Module 1 - Authorization and Authentication

Group Strategy

Group Scopes

Built-in Groups

System or Special Groups

Administering Security Groups

Restricted Groups

Demo - Create a Restricted Group Policy

Trusts

Authentication

SID

Demo - Trust Relationship

Resource Access

Authentication - Cont.

Kerberos

Password Security

Tools for Troubleshooting Authentication

Considerations for Evaluating Your Environment

Password Policy

NTLM

Module 1 - Lab

Module 2 - Certification Authorities

PKI and Certification Authorities

Components of a PKI

Accounts That Use PKI-Enabled Applications

PKI Tools

Certification Authorities

CA Hierarchy

Installing a Certification Authority

Demo - Installing a Certification Authority

Managing a Certification Authority

Revoking Certificates

Publishes CRLs

Backing Up and Restoring a Certification Authority

Module 2 - Lab

Module 3 - Certificate Management

Configuring Certificate Templates

Digital Certificates

Digital Certificate Life Cycle

Certificate Templates

Certificate Template Permissions

Updating a Certificate Template

Deploying and Revoking User and Computer Certificates

Managing Certificates

Module 3 - Lab

Key Recovery

File Formats and Tools Used for Exporting Keys

Key Recovery Process

Demo - Keys

Module 4 - Smart Card Certificates

Introduction to Multifactor Authentication

Multifactor Authentication Devices

Applications That Use Smart Cards

Smart Card Network Support

Smart Card Infrastructure

Certification Authority Requirements

Smart Card Certificate Templates

Certificate Enrollment Methods

Managing and Troubleshooting

Demo - Smart Cards

Module 5 - Encrypting File System

What Is EFS?

How EFS Works

Best Practices for Implementing EFS

Self-Signed Certificates

Managing Plaintext Data

EFS in a Domain Environment with a PKI

EFS File Sharing

Moving or Copying Encrypted Files

Managing Remotely Encrypted Files

Module 5 - Lab

Module 6 - Member Server Baseline

Trusted Computing Base

Secure Baseline Elements

Server Configuration

Planning a Secure Member Server

Predefined Security Templates

Security Environments in Windows Server 2003

Storing Security Templates

Administrative Group Design

Additional Security Settings

Demo - Security Templates

Time Synchronization

Security Templates - Part 2

Module 7 - Secure Baselines for Server Roles

Planning and Configuring Domain Controllers

Security Threats to Domain Controllers

Domain Controller Baseline Policy

Active Directory Database and Log files

Ntdsutil.exe

SYSKEY

Security for DNS Servers

Infrastructure Servers

Securing WINS Servers

Demo - DHCP

File and Print Servers

IIS Servers

Configuring IIS Logging

Demo - IIS

Module 8

Secure Client Computer Baseline

Security Templates

Templates for Securing Clients

Administrative and Security Template Differences

Demo - Loopback Policy Processing

Client Computer Baseline

Planning a Software Restriction Policy

Software Restriction Policies

Planning a Software Restriction Policy

Security for Mobile Clients

Demo - Software Restrictions

Module 9 - Software Update Services

Benefits of Software Update Services

Update Management Tools for Applications

SUS Components

Planning an Update Management Strategy

Update Management Life Cycle

Analyzing Network Environment for Status Updates

Demo - MBSA

Installing SUS

Updates Client Configuration

Managing an SUS Server

Demo - SUS Admin

Module 10 - Data Transmission Security

Why Protect Network Data

Threats to Secure Data Transmission

SSL and TLS

Demo - Enabling SSL

Securing Data with PPTP

Server Message Block

Lightweight Directory Access Protocol

IPSec

IPSec Policies

IPSec Implantation

IPSec Functionality

Demo - IPSec Implantation

IPSec Troubleshooting

Tools for Verification

Demo - IPSec Traffic

Module 11 - Wireless Networks

Securing Wireless Networks

How to make your network more secure

Wireless Network Architecture

802.1x Authentication

Hardware Requirements

Best Practices

Secure WLAN Strategy

IAS Configuration

Demo - IAS Installation

Registering Wireless ap as RADIUS Client

Back Up and Export IAS Configuration

IAS Remote Access Policies

Wireless Access Policy

Demo - Wireless Access Policy

Troubleshooting

Module 12 - Perimeter Security with Internet Security

What Is ISA Server?

ISA Server Versions & Benefits

ISA Server Modes

ISA Server Clients

Traffic Control with ISA Server

Installing ISA Server 2000

Pre-Installation Tasks for ISA Server 2000

Demo - ISA Installation

Perimeter Networks

ISA Server Services

Common ISA Server Deployments

Packet Filtering and Routing

Publishing Servers

Securing ISA Server Computers

Best Practices

Module 13 - Securing Remote Access

Remote Access Methods

Threats to Remote Access

Tunneling Protocols

Access Protocols

Connection Manager

Quarantine Service

Demo - Remote Access

Planning a Remote Access Strategy

Components Provided by an ISP

Guidelines for Deploying Remote Access Servers

Data Encryption

Remote Access Connection Conditions

Deploying a VPN Server

Demo - Configure a VPN Server

Quarantine Service Components

Demo - Creating RA policy with Quarantine Properties

Connection Manager Administration Kit