Preparation Guide for Exam 70-220
Designing Security for a Microsoft Windows 2000 Network
On This Page
 | Exam news |
| Audience profile |
| Credit toward certification |
| Preparation tools and resources |
| Skills measured |
Exam news
Exam 70-220 became available on July 20, 2000.
| • | This exam retired in March 2008 |
Audience profile
Candidates for this exam operate in medium-sized to very large computing environments that use the Windows 2000 network operating system. They have a minimum of one year of experience implementing and administering network operating systems in environments that have the following characteristics:
| • | Supported users range from 200 to more than 26,000. |
| • | Physical locations range from 5 to more than 150. |
| • | Typical network services and applications include file and print, database, messaging, proxy server or firewall, dial-in server, desktop management, and Web hosting. |
| • | Connectivity needs include connecting individual offices and users at remote locations to the corporate network and connecting corporate networks to the Internet. |
Credit toward certification
When you pass the Designing Security for a Microsoft Windows 2000 Network exam, you achieve Microsoft Certified Professional status. You also earn credit toward the following certifications:
| • | Core or elective credit toward Microsoft Certified Systems Engineer on Windows 2000 certification |
Preparation tools and resources
In addition to your hands-on experience working with the product, we recommend that you use the following tools and training to help you prepare for this exam.
Classroom training for this exam
| • | Course 2150: Designing a Security-Enhanced Microsoft Windows 2000 Network |
| • | Course 2153B: Implementing a Microsoft Windows 2000 Network Infrastructure |
| • | Course 2830: Designing Security for Microsoft Networks |
Microsoft Press self-paced training products
| • | MCSE Training Kit (Exam 70-220): Designing Microsoft Windows 2000 Network Security |
Microsoft certified practice tests
| • | MeasureUp: Visit the MeasureUp Web site to take a practice test. |
| • | Self Test Software: Visit the Self Test Software Web site to take a practice test. |
Microsoft online resources
| • | TechNet: Designed for IT professionals, this site includes how-to instructions, best practices, downloads, technical chats, and much more. |
| • | MSDN: The Microsoft Developer Network (MSDN) is a reference for developers. It features code samples, technical articles, newsgroups, chats, and more. |
| • | Training and certification newsgroups: There is a newsgroup for every Microsoft certification. By participating in the ongoing dialogue, you take advantage of a unique opportunity to exchange ideas with and ask questions of others, including more than 750 Microsoft Most Valuable Professionals (MVPs) worldwide. |
Skills measured
This exam measures your ability to analyze the business requirements for security and design a security solution that meets business requirements. Security includes:
| • | Controlling access to resources |
| • | Auditing access to resources |
| • | Authentication |
| • | Encryption |
Before taking the exam, you should be proficient in the job skills listed in the following matrix. The matrix shows which Official Microsoft Learning Products may help you reach competency in the skills being tested in the exam.
| KEY: |  = The course provides a general introductory overview of this task. You will need to supplement the course with additional work.  = The course includes some material to prepare you for this task. You will need to supplement the course with additional work.  = The course includes material to prepare you for this task. |
| Skills measured by Exam 70-220 | Course 2150 | Course 2153B | Course 2830 | ||||||||||||
| Analyzing Business Requirements | |||||||||||||||
Analyze the existing and planned business models.
|  |  | |||||||||||||
Analyze the existing and planned organizational structures. Considerations include management model; company organization; vendor, partner, and customer relationships; and acquisition plans. |  | | |||||||||||||
Analyze factors that influence company strategies.
| | | |||||||||||||
Analyze business and security requirements for the end user. | | | | ||||||||||||
Analyze the structure of IT management. Considerations include type of administration, such as centralized or decentralized; funding model; outsourcing; decision-making process; and change-management process. | | | |||||||||||||
Analyze the current physical model and information security model.
| | | | ||||||||||||
| Analyzing Technical Requirements | |||||||||||||||
Evaluate the company's existing and planned technical environment.
| | | |||||||||||||
Analyze the impact of the security design on the existing and planned technical environment.
| | | |||||||||||||
| Analyzing Security Requirements | |||||||||||||||
Design a security baseline for a Windows 2000 network that includes domain controllers, operations masters, application servers, file and print servers, RAS servers, desktop computers, portable computers, and kiosks. | | | | ||||||||||||
Identify the required level of security for each resource. Resources include printers, files, shares, Internet access, and dial-in access. | | | | ||||||||||||
| Designing a Windows 2000 Security Solution | |||||||||||||||
Design an audit policy. | | | |||||||||||||
Design a delegation of authority strategy. | | | |||||||||||||
Design the placement and inheritance of security policies for sites, domains, and organizational units. | | | |||||||||||||
Design an Encrypting File System strategy. | | | |||||||||||||
Design an authentication strategy.
| | | |||||||||||||
Design a security group strategy. | | | |||||||||||||
Design a Public Key Infrastructure.
| | | |||||||||||||
Design Windows 2000 network services security.
| | | | ||||||||||||
| Designing a Security Solution for Access Between Networks | |||||||||||||||
Provide security-enhanced access to public networks from a private network. | | | | ||||||||||||
Provide external users with security-enhanced access to private network resources. | | | | ||||||||||||
Provide security-enhanced access between private networks.
| | | | ||||||||||||
Design Windows 2000 security for remote-access users. | | | | ||||||||||||
| Designing Security for Communication Channels | |||||||||||||||
Design an SMB-signing solution. | | | |||||||||||||
Design an IPSec solution.
| | | |
Note This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format.
| • | Learn more and download samples |