6 Certification - MCSA/MCSE: Windows 2003 Security Boot Camp

Course Length: 15 days

Certifications:

MCP
MCSA
MCSE
MCSA: Security
MCSE: Security
CompTIA Security+     

Number of Exams: 8

The MCSA/MCSE: Security exams support the release of Windows Server™ 2003 by identifying systems engineers who can successfully plan and implement a network infrastructure, Active Directory® infrastructure, and client deployment on the Windows 2003 platform, and perform maintenance at a high level for a medium- to large-sized Windows 2003 environment.

The MCSA/MCSE: Security on Windows Server™ 2003 credential offers IT professionals a competitive edge in today's constantly changing business environment by validating the specific experience required by the network and systems administrator job role. The certification provides employers with a means to identify those qualified individuals who have the appropriate skills set to do the job successfully.

CompTIA Security+ is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.

• Microsoft Exam 70-270
• Microsoft Exam 70-290
• Microsoft Exam 70-291
• CompTIA Security+
• Microsoft Exam 70-293
• Microsoft Exam 70-294
• Microsoft Exam 70-298
• Microsoft Exam 70-299

Microsoft Exam 70-270

Installing, Configuring, and Administering Microsoft Windows XP Professional

Installing Windows XP Professional

• Perform an attended installation of Windows XP Professional.
• Perform an unattended installation of Windows XP Professional.
• Upgrade from a previous version of Windows to Windows XP Professional.
• Perform post-installation updates and product activation.
• Troubleshoot failed installations.

Implementing and Conducting Administration of Resources

• Monitor, manage, and troubleshoot access to files and folders.
• Manage and troubleshoot access to shared folders.
• Connect to local and network print devices.
• Configure and manage file systems.
• Manage and troubleshoot access to and synchronization of offline files.

Implementing, Managing, Monitoring, and Troubleshooting Hardware Devices and Drivers

• Implement, manage, and troubleshoot disk devices.
• Implement, manage, and troubleshoot display devices.
• Configure Advanced Configuration Power Interface (ACPI).
• Implement, manage, and troubleshoot input and output (I/O) devices.
• Manage and troubleshoot drivers and driver signing.
• Monitor and configure multiprocessor computers.

Monitoring and Optimizing System Performance and Reliability

• Monitor, optimize, and troubleshoot performance of the Windows XP Professional desktop.
• Manage, monitor, and optimize system performance for mobile users.
• Restore and back up the operating system, System State data, and user data.

Configuring and Troubleshooting the Desktop Environment

• Configure and manage user profiles and desktop settings.
• Configure support for multiple languages or multiple locations.
• Manage applications by using Windows Installer packages.

Implementing, Managing, and Troubleshooting Network Protocols and Services

• Configure and troubleshoot the TCP/IP protocol.
• Connect to computers by using dial-up networking.
• Connect to resources using Internet Explorer.
• Configure, manage, and implement Internet Information Services (IIS).
• Configure, manage, and troubleshoot Remote Desktop and Remote Assistance.
• Configure, manage, and troubleshoot an Internet Connection Firewall (ICF).

Configuring, Managing, and Troubleshooting Security

• Configure, manage, and troubleshoot Encrypting File System (EFS).
• Configure, manage, and troubleshoot a security configuration and local security policy.
• Configure, manage, and troubleshoot local user and group accounts.
• Configure, manage, and troubleshoot Internet Explorer security settings.

[ back to top ]

Microsoft Exam 70-290

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Managing and Maintaining Physical and Logical Devices

• Manage basic disks and dynamic disks.
• Monitor server hardware. Tools might include Device Manager, the Hardware Troubleshooting Wizard, and appropriate Control Panel items.
• Optimize server disk performance.
• Install and configure server hardware devices.

Managing Users, Computers, and Groups

• Manage local, roaming, and mandatory user profiles.
• Create and manage computer accounts in an Active Directory environment.
• Create and manage groups.
• Create and manage user accounts.
• Troubleshoot computer accounts.
• Troubleshoot user accounts.
• Troubleshoot user authentication issues.

