First Look: Getting Started with Security and Policy Control in Windows Server 2008 Hands-On Lab
Hands-On Lab 6407B: Two days; Instructor-Led
On This Page
 | Introduction |
| Audience |
| Prerequisites |
| Take This Training |
Introduction
Note: This is a companion lab for Clinic 6406B – First Look: Getting Started with Security and Policy Control in Windows Server 2008.
This one and a half hour lab provides hands-on experience with the following security and Policy enforcement functionality in Windows Server 2008: Security Enhancements in Windows Server 2008, Network Access Protection in Windows Server 2008.
Audience
IT Professionals currently experienced on the technologies included in Microsoft Windows Server 2000 and/or Microsoft Windows Server 2003, and who hold an MCSE or MCSA certification and/or equivalent knowledge.
Prerequisites
| • | An understanding of network protocols and communication including IPsec. |
| • | An understanding of firewalls. |
| • | An understanding of Microsoft Active Directory directory service. |
| • | An understanding of group policy. |
At Hands-On Lab Completion
After completing this lab, you will be able to:
| • | Use Windows Firewall with Advanced Security to configure domain isolation with IPsec. |
| • | Enforce network communications policy using Policy-based QOS. |
| • | Implement Network Access Protection to enforce minimum standards for computers before they connect to the corporate network. |
Hands-On Lab Outline
Exercise 1: Creating a Communications Security Policy for Roaming Users
After completing this exercise, students will be able to:
| • | Create a Policy for roaming users. |
| • | Configure Windows Firewall with Advanced Security. |
| • | Create Inbound Rule for Management Application in Domain Profile. |
| • | Create Firewall Exemption for Domain Administrators. |
| • | Verify that the Roaming User Policy is Applied. |
| • | Configure Domain Isolation using WFAS |
| • | Apply the New Group Policy Settings |
| • | Test the Domain Isolation Policy |
| • | Configure the Connection Security Rule to Encrypt IPSec Connections |
| • | Configure WFAS to Require Secure Encrypted Connections |
| • | Clear all WFAS Settings |
| • | Refresh WFAS |
Exercise 2: Managing Network Bandwidth using Windows Quality of Service (QOS)
After completing this exercise, students will be able to:
| • | Create a Custom Administrative Tool to Monitor the Effects of QOS |
| • | Create and Share a folder |
| • | Perform a Test Upload |
| • | Create a QOS Policy for Managed Desktops |
| • | Perform a New Test |
Exercise 3: Network Access Protection with Windows Server 2008
After completing this exercise, students will be able to:
| • | Review the Membership of the IPSEC NAP Exemptions Global Group |
| • | Create a Certificate Template for NAP Exemptions |
| • | Enable Certificate AutoEnrollment for Domain Members |
| • | Configure the Network Policy Server to Issue Health Certificates |
| • | Configure the Health Registration Authority to Request Certificates from the Subordinate CA |
| • | Add a System Health Validation Certificate to the Network Policy Server |
| • | Configure the Network Policy Server |
| • | Configure Group Policy to Ensure Client Computers are Configured to Implement NAP |
| • | Update Client Computers to Enforce NAP Policy |
| • | Verify Network Access Protection |
Take This Training
|