2802 - Microsoft Security Guidance Training II

This one-day instructor-led clinic builds on existing knowledge of server and client security and provides students with the knowledge and skills to apply best practices to implement perimeter and network defenses and enhance security for applications and Microsoft Windows Server SystemT components. It also provides students with prescriptive guidance to enhance security for Microsoft Windows Server and client computers and practical strategies for implementing security best practices across an environment.

After completing this clinic, students will be able to:

• Understand how to implement perimeter defenses.
• Use ISA Server to protect the network perimeter.
• Implement client defenses.
• Use Windows Firewall to protect computers running Microsoft Windows XP SP2 and Windows Server 2003 SP1.
• Improve protection for wireless networks.
• Improve network protection by using IP Security (IPSec).
• Explain the basics of network security and the reasons why your defenses should be layered from the general to the specific for the most secure environment.
• Increase security for Exchange Server, SQL Server, and Microsoft Small Business Server.
• Identify the important tasks that you can do today to improve your organization's security.
• Understand the importance of client and server security.
• Describe the tasks and tools involved in implementing server security.
• Describe the tasks and tools involved in implementing client security.
• Identify the methods for securing Windows operating systems.
• List methods available for securing Microsoft Internet Information Services (IIS).
• List methods available for providing mobile client security.
• Build on existing knowledge of server, client, and network security and learn practical strategies for implementing the best practices for security across your environment.
• Learn real-world strategies for patch management and network security and how to troubleshoot problems with existing security configurations.

Session 1: Implementing Network and Perimeter Security
This session discusses the use of network perimeter firewalls such as ISA Server 2004 for network security and application filtering and how to implement intrusion detection mechanisms. As well, the session discusses the use of host-based firewalls including Windows Firewall. The session describes how to use IPSec to secure network traffic and how to use remote access quarantine to secure remote access connections to your network.

Topics

• Using ISA Server to Protect Perimeters
• Using Windows Firewall to Protect Clients
• Using IPSec to Protect Communications
• Protecting Remote Access by Using Network Access Quarantine

Session 2: Implementing Application Security
This session provides security best practices for SQL Server, Exchange Server, Internet Information Server and Windows Small Business Server.

Topics

• Protecting Exchange Server
• Protecting SQL Server
• Methods for Securing IIS Server
• Securing Windows Small Business Server

Session 3: Advanced Security Measures for Clients and Servers
This session provides advanced prescriptive guidance to enhance security for Active Directory and for Windows-based servers and clients. The session will provide in-depth information on additional techniques for securing servers and demonstrate the technologies and practices that you can use to increase security for local and remote clients.

Topics

• Securing Active Directory
• Implementing Advanced Security for Servers
• Implementing Advanced Security for Clients
• Providing Data Security
• Methods for Providing Mobile Client Security
• Troubleshooting Security Configurations

Session 4: Implementing Security for Wireless Networks
This session describes how to implement security for wireless networks. After providing an overview of the options available for securing wireless networks, this session focuses on how to secure wireless networks using the Microsoft solution for implementing password authentication.

Topics

• Overview of Wireless Solutions
• Securing a Wireless Network
• Implementing a Wireless Network Using Password Authentication
• Configuring Wireless Network Infrastructure Components
• Configuring Wireless Network Clients
• Troubleshooting Wireless Network Problems

About Microsoft Clinics
Microsoft Official Clinic learning products provide students with technical information on Microsoft products or technologies while discussing real-world considerations for their implementation. Clinics highlight features and functionality through product demonstrations.

Attendees will be current IT professionals with experience using Microsoft Windows 2000 Server or Microsoft Windows Server 2003 and with knowledge of Active Directory concepts. Students will also benefit from experience with Microsoft Exchange Server, Microsoft SQL Server , and Microsoft Internet Security and Acceleration (ISA) Server 2004. The students will be in an environment where they are responsible for aspects of security management and deployment associated with their internal network infrastructure and Internet or intranet services.

Before attending this clinic, students must have:

• Hands-on experience with Windows 2000 or Windows Server 2003 management tools.
• Experience with Active Directory and Group Policy.
• Attended Clinic 2801: Microsoft Security Guidance Training I, or have equivalent knowledge.