Microsoft Windows 2000 Implementing Security Part 4: Mixed Clients

This course teaches how to provide secures access to non-Microsoft clients. Remote access and firewalls are covered. Participants also learn about screened subnets. Finally application-layer security and IP-layer security concepts are taught.

This is primarily online training This is an online eLearning or CBT training program Contact Serebra Learning Corporation for more information

Duration: 8 hours Training Presented in: English

Audience

Candidates operate in medium to very large computing environments that use Windows 2000 and Active Directory . Operating systems on client computers might include Windows NT Workstation 4.0 Windows 2000 Professional and Windows XP Professional. Candidates have a minimum of one year's experience in implementing and administering security and network infrastructures.

Objective

Upon completion of this course the student will be able to:

• match components of Public Key Infrastructure (PKI) with their descriptions.
• match UNIX client authentication methods with their descriptions.
• identify the guidelines for securing file access.
• identify the risks of providing remote access.
• match methods for authenticating remote access users with their descriptions.
• identify methods for authorizing remote access connections.
• match the application-layer security protocols with their definitions.
• identify characteristics of Server Message Block (SMB) Signing.
• identify guidelines for securing communication for a Web application.

Topics Include

Unit 1: Access to Non-Microsoft Clients

• Match components of Public Key Infrastructure (PKI) with their descriptions.
• Match UNIX client authentication methods with their descriptions.
• Identify the guidelines for securing file access.
• Identify guidelines for securing TCP/IP-based applications.
• Identify the features of services for NetWare.
• Identify features of authenticating NetWare Clients.
• Identify security risks of accessing NetWare resources.
• Identify methods for authenticating Macintosh clients.
• Identify methods for providing Macintosh clients secure access to network resources.
• Identify steps for configuring authentication protocols to support mixed Windows client-computer environments.
• Identify methods for securing a DHCP server.
• Identify methods for securing DNS servers.
• Identify risks of using Simple Network Management Protocol (SNMP) to manage a network infrastructure.
• Identify features of Network Monitor.

Unit 2: RAS and Firewalls

• Identify the risks of providing remote access.
• Match methods for authenticating remote access users with their descriptions.
• Identify methods for authorizing remote access connections.
• Identify functions of a remote access policy.
• Match remote access policy models with their descriptions.
• Identify features of remote access based on Windows NT 4.0 servers.
• Identify Connection Manager Administration Kit (CMAK) security options for dial-up connections.
• Identify benefits of a VPN connection.
• Sort VPN security requirements according to their most suitable tunneling protocol.
• Identify features of public and private networks.
• Identify features of router security.
• Identify security features provided by a Windows 2000-based router.
• Identify types of common network security attacks.
• Identify risks from denial of service (DoS) attacks.
• Identify methods for minimizing the risk of port scanning.
• Identify options for filtering protocols allowed through a firewall.
• Identify features of a three-pronged firewall used to create a screened subnet.
• Identify features of a mid-ground screened subnet.
• Identify considerations for securing VPN connections between remote offices.
• Identify methods to protect a private network.
• Identify features of static address mapping.
• Identify design considerations for a screened subnet.
• Identify firewall configuration options for securing traffic to Microsoft Exchange Server.
• Identify firewall configuration options for securing Layer Two Tunneling Protocol (L2TP) traffic to a tunnel server.
• Identify firewall configuration options for securing traffic to a Terminal Services server.
• Identify features of network load balancing.
• Identify firewall configuration options for securing traffic to a Hypertext Transfer Protocol (HTTP) and FTP server.
• Identify firewall configuration options for securing traffic to a DNS server.
• Identify firewall configuration options for securing traffic to an application server.
• Identify firewall configuration options for securing Point-to-Point Tunneling Protocol (PPTP) traffic to a tunnel server.

Unit 3: Application-Layer and IP-Layer Security

• Match the application-layer security protocols with their definitions.
• Identify characteristics of Server Message Block (SMB) Signing.
• Identify guidelines for securing communication for a Web application.
• Identify the authentication methods supported by Internet Protocol Security (IPSec).
• Identify the types of security provided by Internet Protocol Security (IPSec).
• Match IPSec predefined policies with their descriptions.
• Sequence the steps for applying an IPsec filter.

Duration

8 Hours

Minimum Requirements

The CDROM version of this course requires:

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).
• At least a double speed CDROM drive.
• An MPC compliant sound card with attached speakers or headphones is recommended (Currently only the CDROM version supports audio).

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM and 22MB available hard disk space or file server space.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).

Media

• Microsoft Windows 2000 Implementing Security Part 1: User Accounts
• Microsoft Windows 2000 Implementing Security Part 2: Additional Security
• Microsoft Windows 2000 Implementing Security Part 3: PKI and Partners
• Microsoft Windows 2000 Implementing Security Part 5: RAS and Wireless