Exam 70-699:

Windows Server 2003, MCSA Security Specialization Skills Update

Published:October 28, 2009
Language(s):English
Audience(s):IT Professionals
Technology:Microsoft Windows Server 2003
Type:Proctored Exam

How To Get It: Schedule your exam through the following exam provider:

Take exam

Preparing for an Exam
This exam is scheduled to retire on July 31, 2013.
 
The Microsoft Certification website and this preparation guide contain a variety of resources to help you prepare for an exam. Preparing for and Taking an Exam — FAQ provides answers to frequently asked questions about exam registration ,preparation ,scoring ,and policies , including:
  • The most effective way to prepare to take an exam.
  • The relationship between Microsoft training materials and exam content.
  • Microsoft policy concerning the incorporation of service pack and revision updates into exam content.
  • Exam question types and formats.
  • Exam time limits and number of questions asked.
We recommend that you review this preparation guide in its entirety and familiarize yourself with the FAQs and resources on the Microsoft Certification website before you schedule your exam.
Audience Profile
The Microsoft Certified Systems Administrator (MCSA) on Windows Server 2003 credential is intended for IT professionals who work in the typically complex computing environment of medium to large companies. An MCSA candidate should have 6 to 12 months of experience administering client and network operating systems in environments that have the following characteristics:
• 250 to 5,000 or more users
• Three or more physical locations
• Three or more domain controllers
• Network services and resources such as messaging, database, file and print, proxy server, firewall, public key infrastructure (PKI), Internet, intranet, remote access, and client computer management 
• Connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet
Credit Toward CertificationWhen you pass Exam 70-699: Windows Server 2003, MCSA Security Specialization Skills Update, you complete the requirements for the following certification(s):Microsoft Certified Systems Administrator: Security Specialization Plus Recertification
Note This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format.
Skills Being MeasuredThis exam measures your ability to accomplish the technical tasks listed below.The percentages indicate the relative weight of each major topic area on the exam.The higher the percentage, the more questions you are likely to see on that content area on the exam.

