Microsoft Windows 2000 Security Design 70-220 Training Online Course

Analyse existing and planned business models, including company model, geographic scope, and company processes

Analyse existing and planned organisational structures
Analyse the structure of IT management
List factors that influence company strategies
Outline the current physical model and information security model
Analyse business and security requirements for the end user
Calculate internal and external security risks

Describe the role of security templates and domain security policies in establishing a security baseline
Create and modify security templates to implement a standard level of security
Identify the level of security that standard security templates provide for domain controllers and operations masters
Identify the level of security that standard security templates provide for servers, desktop computers, portable computers, and kiosks

Use file system and share permissions to provide security for files and folders
Analyse the default permissions provided for files and folders
Analyse user and system access to registry keys
Analyse the permissions structure governing printers, dial-in access, and Internet access

Design a load-balancing strategy
Design a wide area network infrastructure
Design an implementation strategy for dial-up remote access
Design a demand-dial routing strategy

Describe Group Policy and its application
Create, edit, apply, and import Group Policies
Explain the inheritance relationships among Group Policies in an Active Directory hierarchy
Explain how Group Policies are implemented in mixed-mode environments
Design a Group Policy strategy

Design an audit strategy
Implement and configure an audit policy
Describe the encryption provided by the Encrypting File System
Plan for the recovery and management of encrypted files
Design a strategy for securing files and folders with encryption

Describe the security model provided by Windows 2000
Describe Microsoft's implementation of the Kerberos standard
Implement and troubleshoot Kerberos authentication on a Windows 2000 network
Describe the requirements for using Kerberos authentication in mixed networks

Explain LM, NTLM, and NTLMv2 authentication and their use in a Windows 2000 environment
Explain digest authentication
Explain the use of certificate-based authentication
Describe Secure Sockets Layer (SSL) transmission
Explain smart cards
Explain RADIUS authentication
Identify the strategies that allow Windows 2000 authentication to interoperate with other operating systems

Design Certificate Authority (CA) hierarchies
Identify certificate server roles
Manage certificates
Integrate with third-party certificate authorities
Map certificates to user accounts

Identify key security risks connected with the Domain Name Service (DNS)
Describe the dynamic DNS update process
Design Windows 2000 DNS security
Design Windows 2000 Remote Installation Services security
Design Windows 2000 SNMP security

Provide secure access to public networks from a private network
Provide external users with secure access to private network resources
Provide secure access for users using Remote Access Services
Provide secure access between private networks
Use public networks to provide secure access between private networks

Explain SMB signing
Describe IPSec architecture
Implement an IPSec solution
Design an IPSec management strategy
Design security policies for IPSec