Managing and Maintaining Access to Resources

• Configure access to shared folders.
• Troubleshoot Terminal Services.
• Configure file system permissions.
• Troubleshoot access to files and shared folders.

Managing and Maintaining a Server Environment

• Monitor and analyze events. Tools might include Event Viewer and System Monitor.
• Manage software update infrastructure.
• Manage software site licensing.
• Manage servers remotely.
• Troubleshoot print queues.
• Monitor system performance.
• Monitor file and print servers. Tools might include Task Manager, Event Viewer, and System Monitor.
• Monitor and optimize a server environment for application performance.
• Manage a Web server.

Managing and Implementing Disaster Recovery

• Perform system recovery for a server.
• Manage backup procedures.
• Recover from server hardware failure.
• Restore backup data.
• Schedule backup jobs.

Microsoft Exam 70-291

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Implementing, Managing, and Maintaining IP Addressing

• Configure TCP/IP addressing on a server computer.
• Manage DHCP.
• Troubleshoot TCP/IP addressing.
• Troubleshoot DHCP.

Implementing, Managing, and Maintaining Name Resolution

• Install and configure the DNS Server service.
• Manage DNS.
• Monitor DNS. Tools might include System Monitor, Event Viewer, Replication Monitor, and DNS debug logs.

Implementing, Managing, and Maintaining Network Security

• Implement secure network administration procedures.
• Monitor network protocol security. Tools might include the IP Security Monitor Microsoft Management Console (MMC) snap-in and Kerberos support tools.
• Troubleshoot network protocol security. Tools might include the IP Security Monitor MMC snap-in, Event Viewer, and Network Monitor.

Implementing, Managing, and Maintaining Routing and Remote Access

• Configure Routing and Remote Access user authentication.
• Manage remote access.
• Manage TCP/IP routing.
• Implement secure access between private networks.
• Troubleshoot user access to remote access services.
• Troubleshoot Routing and Remote Access routing.

Maintaining a Network Infrastructure

• Monitor network traffic. Tools might include Network Monitor and System Monitor.
• Troubleshoot connectivity to the Internet.
• Troubleshoot server services.

CompTIA Security+

CompTIA Security+ validates knowledge of systems security, network infrastructure, access control, assessments and audits, cryptography and organizational security.

The CompTIA Security+ (2008 Edition) Certification is a vendor neutral credential. The Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe. The skills and knowledge measured by this course are derived from an industry-wide Job Task Analysis (JTA) and were validated through a global survey in Q4, 2007.

Security+ is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ examination (exam number SY0-201). In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.

The CompTIA Security+ course is 3.5 days including the certification exam.

Target Student: This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems and to those who want to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications.

Prerequisites: CompTIA A+ and Network+ certifications, or equivalent knowledge. Experience in networking, including experience configuring and managing TCP/IP is helpful.

Course Content:

Systems Security

• Differentiate among various systems security threats.
• Explain the security risks pertaining to system hardware and peripherals.
• Implement OS hardening practices and procedures to achieve workstation and server security.
• Carry out the appropriate procedures to establish application security.
• Implement security applications.
• Explain the purpose and application of virtualization technology.

Network Infrastructure

• Differentiate between the different ports & protocols, their respective threats and mitigation techniques.
• Distinguish between network design elements and components.
• Determine the appropriate use of network security tools to facilitate network security.
• Apply the appropriate network tools to facilitate network security.
• Explain the vulnerabilities and mitigations associated with network devices.
• Explain the vulnerabilities and mitigations associated with various transmission media.
• Explain the vulnerabilities and implement mitigations associated with wireless networking.

