
Planning a Remote Access Strategy
 
Deploying Network Access Quarantine Control Components
 
Lab A: Implementing a Secure VPN Solution
 
Configuring a VPN Connection
 
Configuring the VPN Server for Remote Access Quarantine
 
Configuring a Connection Manager Service Profile
 

After completing this module, students will be able to:

Describe the various remote access technologies used for remote access and the threats associated with remote access.
 
Plan a remote access strategy.
 
Implement and configure a virtual private network (VPN) server.
 
Deploy Network Access Quarantine Control components.
 

Training Avaliability and Delivery

This is primarily ilt training This class may be available at a classroom in Boston, MA, or at one of these training facilities: Braintree, MA Boston, MA Tyngsboro, MA Boston, MA Waltham, MA Peterborough, NH Contact Boston University Corporate Education Center for more information

Schedule: 5 days Training Presented in: English

About Boston University Corporate Education Center - Training Provider

More Technology Training from Boston University Corporate Education Center

• A+ Boot Camp
• Accelerated ITIL Foundation
• Access 2003 Level I
• Access 2003 Level II
• Access 2003 Level III
• Access 2003 Level IV
• Administering a Microsoft SQL Server 2000 Database
• Administering Cisco Routers
• Adobe Photoshop 7.0
• Advanced C++ Programming
• Advanced Cisco Routing
• Advanced Computer and Network Support
• Advanced Java Programming
• Apache Web Services and Database Connectivity
• C++ for non-C Programmers
• Cartographic Issues: Map Projections and Map Design
• Certificate in Applied Business Analysis Evenings Saturdays
• Certified Pen Testing Specialist (CPTS)
• Certified Wireless Security Professional
• Cisco Certified Network Associate CCNA Boot Camp
• Cisco Network Final Project
• Cisco Networking Fundamentals
• Cisco Switching Technologies
• Cisco Voice Over IP (CVOICE)
• Cisco? Certified Network Professional (CCNP?) Boot Camp
• Citrix MetaFrame Presentation Server 3.0: Management and Maintenance
• Citrix MetaFrame Presentation Server 3.0: Troubleshooting Enterprise Environments
• Citrix MetaFrame Presentation Server 3.0: Enterprise Edition Administration
• Citrix MetaFrame Presentation Server 3.0: Upgrade from XP
• Citrix MetaFrame Secure Access Manager 2.2: Administration
• Citrix MetaFrame XP Presentation Server, Feature Release 3: Administration
• Citrix Presentation Server 4.0: Administration
• COBOL Programming Workshop
• Computer Support Specialist
• Configuration and Troubleshooting Project
• Configuring Windows Vista Application and Tools
• Core Data Access with Microsoft Visual Studio 2005
• Customizing Microsoft SharePoint Products and Technologies 2003
• Design Patterns in Java
• Designing & Implementing OLAP Solutions Using Microsoft SQL Server 2000
• Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure
• Designing Microsoft SQL Server 2005 Server-Side Solutions
• Designing Security for Microsoft Networks
• Designing the Data Tier for Microsoft SQL Server 2005
• Developing Java Web Services
• Developing Microsoft NET Applications for Windows Visual Basic NET
• Developing Microsoft NET Applications for Windows Visual C NET
• Developing Web Applications Using Microsoft Visual Studio NET
• Developing XML Web Services Using Microsoft ASP.NET
• End-to-End BA Workshop
• Enterprise JavaBean Programming
• Excel 2003 Level I
• Excel 2003 Level II
• Excel 2003 Level III
• Exchanging & Transforming Data Using XML and XSLT
• Facilitating JAD Sessions
• Gathering and Documenting User Requirements with Use Cases
• GIS Project Development and Process
• Host Security
• HTML / CSS (Cascading Style Sheets)
• Implementing a Microsoft SQL Server 2005 Database
• Implementing a Microsoft Windows Server 2003 Network Infrastructure Network Hosts
• Implementing and Managing Microsoft Exchange Server 2003
• Implementing and Supporting Microsoft Windows XP Professional
• Implementing Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
• Implementing Microsoft Internet Security and Acceleration Server 2004
• Installing Administering and Configuring Microsoft Windows XP Professional
• Installing and Configuring the Windows Vista Operating System
• Interconnecting Cisco Network Devices ICND
• Intermediate Java Programming
• Internet Research
• Internetwork Troubleshooting
• Introduction to C Programming with Microsoft NET
