You are in Training / Microsoft / Windows 2000 / Course MS2820 / Course Outline

MS2820 Implementing and Administering Security in a Microsoft Windows 2000 Network Course Outline

Module 1: Implementing Group Policy

The information in this module explains in detail what Group Policy is and how it works. Group Policy is used to configure user's desktop environments and to deploy applications. Although Group Policy is primarily a centralized configuration tool rather than a security mechanism, administrators need to be familiar with the security implications of Group Policy configuration.

Lessons

	Introducing Active Directory® and Group Policy
	Configuring and Managing Group Policy
	Configuring Client Computer Security Policy
	Troubleshooting Group Policy Application

Lab: Implementing Group Policies in Active Directory

After completing this module, students will be able to:

	Describe and create Active Directory structures.
	Describe and manage Group Policy.
	Configure client computer security policies.
	Troubleshoot Group Policy application.
	Describe the security limitations of Group Policy.

Module 2: Creating User Accounts and Security Groups

The information in this module explains how to use local user accounts and security groups to secure access to resources on local computers and how to use domain accounts and security groups to secure access to resources in the domain.

Lessons

	Creating and Managing Local User Accounts and Security Groups
	Creating and Managing Active Directory Domain Accounts and Security Groups

Lab: Creating OUs, Users, and Security Groups in Active Directory

After completing this module, students will be able to:

	Create and manage user accounts and security groups on local computers.
	Create and manage user accounts and security groups in a domain.

Module 3: Restricting Accounts, Users, and Groups

This module builds on the security features introduced in Module 2, "User Accounts and Security Groups." It explains the restrictions applied to users when they log on by the use of account policies configured in Group Policy. It also describes how to manage user rights, how to restrict users to specific security group membership, and how to use security templates to establish a level of security across the network. It discusses what you need to know to manage and deploy security templates and provides information about troubleshooting common problems with them.

Lessons

	Introducing Account Policies
	Managing User Rights
	Using Restricted Groups
	Administering Security Templates

Lab: Using Security Templates to Restrict Users and Groups

After completing this module, students will be able to:

	Configure and apply account policies.
	Manage user rights.
	Control access using restricted groups.
	Administer security templates.

Module 4: Configuring Account Based Security

The information in this module explains the use of a user's account credentials and how the permissions secure various types of resources in Windows 2000.

Lessons

	Managing NTFS File System Permissions
	Implementing Share Security
	Implementing Audit Policies
	Securing the Registry

Lab: Using Security Templates to Configure Account Based Security

After completing this module, students will be able to:

	Manage file system permissions.
	Implement share service security.
	Using audit policies.
	Secure the registry.

Module 5: Managing Certificate Authorities

The information in this module explains the installation and maintenance of certificate authorities and Microsoft Certificate Services.

Lessons

	Introducing Certificates
	Implementing Windows 2000 Certificate Services
	Maintaining Certificate Authorities

Lab: Implementing a PKI

After completing this module, students will be able to:

	Describe Certificates.
	Install Windows 2000 Certificate Services.
	Maintain Certificate Authorities.

Module 6: Managing a Public Key Infrastructure

The information in this module explains the installation and maintenance of certificate authorities and Microsoft Certificate Services.

Lessons

	Deploying Computer Certificates
	Deploying User Certificates
	Deploying Smart Card Certificates
	Deploying S/MIME Certificates

Lab: Deploying S/MIME Certificates in Windows 2000

After completing this module, students will be able to:

	Work with computer certificates.
	Deploy user certificates.
	Use Smartcard certificates.
	Deploy S/MIME certificates.

Module 7: Increasing Authentication Security

The information in this module explains how to keep a network as secure as possible while still allowing access to the network resources for clients that run earlier versions of Microsoft Windows and third-party operating systems. The module goes on to explain how to keep authentication secure when transiting between domains within the same organization.

