Synopses & Reviews
Ace your preparation for the skills measured by MCP Exam 70-298--and on the job--with this official Microsoft study guide. Work at your own pace through a system of lessons, practice exercises, and design activities.
The Readiness Review Suite on CD, featuring advanced technology from MeasureUp, provides 300 challenging questions for in-depth self-assessment and practice. You can choose timed or untimed testing mode, generate random tests, or focus on specific objectives. You get detailed explanations for right and wrong answers--including a customized learning path that describes how and where to focus your studies.
Maximize your performance on the exam by learning how to: Document the impact of business and technical constraints on the security design process
Create a security design for: Logical infrastructure Network infrastructure for physical security Network management and maintenance Basic network functions Wireless networks and Web servers
Readiness Review Suite on CD Powered by MeasureUp
Your kit includes: NEW--Fully reengineered self-paced study guide with expert exam tips. NEW--Readiness Review Suite featuring 300 questions and multiple testing options. NEW--Practice exercises and design activities for real-world expertise. NEW--180-day evaluation version of Windows Server 2003, Enterprise Edition. NEW--eBook in PDF format. NEW--Microsoft Encyclopedia of Security eBook. Microsoft Encyclopedia of Networking, Second Edition eBook.
A Note Regarding the CD or DVD
The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via OReilly Medias Digital Distribution services. To download this content, please visit OReillys web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to [email protected].
Synopsis
Ace your preparation for the skills measured by MCP Exam 70-298—and on the job—with this official Microsoft study guide. Work at your own pace through a system of lessons, practice exercises, and design activities.
The Readiness Review Suite on CD, featuring advanced technology from MeasureUp, provides 300 challenging questions for in-depth self-assessment and practice. You can choose timed or untimed testing mode, generate random tests, or focus on specific objectives. You get detailed explanations for right and wrong answers—including a customized learning path that describes how and where to focus your studies.
Maximize your performance on the exam by learning how to:
- Document the impact of business and technical constraints on the security design process
Create a security design for:
- Logical infrastructure
- Network infrastructure for physical security
- Network management and maintenance
- Basic network functions
- Wireless networks and Web servers
Readiness Review Suite on CD Powered by MeasureUp
Your kit includes:
- NEW—Fully reengineered self-paced study guide with expert exam tips.
- NEW—Readiness Review Suite featuring 300 questions and multiple testing options.
- NEW—Practice exercises and design activities for real-world expertise.
- NEW—180-day evaluation version of Windows Server 2003, Enterprise Edition.
- NEW—eBook in PDF format.
- NEW—Microsoft Encyclopedia of Security eBook.
- Microsoft Encyclopedia of Networking, Second Edition eBook.
A Note Regarding the CD or DVD
Assess your skills with practice tests. You can work through hundreds of questions using multiple testing modes to meet your specific learning needs. You get detailed explanations for right and wrong answers—including a customized learning path that describes how and where to focus your studies.
For customers who purchase an ebook version of this title, instructions for downloading the CD files can be found in the ebook.
About the Author
Roberta Bragg's computing life started in 1975. She has been employed as an operator, programmer, systems administrator, network administrator, security consultant, trainer, teacher, editor and author. Her many publications include five programming and administration instruction curriculum guides, six certification guides, four technical reference books, hundreds of freelance IT oriented articles and seven years as a columnist on Windows security. Currently she consults and writes on information security. Roberta lives in downtown Kansas City, Missouri, 12 blocks from the Kansas City Arts Incubator where she produces and sells glass fused and slumped objects, and stained glass mosaics.