The information after “This objective may include but is not limited to” is intended to further define or scope the objective by describing the types of skills and topics that may be tested for the objective. However, it is not an exhaustive list of skills and topics that could be included on the exam for a given skill area. You may be tested on other skills and topics related to the objective that are not explicitly listed here.
Managing Security for Users, Computers, and Groups
  • Manage local, roaming, and mandatory user profiles.
  • Create and manage computer accounts in an Active Directory environment.
    • This objective may include but is not limited to: reset computer accounts
  • Create, manage, and troubleshoot user and group accounts.
    • This objective may include but is not limited to: identify and modify the scope of a group; find domain groups in which a user is a member; manage group membership; import user accounts; diagnose and resolve account lockouts; diagnose and resolve issues related to user account properties
  • Troubleshoot user authentication issues.
    • This objective may include but is not limited to: set password policies; trust relationships; multifactor authentication
  • Configure access to files and folders.
    • This objective may include but is not limited to: folder shares permissions; file permissions; verify effective permissions; change ownership of files and folders
  • Monitor and analyze security events.
    • This objective may include but is not limited to: Event Viewer, System Monitor, PerfMon, Resource Monitor (Windows Vista)
Implementing, Managing, and Maintaining Network Security
  • Implement secure network administration procedures.
    • This objective may include but is not limited to: implement security baseline settings and audit security settings by using security templates; implement the principle of least privilege
  • Manage security for system recovery.
    • This objective may include but is not limited to: verify the data integrity of backup job; manage backup storage media; manage backup and restore permissions; system state data; back up files and System State data to media
  • Configure security based on server roles.
    • This objective may include but is not limited to: roles such as SQL, Microsoft Exchange, and Domain Controller; plan and configure security settings; plan network zones for computer roles; plan and configure software restriction policies; audit and log computer roles (Windows events, Internet Information Services [IIS], firewall log files, network logons, and RAS log files); Microsoft Baseline Security Analyzer (MBSA); Security Configuration and Analysis
  • Plan and deploy security settings.
    • This objective may include but is not limited to: registry and file system permissions, account policies, audit policies, rights assignment, security options, system services, restricted groups, and event logs; desktop and portable client computers, mobile devices, Group Policy, and command-line tools and scripting; mixed operating systems, inheritance, and removal of security template settings
Implementing, Managing, and Troubleshooting Security for Network Communications
  • Configure Routing and Remote Access user authentication.
    • This objective may include but is not limited to: configure remote access authentication protocols; configure Routing and Remote Access policies to permit or deny access; configure security for remote access users; authentication and VPN protocols
  • Plan IPsec deployment.
    • This objective may include but is not limited to: modes, authentication methods, and functionality of existing applications and services
  • Deploy and manage IPsec policies.
    • This objective may include but is not limited to: local computer policy and Group Policy objects (GPOs), commands and scripts, and certificate deployment; monitor and troubleshoot network protocol security; IP Security Monitor MMC snap-in; Event Viewer and Network Monitor; Kerberos support tools
  • Implement security for wireless networks.
    • This objective may include but is not limited to: authentication, encryption methods, and policies
  • Install, manage, and configure Certificate Services.
    • This objective may include but is not limited to: hierarchy, renewals, certificate templates, certificate revocation lists (CRLs), archival and recovery of keys
Configuring Client Security Features
  • Configure Windows Firewall.
    • This objective may include but is not limited to: configuring rules for multiple profiles; allowing or denying an application; network-profile-specific rules; configuring notifications; configuring authenticated exceptions
  • Configure Windows Internet Explorer.
    • This objective may include but is not limited to: configuring compatibility view; configuring security settings; configuring providers; managing add-ons; controlling InPrivate mode; certificates for secure Web sites
  • Configure file and folder access.
    • This objective may include but is not limited to: encrypting files and folders by using EFS; configuring NTFS permissions; resolving effective permissions issues; copying files vs. moving files
  • Configure user account control (UAC).
    • This objective may include but is not limited to: configuring local security policy; configuring admin vs. standard UAC prompt behaviors; configuring Secure Desktop
  • Configure BitLocker and BitLocker To Go.
    • This objective may include but is not limited to: configuring BitLocker and BitLocker To Go policies; managing Trusted Platform Module (TPM) PINs; configuring startup key storage; data recovery agent support
  • Configure application restrictions.
    • This objective may include but is not limited to: setting software restriction policies; setting application control policies; setting through group policy or local security policy
  • Configure authentication and authorization.
    • This objective may include but is not limited to: resolving authentication issues; configuring rights; managing credentials; managing certificates; smart cards with PIV; elevating user privileges; multifactor authentication
Preparation Tools and ResourcesTo help you prepare for this exam, Microsoft Learning recommends that you have hands-on experience with the product and that you use the following training resources. These training resources do not necessarily cover all of the topics listed in the "Skills Measured" tab.
Learning Plans and Classroom Training There is no classroom training currently available.
Microsoft E-Learning There is no Microsoft E-Learning training currently available.
Microsoft Press Books There are no Microsoft Press books currently available.
Practice Tests There are no practice tests currently available.
Microsoft Online Resources
  • Microsoft Learning Community: Join newsgroups and visit community forums to connect with your peers for suggestions on training resources and advice on your certification path and studies.
  • TechNet: Designed for IT professionals, this site includes how-to instructions, best practices, downloads, technical resources, newsgroups, and chats.
  • MSDN: Designed for IT professionals, this site includes how-to instructions, best practices, downloads, technical resources, newsgroups, and chats.
Have Questions? For advice about training and certification, connect with peers: For questions about a specific certification, chat with a Microsoft Certified Professional (MCP): To find out about recommended blogs, Web sites, and upcoming Live Meetings on popular topics, visit our community site: