本书主要介绍了设计一个安全的Windows 2000网络的相关知识。其中,包括Active Directory的安全特性、管理权限的规划、用户账号及访问权限的设计和管理、Windows 2000计算机的安全设置、计算机资源的保护、通信安全以及公钥基础结构的设计等内容。本书的内容,既包括了对Windows 2000的网络安全性体系结构的详细介绍,还包括了着手设计一个满足需求的网络系统的阐述。学习本书可以很好的掌握Windows 2000安全网络的知识。\r\n\r\n 本书适用于计划参加相关的微软认证考试的人员使用。\r\n\r\n\r\n
\r\n
Introduction \r\n\r\n Course Materials \r\n\r\n Prerequisites \r\n\r\n Course Outline \r\n\r\n Microsoft Official Curriculum \r\n\r\n Microsoft Certified Professional Program \r\n\r\n Facilities \r\n\r\n \r\n\r\n Module 1: Assessing security Risks \r\n\r\n Identifying Risks to Data \r\n\r\n Identifying Risks to Services \r\n\r\n Identifying Potential Threats \r\n\r\n Introducing Common Security Standards \r\n\r\n Planning Network Security \r\n\r\n Review \r\n\r\n \r\n\r\n Module 2: Introducing Windows 2000 Security \r\n\r\n Introducing Security Features in Active Directory \r\n\r\n Authenticating User Accounts \r\n\r\n Securing Access to Resources \r\n\r\n Introducing Encryption Technologies \r\n\r\n Encrypting Stored and Transmitted Data \r\n\r\n Introducing Public Key Infrastructure Technology \r\n\r\n Review \r\n\r\n \r\n\r\n Module 3: Planning Administrative Access \r\n\r\n Determining the Appropriate Administrative Model \r\n\r\n Designing Administrative Group Strategies \r\n\r\n Planning Local Administrative Access \r\n\r\n Planning Remote Administrative Access \r\n\r\n Lab A: Planning Secure Administrative Access \r\n\r\n Review \r\n\r\n \r\n\r\n Module 4: Planning User Accounts \r\n\r\n Designing Account Policies and Group Policy \r\n\r\n Planning Account Creation and Location \r\n\r\n Planning Delegation of Authority \r\n\r\n Auditing User Account Actions \r\n\r\n Lab A: Planning a Security-based OU Structure \r\n\r\n Review \r\n\r\n \r\n\r\n Module 5: Securing Windows 2000-based Computers \r\n\r\n Planning Physical Security for Windows 2000-based Computers \r\n\r\n Evaluating Security Requirements \r\n\r\n Designing Security Configuration Templates \r\n\r\n Lab A: Analyzing a Security Template \r\n\r\n Evaluating Security Configuration \r\n\r\n Deploying Security Configuration Templates \r\n\r\n Lab B: Designing Customized Security Templates \r\n\r\n Review \r\n\r\n \r\n\r\n Module 6: Securing File and Print Resources \r\n\r\n Examining Windows 2000 File System Security \r\n\r\n Protecting Resources Using DACLs \r\n\r\n Encrypting Data Using EFS \r\n\r\n Lab A: Managing EFS Recovery Keys \r\n\r\n Auditing Restore Access \r\n\r\n Securing Backup and Restore Procedures \r\n\r\n Protecting Data from Viruses \r\n\r\n Lab B: Planning Data Security \r\n\r\n Review \r\n\r\n \r\n\r\n Module 7: Securing Communication Channels \r\n\r\n Assessing Network Data Visibility Risks \r\n\r\n Designing Application-Layer Security \r\n\r\n Designing IP-Layer Security \r\n\r\n Deploying Network Traffic Encryption \r\n\r\n Lab A: Planning Transmission Security \r\n\r\n Review \r\n\r\n \r\n\r\n Module 8: Providing Secure Access to Non-Microsoft Clients \r\n\r\n Providing Secure Network Access to UNIX Clients \r\n\r\n Providing Secure Network Access to NetWare Clients \r\n\r\n Providing Secure Access to Macintosh Clients \r\n\r\n Securing Network Services in a Heterogeneous Network \r\n\r\n Monitoring for Security Breaches \r\n\r\n Lab A: Securing Telnet Transmissions \r\n\r\n Review \r\n\r\n \r\n\r\n Module 9: Providing Secure Access to Remote Users \r\n\r\n Identifying the Risks of Providing Remote Access \r\n\r\n Designing Security for Dial-UP Connections \r\n\r\n Designing Security for VPN Connections \r\n\r\n Centralizing Remote Access Security Settings \r\n\r\n Lab A: Using RADIUS Authentication \r\n\r\n Review \r\n\r\n \r\n\r\n Module 10: Providing Secure Access to Remote Offices \r\n\r\n Defining Private and Public Networks \r\n\r\n Securing Connections Using Routers \r\n\r\n Securing VPN Connections Between Remote Offices \r\n\r\n Identifying Security Requirements \r\n\r\n Lab A: Planning Secure Connections for Remote Offices \r\n\r\n Review \r\n\r\n \r\n\r\n Module 11: Providing Secure Network Access to Internet Users \r\n\r\n Identifying Potential Risks from the Internet \r\n\r\n Using Firewalls to Protect Network Resources \r\n\r\n Using Screened Subnets to Protect Network Resources \r\n\r\n Securing Public Access to a Screened Subnet \r\n\r\n Lab A: Designing a Screened Subnet \r\n\r\n Review \r\n\r\n \r\n\r\n Module 12: Providing Secure Internet Access to Network Users \r\n\r\n Protecting Internal Network Resources \r\n\r\n Planning Internet Usage Policies \r\n\r\n Managing Internet Access Through Proxy Server Configuration \r\n\r\n Managing Internet Access Through Client-side Configuration \r\n\r\n Lab A: Securing the Internal Network When Accessing the Internet \r\n\r\n Review \r\n\r\n \r\n\r\n Module 13: Extending the Network to Partner Organizations \r\n\r\n Providing Access to Partner Organizations \r\n\r\n Securing Applications Used by Partners \r\n\r\n Securing Connections Used by Remote Partners \r\n\r\n Structuring Active Directory to Manage Partner Accounts \r\n\r\n Authenticating Partners from Trusted Domains \r\n\r\n Lab A: Planning Partner Connectivity \r\n\r\n Review \r\n\r\n \r\n\r\n Module 14: Designing a Public Key Infrastructure \r\n\r\n Introducing a Public Key Infrastructure \r\n\r\n Using Certificates \r\n\r\n Examining the Certificate Life Cycle \r\n\r\n Choosing a Certification Authority \r\n\r\n Planning a Certification Authority Hierarchy \r\n\r\n Mapping Certificates to User Accounts \r\n\r\n Managing CA Maintenance Strategies \r\n\r\n Lab A: Using Certificate-based Authentication \r\n\r\n Review \r\n\r\n \r\n\r\n Module 15: Developing a Security Plan \r\n\r\n Designing a Security Plan \r\n\r\n Defining Security Requirements \r\n\r\n Maintaining the Security Plan \r\n\r\n Lab A: Developing a Security Plan \r\n\r\n Review \r\n\r\n \r\n\r\n Appendix A: SSL Port Assignments \r\n\r\n Appendix B: Acceptable Internet Use Policy \r\n\r\n Appendix C: Internet Explorer Security Settings \r\n\r\n Classroom Setup Guide \r\n\r\n Classroom Requirements \r\n\r\n Classroom Configuration \r\n\r\n Setup Instructions \r\n\r\n Automated Classroom Setup \r\n\r\n Classroom Setup Checklist \r\n\r\n Customization Information \r\n
\r\n
This section provides you with a brief description of the course, audience, suggested prerequisites, and course objectives.
Description
This course Provides students with the knowledge and skills necessary to design a security framework for small, medium, and enterprise networks by using Microsoft@ Window 2000 technologies.
Audience
This course is intended for senior support professionals, designers, planners, architects, and consultants responsible for developing a network security plan based on their security needs.
Student Prerequisites
This course requires that students meet the following prerequisites:
. Working knowledge of Windows 2000 Directory Services
. Completion of course 1560B, Updating Support Skills from Microsoft Windows NT@ 4.0 to Microsoft Windows 2000, or
. Completion of course 2154A, Implementing and Administering Microsoft Windows 2000 Directory Services, or
. Equivalent knowledge
Course Objectives
At the end of this course, students will be able to:
. Identify the security risks associated with managing resource access and data flow on a Windows network.
. Describe how key technologies Within Windows 2000 are used to secure a network and its resources.
. Plan a Windows 2000 administrative structure so that permissions are granted only to appropriate users.
. Plan an Active Directory TM directory service structure that facilitates secure and verifiable user account creation and administration.
. Define minimum security requirements for Windows 2000-based domain controllers, application servers, file and print servers, and workstations.
. Design a strategy for securing local storage of data and secure network access to file and Print resources.
. Design end-to-end security for the transmission of data between hosts on the network.
. Design a strategy for securing access for non-Microsoft clients to a Windows 2000 network.
. Provide secure connections to remote users.
. Design a strategy to secure connections between two remote networks.
. Protect private network resources from public network users.
. Design a strategy for securing private network user access to Public networks.
. Design a strategy for allowing trusted partners to access data on a Private network.
. Design a strategy for using certificate-based authentication to secure access to a private network.
. use a structured methodology for designing a secure Windows 2000 network.
无封面
第二书店&China-pub战略联盟提供专业服务
第二书店联系方式 010-64348411 webmaster@dearbook.com