Implementing and Administering Security in a Microsoft Windows 2000 Network Training in Boulder Colorado

This five-day instructor-led course provides students with the knowledge and skills required to implement and administer security services on Windows 2000.

Training Program Details

Program Outline

Module 1: Implementing Group Policy

The information in this module explains in detail what Group Policy is and how it works. Group Policy is used to configure user's desktop environments and to deploy applications. Although Group Policy is primarily a centralized configuration tool rather than a security mechanism administrators need to be familiar with the security implications of Group Policy configuration.

Lessons

Introducing Active Directory and Group Policy

Configuring and Managing Group Policy

Configuring Client Computer Security Policy

Troubleshooting Group Policy Application

Lab: Implementing Group Policies in Active Directory

After completing this module students will be able to:

Describe and create Active Directory structures.

Describe and manage Group Policy.

Configure client computer security policies.

Troubleshoot Group Policy application.

Describe the security limitations of Group Policy.

Module 2: Creating User Accounts and Security Groups

The information in this module explains how to use local user accounts and security groups to secure access to resources on local computers and how to use domain accounts and security groups to secure access to resources in the domain.

Lessons

Creating and Managing Local User Accounts and Security Groups

Creating and Managing Active Directory Domain Accounts and Security Groups

Lab: Creating OUs Users and Security Groups in Active Directory

After completing this module students will be able to:

Create and manage user accounts and security groups on local computers.

Create and manage user accounts and security groups in a domain.

Module 3: Restricting Accounts Users and Groups

This module builds on the security features introduced in Module 2 "User Accounts and Security Groups." It explains the restrictions applied to users when they log on by the use of account policies configured in Group Policy. It also describes how to manage user rights how to restrict users to specific security group membership and how to use security templates to establish a level of security across the network. It discusses what you need to know to manage and deploy security templates and provides information about troubleshooting common problems with them.

Lessons

Introducing Account Policies

Managing User Rights

Using Restricted Groups

Administering Security Templates

Lab: Using Security Templates to Restrict Users and Groups

After completing this module students will be able to:

Configure and apply account policies.

Manage user rights.

Control access using restricted groups.

Administer security templates.

Module 4: Configuring Account Based Security

The information in this module explains the use of a user's account credentials and how the permissions secure various types of resources in Windows 2000.

Lessons

Managing NTFS File System Permissions

Implementing Share Security

Implementing Audit Policies

Securing the Registry

Lab: Using Security Templates to Configure Account Based Security

After completing this module students will be able to:

Manage file system permissions.

Implement share service security.

Using audit policies.

Secure the registry.

Module 5: Managing Certificate Authorities

The information in this module explains the installation and maintenance of certificate authorities and Microsoft Certificate Services.

Lessons

Introducing Certificates

Implementing Windows 2000 Certificate Services

Maintaining Certificate Authorities

Lab: Implementing a PKI

After completing this module students will be able to:

Describe Certificates.

Install Windows 2000 Certificate Services.

Maintain Certificate Authorities.

Module 6: Managing a Public Key Infrastructure

The information in this module explains the installation and maintenance of certificate authorities and Microsoft Certificate Services.

Lessons

Deploying Computer Certificates

Deploying User Certificates

Deploying Smart Card Certificates

Deploying S/MIME Certificates

Lab: Deploying S/MIME Certificates in Windows 2000

After completing this module students will be able to:

Work with computer certificates.

Deploy user certificates.

Use Smartcard certificates.

Deploy S/MIME certificates.

Module 7: Increasing Authentication Security

The information in this module explains how to keep a network as secure as possible while still allowing access to the network resources for clients that run earlier versions of Microsoft Windows and third-party operating systems. The module goes on to explain how to keep authentication secure when transiting between domains within the same organization.

Lessons

Supporting Earlier Versions of Windows Clients

Supporting Macintosh Clients

Configuring Trust Relationships

After completing this module students will be able to:

Support earlier versions of Windows clients.

Support Macintosh computers.

Describe and configure Trust Relationships.

Module 8: Implementing IP Security

The information in this module introduces IPSec and the use of authentication and encryption methods that are compatible with IP networks. It goes on to explain the appropriate tools and techniques for troubleshooting IPSec.

Lessons

Configuring IPSec Within a Domain

Configuring IPSec Between Untrusted Networks

Configuring IPSec on Internet Servers

Troubleshooting IPSec Configuration

Lab: Implementing IP Security in a Windows 2000 Network

After completing this module students will be able to:

Configure IPSec within a domain.

Configure IPSec between untrusted networks.

Configure IPSec on Internet servers.

