Windows 2000 Network Security Design - Online Course

This series provides a detailed look at network security. Topics include analyzing business and technical requirements, planning a strategy, and designing and implementing security using the templates, objects, and services provided in Windows 2000. Students taking this course should be advanced Windows administrators.

This online course contains 13 lessons and should take approximately 40 hours to complete.

Lesson 1: Analyzing Business Requirements (5.0) hours

Analyzing Business Requirements teaches you how to analyze existing and planned business models, including company model, geographic scope, and company processes, analyze existing and planned organizational structures, analyze the structure of IT management, list factors that influence company strategies, outline the current physical model and information security model, analyze business and security requirements for the end user, and calculate internal and external security risks. This course shows users how to identify business considerations that will affect the structure and implementation of proposed network security designs. Topics include Business Models, Organization and Management, Company Strategies, Physical and Information Security Models, Risk Analysis, and End User Requirements.

Lesson 2: Analyzing Technical Requirements (4.0) hours

Analyzing Technical Requirements teaches you how to evaluate the company's existing and planned technical environment, analyze company size and user and resource distribution, assess available connectivity between work sites and remote sites, assess net available bandwidth, analyze performance requirements, analyze the method of accessing data and systems, analyze network roles and responsibilities, and analyze the impact of a proposed security design on the existing and planned technical environment. This course shows users how to evaluate an existing IT infrastructure in preparation for developing a security design. Topics include Network Connectivity and Topology, Network Bandwidth and Performance, Data and Systems Access, Roles and Responsibilities, and Analyzing the Existing Security Design.

Lesson 3: Establishing a Security Baseline (3.0) hours

Establishing a Security Baseline teaches you how to describe the role of security templates and domain security policies in establishing a security baseline, create and modify security templates to implement a standard level of security, identify the level of security that standard security templates provide for domain controllers and operations masters, and identify the level of security that standard security templates provide for servers, desktop computers, portable computers, and kiosks. This course introduces users to the security provided by Active Directory and shows users how to implement security for domain controllers, servers, and workstations using security templates provided by Windows 2000. Topics include Active Directory, Domain Controllers, Servers, Desktop Computers, and Kiosks, and Policies and Templates.

Lesson 4: Planning Security for System Resources (2.0) hours

Planning Security for System Resources teaches you how to use file system and share permissions to provide security for files and folders, analyze the default permissions provided for files and folders, analyze user and system access to registry keys, and analyze the permissions structure governing printers, dial-in access, and Internet access. This course shows users how to plan and implement security for system resources including printers, files, shares, registry keys, Internet access, and dial-in access. Topics include File and Folder Security, Default Settings for Files and Folders, Registry Keys, and Security for Other Resources.

Lesson 5: Designing a Security Group Strategy (2.0) hours

Designing a Security Group Strategy teaches you how to identify the types and scopes of groups in Windows 2000, identify default groups and user accounts, design a security group strategy, and design a delegation of authority strategy. This course shows users how to plan membership in security groups and how to use group structure to assign permissions. Topics include Understanding Groups in Windows 2000, Default Groups and Users, Managing Security Groups, and Delegation of Authority.

Lesson 6: Designing Security Policy Inheritance (3.0) hours

Designing Security Policy Inheritance teaches you how to describe Group Policy and its application, create, edit, apply, and import Group Policies, explain the inheritance relationships among Group Policies in an Active Directory hierarchy, explain how Group Policies are implemented in mixed-mode environments, and design a Group Policy strategy. This course shows users how to design the placement and inheritance of security policies for sites, domains, and organizational units. Topics include Understanding Group Policies, Implementing Group Policies, Group Policy Inheritance, Group Policies in Mixed Mode, and Designing Group Policy Strategies.