Access Control

• Identify and apply industry best practices for access control methods.
• Explain common access control models and the differences between each.
• Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.
• Apply appropriate security controls to file and print resources.
• Compare and implement logical access control methods.
• Summarize the various authentication models and identify the components of each.
• Deploy various authentication models and identify the components of each.
• Explain the difference between identification and authentication (identity proofing).
• Explain and apply physical access security methods.

Assessments & Audits

• Conduct risk assessments and implement risk mitigation.
• Carry out vulnerability assessments using common tools.
• Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.
• Use monitoring tools on systems and networks and detect security-related anomalies.
• Compare and contrast various types of monitoring methodologies.
• Execute proper logging procedures and evaluate the results.
• Conduct periodic audits of system security settings.

Cryptography

• Explain general cryptography concepts.
• Explain basic hashing concepts and map various algorithms to appropriate applications.
• Explain basic encryption concepts and map various algorithms to appropriate applications.
• Explain and implement protocols.
• Explain core concepts of public key cryptography.
• Implement PKI and certificate management.

Organizational Security

• Explain redundancy planning and its components.
• Implement disaster recovery procedures.
• Differentiate between and execute appropriate incident response procedures.
• Identify and explain applicable legislation and organizational policies.
• Explain the importance of environmental controls.
• Explain the concept of and how to reduce the risks of social engineering.

Microsoft Exam 70-293

Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Planning and Implementing Server Roles and Server Security

• Configure security for servers that are assigned specific roles.
• Plan a secure baseline installation.
• Plan security for servers that are assigned specific roles. Roles might include domain controllers, Web servers, database servers, and mail servers.
• Evaluate and select the operating system to install on computers in an enterprise.

Planning, Implementing, and Maintaining a Network Infrastructure

• Plan a TCP/IP network infrastructure strategy.
• Plan and modify a network topology.
• Plan an Internet connectivity strategy.
• Plan network traffic monitoring. Tools might include Network Monitor and System Monitor.
• Troubleshoot connectivity to the Internet.
• Troubleshoot TCP/IP addressing.
• Plan a host name resolution strategy.
• Plan a NetBIOS name resolution strategy.
• Troubleshoot host name resolution.

Planning, Implementing, and Maintaining Routing and Remote Access

• Plan a routing strategy.
• Plan security for remote access users.
• Implement secure access between private networks.
• Troubleshoot TCP/IP routing. Tools might include the route, tracert, ping, pathping, and netsh commands and Network Monitor.

Planning, Implementing, and Maintaining Server Availability

• Plan services for high availability.
• Identify system bottlenecks, including memory, processor, disk, and network related bottlenecks.
• Implement a cluster server.
• Monitor Network Load Balancing. Tools might include the Network Load Balancing Monitor Microsoft Management Console (MMC) snap-in and the WLBS cluster control utility.
• Plan a backup and recovery strategy.

Planning and Maintaining Network Security

• Configure network protocol security.
• Configure security for data transmission.
• Plan for network protocol security.
• Plan secure network administration methods.
• Plan security for wireless networks.
• Plan security for data transmission.
• Troubleshoot security for data transmission. Tools might include the IP Security Monitor MMC snap-in and the Resultant Set of Policy (RSoP) MMC snap-in.

Planning, Implementing, and Maintaining Security Infrastructure.

• Configure Active Directory directory service for certificate publication.
• Plan a public key infrastructure (PKI) that uses Certificate Services.
• Plan a framework for planning and implementing security.
• Plan a security update infrastructure. Tools might include Microsoft Baseline Security Analyzer and Microsoft Software Update Services.

Microsoft Exam 70-294

Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure

Planning and Implementing an Active Directory Infrastructure

• Plan a strategy for placing global catalog servers.
• Plan flexible operations master role placement.
• Implement an Active Directory directory service forest and domain structure.
• Implement an Active Directory site topology.
• Plan an administrative delegation strategy.

Managing and Maintaining an Active Directory Infrastructure

• Manage an Active Directory forest and domain structure.
• Manage an Active Directory site.
• Monitor Active Directory replication failures. Tools might include Replication Monitor, Event Viewer, and support tools.
• Restore Active Directory directory services.
• Troubleshoot Active Directory.