Troubleshoot IPSec configuration.

Module 9: Securing Remote Access and VPN

The information in this module introduces the Routing and Remote Access service which is the Windows 2000 component that manages both routing between networks and remote access to networks.

Lessons

Securing RRAS Servers

Managing RRAS Authentication

Securing Remote Clients

Securing Communications Using a VPN

Lab: Implementing and Securing a Server Running RRAS

After completing this module students will be able to:

Secure RRAS servers.

Manage RRAS authentication.

Secure remote clients.

Secure communications using a VPN.

Module 10: Configuring Clients for Wireless Security

The information in this module introduces the security implications of running a wireless network. The lesson explains that security standards for wireless protocols are still evolving and introduces both the existing Wired Equivalent Privacy (WEP) protocol and the newer 802.1X port authentication protocol.

Lessons

Setting Up a Wireless Network

Securing Wireless Networks

Configuring Clients for Wireless Security

After completing this module students will be able to:

Set up a wireless network.

Secure a wireless network.

Configure clients for wireless security.

Module 11: Securing Public Application Servers

The information in this module explains the types of attacks that can be expected and the methods for defending against them when running servers that provide public services. A secure Internet services infrastructure must be built by using firewalls properly securing e-mail servers and protecting the database servers that frequently provide back-end data for Web servers.

Lessons

Securing Public Services

Providing Internet Security

Configuring Microsoft SQL Server™ for Internet Security

Securing Microsoft Exchange Server for the Internet

Lab: Designing an External Firewall Configuration

After completing this module students will be able to:

Provide Internet Security.

Configure Microsoft SQL Server for Internet Security.

Secure Microsoft Exchange Server.

Module 12: Implementing Web Service Security

The information in this module explains how to configure Internet Information Services (IIS) security features correctly to make Web servers as secure as possible.

Lessons

Configuring Public Web Servers

Configuring Web Authentication

Using Secure Sockets Layer to Encrypt Communications

Lab: Implementing Web Service Security

After completing this module students will be able to:

Secure public Web servers.

Describe Web authentication.

Use Secure Sockets Layer.

Module 13: Detecting Intrusions and Monitoring Events

The information in this module explains how to configure IIS security features correctly to make Web servers as secure as possible.

Lessons

Establishing Intrusion Detection for Public Servers

Event Monitoring in the Private Network

After completing this module students will be able to:

Establish intrusion detection for public servers.

Monitor events in the private network.

Module 14: Maintaining Software

The information in this module explains the various tools that can be used update client and server computers.

Lessons

Installing and Managing Service Packs and Hotfixes

Automating Updates with Microsoft Software Update Services

Deploying Updates Throughout the Network

Lab: Maintaining Software

After completing this module students will be able to:

Work with Service Packs and Hotfixes.

Automate updates with Microsoft Software Update Services.

Deploy updates in the enterprise.

Related Exams

This course will help the student prepare for the following Microsoft Certified Professional exam:

Exam 70-214: Implementing and Administering Security in a Microsoft Windows 2000 Network

Student Pre-Requisites

Before attending this course students must have:

Familiarity with Windows 2000 core technologies such as those described in the following Microsoft Official Curriculum (MOC) course:

Course 2152: Implementing Microsoft Windows 2000 Professional and Server

Familiarity with Windows 2000 networking technologies such as those described in the following MOC course:

Course 2153: Implementing a Microsoft Windows 2000 Network Infrastructure

Familiarity with Windows 2000 directory services technologies such as those described in the following MOC course:

Course 2154: Implementing and Administering Microsoft Windows 2000 Directory Services

Familiarity with fundamental network security technologies such as those described in the following MOC course:

Course 2810: Fundamentals of Network Security or equivalent knowledge

Student Materials

The student kit includes a comprehensive workbook and other necessary materials for this class.

Program Goals

After completing this course students will be able to:

Implement Group Policy.

Create and work with user accounts and security groups.

Implement account policies and security templates.

Administer account based security.

Install and maintain certificate authorities.

Manage a public key infrastructure (PKI).

Secure early versions of Windows clients.

Configure and troubleshoot IPSec.

Secure remote access and VPNs.

Configure wireless security.

Secure public application servers.

Secure Web services.

Monitor events and intruder detection.

Maintain software service pack and hotfix deployments.

Implementing and Administering Security in a Microsoft Windows 2000 Network

Training Provided by American IT

Training Avaliability and Delivery

Training Program Details

Program Outline

Related Exams

Student Pre-Requisites

Student Materials

Program Goals

About American IT - Training Provider

More Training from American IT