Introduction

This four-day, instructor-led course provides students with the knowledge and skills to begin supporting network security within an organization. Students who complete this course will be able to identify security threats and vulnerabilities, and help respond to and recover from security incidents.
This course will cover security concepts that are prerequisites for attending other Microsoft Official Curriculum (MOC) courses for security specialists and help prepare students for the CompTIA Security+ exam.
This course has been approved as CompTIA Authorized Quality Curriculum (CAQC) for the CompTIA Security+ certification. The CAQC program assures students that all test objectives for the CompTIA Security+ certification exam are covered in the course materials.
Although the course focuses on Microsoft product- and technology-specific implementation of security concepts, many of these same concepts can be applied to other technologies.

Audience

This course is designed for administrators who are responsible for the day-to-day administration of Microsoft Windows® 2000. Students should have general knowledge of networking concepts and one or more years of experience managing Windows 2000. Other IT professionals may also take this course on the path to becoming a security specialist.

At Course Completion

After completing this course, students will be able to:

• Explain common attacks against network assets, the associated threats and vulnerabilities, and what network security personnel do to secure assets.
• Explain how to use cryptography to help protect information and how to choose an appropriate encryption method for an organization.
• Implement security-enhanced computing baselines in an organization.
• Help protect information in an organization by using authentication and access control.
• Deploy and manage certificates.
• Help protect transmission of data by identifying threats to network devices and implementing security for common data transmission, remote access, and wireless network traffic.
• Help protect Web servers against common attacks and configure security for Web browsers.
• Help protect e-mail messages and instant messaging from common security threats.
• Identify common security threats and vulnerabilities to directory services and DNS, and then apply security methods to help protect them.
• Identify network perimeter threats and monitor perimeter security for a network.
• Identify types of security policies to manage operational security, and then use these policies to ensure compliance by users in an organization.
• Preserve business continuity by implementing a security-enhanced disaster recovery strategy, communicating risks to others, and performing secure backup and recovery.
• Identify, respond to, and assist in the formal investigation of security incidents.

Prerequisites

Before attending this course, students must have one year of experience managing Windows 2000 Server or have equivalent knowledge and skills, such as those described in MOC Course 2152: Implementing Microsoft Windows 2000 Professional and Server.

Course Outline

• Preparing to Secure Information
  Explaining How Assets Are Attacked
  Explaining How Assets Are Secured
• Implementing Secure Computing Baselines
  Introduction to Trusted Computing Bases
  Establishing a Secure Baseline
  Monitoring a Secure Baseline
  Physically Securing Computers
  Maintaining a Secure Baseline
• Securing Information Using Authentication and Access Control
  Introduction to Access Control
  Implementing an Authentication Strategy
  Implementing an Access Control Strategy
• Using Cryptography to Secure Information
  Introduction to Cryptography
  Using Symmetric Encryption
  Using Hash Functions
  Using Public Key Encryption
• Using a PKI to Secure Information
  Introduction to Certificates
  Introduction to Public Key Infrastructure
  Deploying and Managing Certificates
• Securing Internet Applications and Components
  Securing Web Servers
  Configuring Security for Common Internet Protocols
  Configuring Security for Web Browsers
  Configuring Security for Databases
• Implementing Security for E-Mail and Instant Messaging
  Securing E-Mail Servers
  Securing E-Mail Clients
  Securing Instant Messaging
• Managing Security for Directory Services and DNS
  Securing Directory Services Against Common Threats
  Securing DNS Against Common Threats
• Lesson 9: Securing Data Transmission
  Identifying Threats to Network Devices
  Implementing Security for Common Data Transmission
  Implementing Security for Remote Access
  Implementing Security for Wireless Network Traffic
• Implementing and Monitoring Security for Network Perimeters
  Introduction to Network Perimeters
  Implementing Security on Inbound and Outbound Network Traffic
  Monitoring Network Traffic
• Managing Operational Security
  Establishing Security Policies and Procedures
  Educating Users about Security Policies
  Applying Security Policies to Operational Management
  Resolving Ethical Dilemmas When Securing Assets
• Preserving Business Continuity
  Preparing to Recover from Disasters
  Communicating the Impact of Risks
  Performing a Secure Backup and Recovery
• Responding to Security Incidents
  Identifying Security Incidents
  Responding to Security Incidents
  Investigating Security Incidents

Microsoft Certified Professional Exams

CompTIA Security+ exam

Course Materials

The student kit includes a comprehensive workbook and other necessary materials for this class.

Related courses:

• M2274: Managing a Microsoft Windows Server 2003 Environment
• М2275 Maintaining a Microsoft Windows Server 2003 Environment
• M2277 Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services
• М2279 Planning, Implementing and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure
• M2823 Implementing and Administering Security in a Microsoft Windows Server 2003 Network
• M2830 Designing Security for Microsoft Networks
• M2824 Implementing Microsoft Internet Security and Acceleration Server 2004

Microsoft Software Assurance

What is Software Assurance?

Software Assurance (SA) provides an easy way for Microsoft's Volume Licensing customers to stay current with the latest and most innovative Microsoft products. Under the SA program, customers acquire the right to install any new release of products covered in the agreement during the term of their coverage. Companies can acquire tomorrow's technology at today's prices and have the ability to spread payments annually instead of paying up front. Visit www.microsoft.com/licensing to learn more about Microsoft's licensing programs.

What is the SA Enhancement Offering?

The SA Enhancement Offering is designed to increase customer satisfaction by giving customers more value from Software Assurance and a better Microsoft product experience. The Enhancement Offering contains tools, training, and support as well as additional licensing benefits which meet different customer needs across product segments and across customer segments. The many benefits include:

• Training vouchers redeemable
• Employee Purchase Program
• Home Use Program
• Problem Resolution Support
• TechNet Subscription
• Technology & Tools

What is the Software Assurance (SA) Training Voucher Program?

Qualifying organizations that purchase Software Assurance receive training credits from Microsoft. Each training credit is worth the equivalent of one day of training at Networking Technologies™. Customers can redeem these credits for SA Training Vouchers for select Microsoft courses from «Networking Technologies»™.

How to Get Started?

Contact the individual in your organization responsible for software purchases to verify that you purchased volume licensing with Software Assurance. We can help you activate your benefits and administer the training vouchers. To register for a training contact Education Center «Networking Technologies»™ directly via e-mail edu@tex.kiev.ua