Lessons

	Supporting Earlier Versions of Windows Clients
	Supporting Macintosh Clients
	Configuring Trust Relationships

After completing this module, students will be able to:

	Support earlier versions of Windows clients.
	Support Macintosh computers.
	Describe and configure Trust Relationships.

Module 8: Implementing IP Security

The information in this module introduces IPSec and the use of authentication and encryption methods that are compatible with IP networks. It goes on to explain the appropriate tools and techniques for troubleshooting IPSec.

Lessons

	Configuring IPSec Within a Domain
	Configuring IPSec Between Untrusted Networks
	Configuring IPSec on Internet Servers
	Troubleshooting IPSec Configuration

Lab: Implementing IP Security in a Windows 2000 Network

After completing this module, students will be able to:

	Configure IPSec within a domain.
	Configure IPSec between untrusted networks.
	Configure IPSec on Internet servers.
	Troubleshoot IPSec configuration.

Module 9: Securing Remote Access and VPN

The information in this module introduces the Routing and Remote Access service which is the Windows 2000 component that manages both routing between networks and remote access to networks.

Lessons

	Securing RRAS Servers
	Managing RRAS Authentication
	Securing Remote Clients
	Securing Communications Using a VPN

Lab: Implementing and Securing a Server Running RRAS

After completing this module, students will be able to:

	Secure RRAS servers.
	Manage RRAS authentication.
	Secure remote clients.
	Secure communications using a VPN.

Module 10: Configuring Clients for Wireless Security

The information in this module introduces the security implications of running a wireless network. The lesson explains that security standards for wireless protocols are still evolving and introduces both the existing Wired Equivalent Privacy (WEP) protocol and the newer 802.1X port authentication protocol.

Lessons

	Setting Up a Wireless Network
	Securing Wireless Networks
	Configuring Clients for Wireless Security

After completing this module, students will be able to:

	Set up a wireless network.
	Secure a wireless network.
	Configure clients for wireless security.

Module 11: Securing Public Application Servers

The information in this module explains the types of attacks that can be expected and the methods for defending against them when running servers that provide public services. A secure Internet services infrastructure must be built by using firewalls, properly securing e-mail servers, and protecting the database servers that frequently provide back-end data for Web servers.

Lessons

	Securing Public Services
	Providing Internet Security
	Configuring Microsoft SQL Server™ for Internet Security
	Securing Microsoft Exchange Server for the Internet

Lab: Designing an External Firewall Configuration

After completing this module, students will be able to:

	Provide Internet Security.
	Configure Microsoft SQL Server for Internet Security.
	Secure Microsoft Exchange Server.

Module 12: Implementing Web Service Security

The information in this module explains how to configure Internet Information Services (IIS) security features correctly to make Web servers as secure as possible.

Lessons

	Configuring Public Web Servers
	Configuring Web Authentication
	Using Secure Sockets Layer to Encrypt Communications

Lab: Implementing Web Service Security

After completing this module, students will be able to:

	Secure public Web servers.
	Describe Web authentication.
	Use Secure Sockets Layer.

Module 13: Detecting Intrusions and Monitoring Events

The information in this module explains how to configure IIS security features correctly to make Web servers as secure as possible.

Lessons

	Establishing Intrusion Detection for Public Servers
	Event Monitoring in the Private Network

After completing this module, students will be able to:

	Establish intrusion detection for public servers.
	Monitor events in the private network.

Module 14: Maintaining Software

The information in this module explains the various tools that can be used update client and server computers.

Lessons

	Installing and Managing Service Packs and Hotfixes
	Automating Updates with Microsoft Software Update Services
	Deploying Updates Throughout the Network

Lab: Maintaining Software

After completing this module, students will be able to:

	Work with Service Packs and Hotfixes.
	Automate updates with Microsoft Software Update Services.
	Deploy updates in the enterprise.


Register
	Register for the next course (MS2820) in: Calgary
	Schedule dedicated, customized or on-site training
	Contact a Training Expert