Planning and Implementing User, Computer, and Group Strategies

• Plan a security group strategy.
• Plan a user authentication strategy.
• Plan an OU structure.
• Implement an OU structure.

Planning and Implementing Group Policy

• Plan Group Policy strategy.
• Configure the user environment by using Group Policy.
• Deploy a computer environment by using Group Policy.

Managing and Maintaining Group Policy

• Troubleshoot issues related to Group Policy application. deployment. Tools might include RSoP and the gpresult command.
• Maintain installed software by using Group Policy.
• Troubleshoot the application of Group Policy security settings. Tools might include RSoP and the gpresult command.

Microsoft Exam 70-298

Designing Security for a Microsoft Windows Server 2003 Network

Creating the Conceptual Design for Network Infrastructure Security by Gathering and Analyzing Business and Technical Requirements

• Analyze business requirements for designing security. Considerations include existing policies and procedures, sensitivity of data, cost, legal requirements, end-user impact, interoperability, maintainability, scalability, and risk.
• Design a framework for designing and implementing security. The framework should include prevention, detection, isolation, and recovery.
• Analyze technical constraints when designing security.

Creating the Logical Design for Network Infrastructure Security

• Design a public key infrastructure (PKI) that uses Certificate Services.
• Design a logical authentication strategy.
• Design security for network management.
• Design a security update infrastructure.

Creating the Physical Design for Network Infrastructure Security

• Design network infrastructure security.
• Design security for wireless networks.
• Design user authentication for Internet Information Services (IIS).
• Design security for Internet Information Services (IIS).
• Design security for communication between networks.
• Design security for communication with external organizations.
• Design security for servers that have specific roles. Roles include domain controller, network infrastructure server, file server, IIS server, terminal server, and POP3 mail server.

Designing an Access Control Strategy for Data

• Design an access control strategy for directory services.
• Design an access control strategy for files and folders.
• Design an access control strategy for the registry.

Creating the Physical Design for Client Infrastructure Security

• Design a client authentication strategy.
• Design a security strategy for client remote access.
• Design a strategy for securing client computers. Considerations include desktop and portable computers.

Microsoft Exam 70-299

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Implementing, Managing, and Troubleshooting Security Policies

• Plan security templates based on computer role. Computer roles include SQL Server computer, Microsoft Exchange Server computer, domain controller, Internet Authentication Service (IAS) server, and Internet Information Services (IIS) server.
• Configure security templates.
• Deploy security templates.
• Troubleshoot security template problems.
• Configure additional security based on computer roles. Server computer roles include SQL Server computer, Exchange Server computer, domain controller, Internet Authentication Service (IAS) server, and Internet Information Services (IIS) server. Client computer roles include desktop, portable, and kiosk.

Implementing, Managing, and Troubleshooting Patch Management Infrastructure

• Plan the deployment of service packs and hotfixes.
• Assess the current status of service packs and hotfixes. Tools include MBSA and the MBSA command-line tool.
• Deploy service packs and hotfixes.

Implementing, Managing, and Troubleshooting Security for Network Communications

• Plan IPSec deployment.
• Configure IPSec policies to secure communication between networks and hosts. Hosts include domain controllers, Internet Web servers, databases, e-mail servers, and client computers.
• Deploy and manage IPSec policies.
• Troubleshoot IPSec.
• Plan and implement security for wireless networks.
• Deploy, manage, and configure SSL certificates, including uses for HTTPS, LDAPS, and wireless networks. Considerations include renewing certificates and obtaining self-issued certificates instead of publicly issued certificates.
• Configure security for remote access users.

Planning, Configuring, and Troubleshooting Authentication, Authorization, and PKI

• Plan and configure authentication.
• Plan group structure.
• Plan and configure authorization.
• Install, manage, and configure Certificate Services.