• Introduction to Cisco Networking Technologies INTRO
• Introduction to Computer Maintenance
• Introduction to Computers
• Introduction to GIS Software: ESRI ArcGIS 9.x
• Introduction to GIS Technologies
• Introduction to Java Programming
• Introduction to Java Using WebSphere Studio Application Developer
• Introduction to Microsoft Visual C# Programming for Microsoft.Net Platform
• Introduction to Oracle9i: SQL
• Introduction to Programming
• Introduction to Relational Databases
• Introduction to Shell Scripting
• Introduction to Visual Basic NET Programming with Microsoft NET
• Introduction to XML
• Introduction to XML and the Microsoft .NET Platform
• Iterative Development and the Business Analyst
• ITIL Foundation Certification
• ITIL Practitioner Release and Control IPRC Certification
• ITIL Service Management Essentials
• ITIL Service Manager
• Jakarta Struts
• Jakarta Struts
• Java Servlets
• JavaServer Pages
• Learning Perl
• Linux Fundamentals
• Linux Fundamentals Boot Camp
• Linux Networking Services
• Linux System Administration
• Linux System and Network Administration Boot Camp
• Macromedia Dreamweaver MX
• Macromedia Flash MX
• Maintaining a Microsoft SQL Server 2005 Database
• Maintaining a Microsoft Windows Server 2003 Environment
• Managing a Microsoft Windows Server 2003 Environment
• Managing and Maintaining a Microsoft Windows Server 2003 Environment
• Managing Microsoft Systems Management Server 2003
• Mastering UNIX Shell Scripts
• Microsoft Programming with ADO.NET
• Microsoft Access 2003
• Microsoft Excel 2003
• Microsoft Outlook 2003
• Microsoft PowerPoint 2003
• Microsoft Security Guidance Training for Developers
• Microsoft Windows Server 2003 MCSA Boot Camp
• Microsoft Windows Server 2003 MCSE Boot Camp
• Microsoft Windows Server 2003 MCSE Upgrade Boot Camp
• Microsoft Word 2003
• Microsoft? Visual Basic? Scripting Edition and Microsoft Windows? Script Host Essentials
• Midterm Project
• MVS JCL for Non-Programmers
• Net Boot Camp
• Net+
• Network Security
• Object and Data Modeling Workshop
• Office Administrator Project
• Operating System Fundamentals
• Operating Systems Project
• Oracle 9i Data Warehousing Fundamentals
• Oracle 9i Forms Developer - Build Internet Applications
• Oracle 9i Reports Developer - Build Reports
• Oracle 9i: Program with PL/SQL
• Oracle Database 10g Administration Workshop I
• Oracle Database 10g Administration Workshop II
• Oracle Database 10g Introduction to SQL
• Oracle Database 10g Program with PL SQL
• Oracle Database 10g: New Features for Administrators
• Oracle9i Database Performance Tuning
• Oracle9i DBA Fundamentals I
• Oracle9i DBA Fundamentals II
• Outlook 2003 Level 1
• Outlook 2003 Level II
• Outlook 2003 Level III
• PHP 4 Introduction
• Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
• Planning Implementing and Maintaining Microsoft Windows Server 2003 Active Directory Infrastructure
• PowerPoint 2003 Level 1
• PowerPoint 2003 Level II
• Programming a Microsoft SQL Server 2000 Database
• Programming in C
• Programming the Microsoft Net Framework with Microsoft Visual C
• Programming the Microsoft Net Framework with Visual Basic Net
• Programming with Microsoft Visual Basic .NET
• Quality Assurance for the Business Analyst
• Querying Microsoft SQL Server 2000 with Transact-SQL
• Securing Cisco Network Devices (SND) v1.0
• Securing Networks with PIX and ASA (SNPA) v4.0
• Security
• Spatial Analysis Using GIS
• Spatial Databases and Database Development
• Supporting Microsoft Operating Systems
• Supporting Users Running Applications on a Microsoft Windows XP Operating System
• Supporting Users Running the Microsoft Windows XP Operating System
• The Business Analyst s Crash Course
• The JSP Standard Tag Library
• Troubleshooting and Optimizing Database Servers Using Microsoft SQL Server 2005
• Updating Your Database Administration Skills to Microsoft SQL Server 2005
• Updating Your Database Development Skills to Microsoft SQL Server 2005
• Web Site Design
• WebSphere Application Server v5.1 Administration
• WebSphere v5 Performance Tuning Tools and Methodology Workshop
• What's New in Microsoft Visual Studio 2005 for existing Visual Studio .NET Developers(Workshop)
• Wireless LAN Administration
• Word 2003 Level I
• Word 2003 Level II
• Word 2003 Level III
• Workflow Modeling and State Machines
• XML Design and Implementation
• XML Programming Using Java