Lesson 7: Protecting Resources with Auditing and Encryption (3.0) hours

Protecting Resources with Auditing and Encryption teaches you how to design an audit strategy, implement and configure an audit policy, describe the encryption provided by the Encrypting File System, plan for the recovery and management of encrypted files, and design a strategy for securing files and folders with encryption. This course shows users how to design and implement an audit policy and how to design a strategy for using the Encrypting File System (EFS). Topics include Designing an Audit Policy, Implementing an Audit Policy, Using the Encrypting File System (EFS), File Recovery and Management with EFS, and Designing an EFS Strategy.

Lesson 8: Using Native Windows 2000 Authentication (2.0) hours

Using Native Windows 2000 Authentication teaches you how to describe the security model provided by Windows 2000, describe Microsoft's implementation of the Kerberos standard, implement and troubleshoot Kerberos authentication on a Windows 2000 network, and describe the requirements for using Kerberos authentication in mixed networks. This course explains the Kerberos authentication model and shows users how to implement security with Kerberos in Windows 2000 networks and mixed networks. Topics include Kerberos Authentication, Kerberos Tickets, Kerberos Client/Server Exchange, and Kerberos and Interoperability.

Lesson 9: Using Alternate Authentication Strategies (3.0) hours

Using Alternate Authentication Strategies teaches you how to explain LM, NTLM, and NTLMv2 authentication and their use in a Windows 2000 environment, explain digest authentication, explain the use of certificate-based authentication, describe Secure Sockets Layer (SSL) transmission, explain smart cards, explain RADIUS authentication, and identify the strategies that allow Windows 2000 authentication to interoperate with other operating systems. This course explains authentication models other than Kerberos that are available under Windows 2000 and shows users how to implement security with these methods in Windows 2000 networks and in mixed networks. Topics include NTLM and Digest Authentication, Certificate-Based Authentication and SSL, Smart Cards, RADIUS, and Authentication and Interoperability.

Lesson 10: Designing a Public Key Infrastructure (4.0) hours

Designing a Public Key Infrastructure teaches you how to design Certificate Authority (CA) hierarchies, identify certificate server roles, manage certificates, integrate with third-party certificate authorities, and map certificates to user accounts. This course explains strategies and procedures for using Certificate Services in Windows 2000 networks and in mixed networks. Topics include Understanding Certificate Services, Installing Certificate Services, Configuring Certificate Services, Managing Certificates, and Interoperability and Third-Party PKI.

Lesson 11: Designing Security for Network Services (3.0) hours

Designing Security for Network Services teaches you how to identify key security risks connected with the Domain Name Service (DNS), describe the dynamic DNS update process, design Windows 2000 DNS security, design Windows 2000 Remote Installation Services security, and design Windows 2000 SNMP security. This course explains strategies for securing Windows 2000 network services, including Domain Name Service, Remote Installation Services, and the Simple Network Management Protocol. Topics include Understanding DNS, The Dynamic Update Process, DNS Security, RIS Security, and SNMP Security.

Lesson 12: Designing Security for Access between Networks (3.0) hours

Designing Security for Access between Networks teaches you how to provide secure access to public networks from a private network, provide external users with secure access to private network resources, provide secure access for users using Remote Access Services, provide secure access between private networks, and use public networks to provide secure access between private networks. This course explains how to provide secure access from a private network to the Internet, how to provide partners and other external users with secure access to private networks, and how to provide secure access between multiple local or wide area networks (LANs or WANs). Topics include Secure Access to Public Networks, Secure Access for External and Remote Users, Secure Access between Private Networks, and Secure Access across Public Networks.

Lesson 13: Designing Security for Communications Channels (3.0) hours

Designing Security for Communications Channels teaches you how to explain SMB signing, describe IPSec architecture, implement an IPSec solution, design an IPSec management strategy, and design security policies for IPSec. This course explains how to use SMB signing and the IPSec protocol to secure traffic within private networks and across public networks and how to enable and enforce the use of SMB signing and IPSec through Windows 2000 Group Policy. Topics include SMB Signing, IPSec Architecture, IPSec Negotiation and Encryption, IPSec Management, and IPSec Policies.