Clinic 2804A:

Microsoft Security Guidance Training IV

Length:1 Days
Published:February 15, 2005
Language(s):English, French, German, Japanese, Portuguese(Brazil), Spanish
Audience(s):IT Professionals
Level:200
Technology:Microsoft Identity Integration Server 2003
Type:Clinic
Delivery Method:Instructor-led (classroom)
About This Clinic
This one-day, instructor-led clinic builds on existing knowledge of server and client security and provides students with the knowledge and skills to apply security best practices to assessing and managing risk in an information technology (IT) environment, with a focus on assessing network security. It also provides students with prescriptive guidance to implement server and domain isolation using Group Policy and Internet Protocol Security (IPSec) and to manage multiple identity stores.
Audience Profile
This clinic is intended for information technology professionals who are responsible for administering network infrastructures based on Microsoft Windows 2000 or Microsoft Windows Server 2003.
At Clinic Completion
After completing this clinic, students will be able to:
  • Implement and maintain processes aimed at identifying and prioritizing risks in your IT environment. This includes:
  • Describing Security Risk Management concepts and how security risk management is designed to help an enterprise establish a process for performing an initial risk assessment, cost benefit analysis, and implementation of countermeasures
  • Implementing a security risk assessment that will create a prioritized list of security risks that need to be addressed
  • Implementing a security risk remediation strategy
  • Implementing an ongoing process to ensure that security risks are addressed on an ongoing basis
  • Describe the planning and preparation required to complete a successful network security assessment. This includes:
  • Describing and implementing a structured approach to planning and performing security assessments
  • Describing how information about a company can be gathered and possibly used in a malicious manner
  • Describing how penetration testing can be used to help identify and evaluate threats and to implement countermeasures to address these threats
  • Describing a scenario in which a company performs a security assessment and penetration test to detect potential security issues
  • Identify the tasks required to use Group Policy and IPSec to implement a network isolation solution. This includes:
  • Understanding basic IPSec concepts and how IPSec can be used to protect data integrity, data origin authentication, and data confidentiality
  • Understanding the basic concepts of network isolation, including how IPSec and network access groups are used within the solution
  • Applying knowledge of network isolation to more advanced and complex isolation scenarios
  • Describe how to implement Microsoft technologies to provide aggregation and synchronization of multiple identity data stores. This includes:
  • Describing the rationale for implementing an identity and access management solution
  • Defining the concepts and scenarios related to identity and access management
  • Identifying the issues related to identity management and how these issues can be resolved using Microsoft technologies
  • Implementing a variety of identity management solutions
  • Identifying the issues related to access management and how these issues can be resolved using Microsoft technologies
Clinic OutlineModule 1: Security Risk Management
This session introduces the Security Risk Management Guide, which has been designed by Microsoft to help organizations establish a process for risk assessment, cost benefit analysis, and implementation of security countermeasures. The guide also provides information on establishing an ongoing process of security risk management. The session takes a qualitative approach to risk management, tying in best practices from both the industry as well as Microsoft’s internal IT Group.
Lessons
  • Security Risk Management Concepts
  • Identifying Security Risk Management Prerequisites
  • Assessing Risk
  • Conducting Decision Support
  • Implementing Controls and Measuring Program Effectiveness
Module 2: Assessing Network Security
This session helps customers plan and implement processes to help identify where they are vulnerable to network attacks and provides guidance on how to remediate issues identified in the assessment process. The session covers planning and performing security assessments, implementing penetration testing for intrusive network attacks, and presents checklists that will help identify and remediate common issues. Also described are the use of tools and processes for scanning systems for vulnerabilities.
Lessons
  • Planning Security Assessments
  • Gathering Information About the Organization
  • Penetration Testing for Intrusive Attacks
  • Case Study: Assessing Network Security for Northwind Traders
Module 3: Network Isolation Using Group Policy and IPSec
This session covers the information and tasks needed to implement data isolation using Group Policies and IPSec within an organization. The session describes several scenarios where IPSec can be used to enhance network security and focuses on the creation of network isolation zones using IPSec. In addition, this session describes how to use Group Policies and Active Directory groups to restrict access to specific servers. This session will provide a scenario-focused view of Group Policies and IPSec based on Microsoft’s prescriptive guidance.
Lessons
  • Overview of Internet Protocol Security
  • Understanding Network Isolation Using IPSec
  • Understanding Advanced Network Isolation Scenarios
Module 4: Identity and Access Management
This session describes how identity management solutions can be used to create and manage user account information efficiently and securely across multiple systems within an enterprise. You will see how identity information may be shared and synchronized even when distributed across several different locations. The session also shows how access management solutions can help to ensure that user accounts are granted the appropriate access to resources across different systems in an enterprise network.
Lessons
  • Overview of Identity and Access Management Concepts
  • Identity Management
  • Intranet Access Management
  • Extranet Access Management
Before attending this clinic, students must have:
  • Understanding of network security essentials
  • Hands-on experience with Microsoft Windows 2000 or Windows Server 2003
  • Experience with Active Directory and Group Policy
  • Basic understanding of directory and security services used in heterogeneous computing environments.
Have Questions? For advice about training and certification, connect with peers: For questions about a specific certification, chat with a Microsoft Certified Professional (MCP): To find out about recommended blogs, Web sites, and upcoming Live Meetings on popular topics, visit our community site:
Course index

Find Training Near You

Location:
Eg: Seattle, WA or Paris, France

Related Services