Windows Server 2003: Designing Network Security

Upcoming Class Dates

May 23rd, 2012
May 24th, 2012
May 25th, 2012

(Toronto location only)

Course Specifications

Course number: 085629
Course length: 3.0 day(s)

Course Description

You already know about implementing and administering Windows® 2000 network infrastructure and directory services. Now you are ready to design a secure Microsoft network aimed at protecting the network and its resources from unauthorized modification, destruction, or information disclosure.

Course Objective: You will design security solutions for Microsoft networks by assembling a design team, modeling threats, and analyzing security risks.

Target Student: This course is geared toward students with one to three years of experience designing related business solutions.

Prerequisites: To ensure your success, we recommend you first take the following courses or have equivalent knowledge: Implementing Microsoft Windows 2000 Professional and ServerImplementing a Microsoft Windows 2000 Network InfrastructureImplementing and Administering Microsoft Windows 2000 Directory Services

Performance-Based Objectives

Upon successful completion of this course, students will be able to:

describe the basics of designing security and create a plan for securing your network.
identify possible threats to a network and common motivations of attackers.
determine what resources in your organization require protection and how to prioritize those resources based on their value, and develop a risk management plan to identify and analyze risks proactively and to determine an appropriate level of protection for each resource.
determine threats and analyze risks to physical resources in an organization, design security for facilities, computers, mobile devices, and hardware, and implement disaster recovery as a way to protect physical resources.
determine threats and analyze risks to computers in an organization, and design security for computers throughout their life cycles, from initial purchase to their decommission.
determine threats and analyze risks to accounts in an organization, and design security for accounts, including determining security requirements, creating password policies, and designing strategies to manage account security.
determine threats and analyze risks to authentication, design security for authenticating local users, remote users, and users who access your network across the Internet, and determine when to choose multifactor authentication for additional security.
determine threats and analyze risks to data in an organization, design access control for files and folders in order to protect data that is stored on network servers, and determine considerations for encrypting and managing data.
determine threats and analyze risks to data transmission in an organization, and design security for different types of data transmission, including traffic on local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), wireless networks, and the Internet.
determine threats and analyze risks to network perimeters, and design security for network perimeters, including screened subnets, and for computers that connect directly to the Internet.
design an audit policy to limit damage caused by an attack and an incident response procedure to guide your organization during a security incident.

Course Content

Lesson 1: Introduction to the Security Design Process

Topic 1A: Introduction to Designing Security for Microsoft Networks
Topic 1B: Introduction to Security Policies
Topic 1C: Define a Process for Designing Security
Topic 1D: Security Design Team

Lesson 2: Identifying Threats to Network Security

Topic 2A: Introduction to Security Threats
Topic 2B: Predicting Threats to Security

Lesson 3: Analyzing Security Risks

Topic 3A: Introduction to Risk Management
Topic 3B: Create a Risk Management Plan

Lesson 4: Creating a Security Design for Physical Resources

Topic 4A: Determining Threats and Analyzing Risks to Physical Resources
Topic 4B: Design Security for Physical Resources

Lesson 5: Creating a Security Design for Computers

Topic 5A: Determining Threats and Analyzing Risks to Computers
Topic 5B: Designing Security for Computers

Lesson 6: Creating a Security Design for Accounts

Topic 6A: Determine Threats and Analyze Risks to Accounts
Topic 6B: Design Security for Accounts

Lesson 7: Creating a Security Design for Authentication

Topic 7A: Determine Threats and Analyze Risks to Authentication
Topic 7B: Design Security for Authentication

Lesson 8: Creating a Security Design for Data

Topic 8A: Determine Threats and Analyze Risks to Data
Topic 8B: Design Security for Data

Lesson 9: Creating a Security Design for Data Transmission

Topic 9A: Determine Threats and Analyze Risks to Data Transmission
Topic 9B: Design Security for Data Transmission

Lesson 10: Creating a Security Design for Network Perimeters

Topic 10A: Determine Threats and Analyze Risks to Network Perimeters
Topic 10B: Design Security for Network Perimeters

Lesson 11: Designing Responses to Security Incidents

Topic 11A: Introduction to Auditing and Incident Response
Topic 11B: Design an Audit Policy
Topic 11C: Design an Incident Response Procedure

Appendix A: Designing an Acceptable Use Policy

Appendix B: Designing Policies for Managing Networks

Appendix C: Designing an Operations Framework to Manage Security

Appendix D: Security Policy Checklist

Appendix E: Authentication in CHAP, MS-CHAP, and MSCHAP v2

Appendix F: Manual Classroom Setup Guide