Table of Contents
Acknowledgments; About This Book; Intended Audience; Prerequisites; About the CD-ROM; Features of This Book; Getting Started; The Microsoft Certified Professional Program; Technical Support; Evaluation Edition Software Support; Part I: Documenting the Impact of Business and Technical Constraints on the Security Design Process; Chapter 1: Creating a Conceptual Design for Network Infrastructure Security; 1.1 Why This Chapter Matters; 1.2 Before You Begin; 1.3 Lesson 1: Analyzing Business Requirements for Information Security; 1.4 Lesson 2: Creating the Security Design Framework; 1.5 Lesson 3: Analyzing Technical Constraints that Affect Security Design; 1.6 Design Activity: Developing a List of Security Issues; 1.7 Chapter Summary; 1.8 Exam Highlights; Part II: Creating a Security Design for the Network Infrastructure; Chapter 2: Designing the Logical Infrastructure; 2.1 Why This Chapter Matters; 2.2 Before You Begin; 2.3 Lesson 1: Building a Logical Security Infrastructure by Using Certificate Services; 2.4 Lesson 2: Designing a CA Hierarchy; 2.5 Lesson 3: Designing the Certificate Enrollment Process; 2.6 Lesson 4: Designing the Renewal, Revocation, and Auditing Processes; 2.7 Lesson 5: Designing Security for the Certification Authority; 2.8 Design Activity: Designing the Logical Infrastructure; 2.9 Chapter Summary; 2.10 Exam Highlights; 2.11 Questions and Answers; Chapter 3: Designing the Network Infrastructure for Physical Security; 3.1 Why This Chapter Matters; 3.2 Before You Begin; 3.3 Lesson 1: Designing Network Border Control; 3.4 Lesson 2: Securing DNS; 3.5 Lesson 3: Designing Security for Internal Data Transmissions; 3.6 Design Activity: Designing the Network Infrastructure for Physical Security; 3.7 Chapter Summary; 3.8 Exam Highlights; Part III: Creating a Security Design for Management and Maintenance of the Network; Chapter 4: Designing Security for Network Management; 4.1 Why This Chapter Matters; 4.2 Before You Begin; 4.3 Lesson 1: Managing Administrative Risks; 4.4 Lesson 2: Designing Secure Administration Practices; 4.5 Lesson 3: Securing Emergency Management Services; 4.6 Design Activity: Designing Security for Network Management; 4.7 Chapter Summary; 4.8 Exam Highlights; 4.9 Questions and Answers; Chapter 5: Designing a Security Update Infrastructure; 5.1 Why This Chapter Matters; 5.2 Before You Begin; 5.3 Lesson 1: Introduction to Designing a Security Update Infrastructure; 5.4 Lesson 2: Designing Client Configuration for the Security Update Infrastructure; 5.5 Lesson 3: Monitoring and Improving the Security Patch Update Process; 5.6 Design Activity: Designing a Security Update Infrastructure; 5.7 Chapter Summary; 5.8 Exam Highlights; 5.9 Questions and Answers; Part IV: Creating a Security Design for Basic Network Functions; Chapter 6: Designing a Logical Authentication Strategy; 6.1 Why This Chapter Matters; 6.2 Before You Begin; 6.3 Lesson 1: Designing Forest and Domain Trust Models; 6.4 Lesson 2: Designing Authentication in a Heterogeneous Network; 6.5 Lesson 3: Establishing Account and Password Requirements for Information Security; 6.6 Design Activity: Designing a Logical Authentication Strategy; 6.7 Chapter Summary; 6.8 Exam Highlights; 6.9 Questions and Answers; Chapter 7: Designing Secure Communications Between Networks; 7.1 Why This Chapter Matters; 7.2 Before You Begin; 7.3 Lesson 1: Selecting Protocols for VPN Access; 7.4 Lesson 2: Designing VPN Connectivity; 7.5 Lesson 3: Designing Demand-Dial Routing Between Private Networks; 7.6 Lesson 4: Designing Secure Communications with External Organizations; 7.7 Lesson 5: Completing a Communications Design; 7.8 Design Activity: Designing Secure Communications; 7.9 Chapter Summary; 7.10 Exam Highlights; 7.11 Questions and Answers; Chapter 8: Designing Security by Server Role; 8.1 Why This Chapter Matters; 8.2 Before You Begin; 8.3 Lesson 1: Preparing an Infrastructure for Security by Server Role; 8.4 Lesson 2: Defining a Baseline Security Template; 8.5 Lesson 3: Designing Incremental Security Templates Based on Server Role; 8.6 Design Activity: Completing the DesignDomain Control Templates; 8.7 Chapter Summary; 8.8 Exam Highlights; 8.9 Questions and Answers; Chapter 9: Designing Access Control for Enterprise Data; 9.1 Why This Chapter Matters; 9.2 Before You Begin; 9.3 Lesson 1: Designing the Access Control Infrastructure; 9.4 Lesson 2: Designing the Delegation and Permission Structure for Active Directory Objects; 9.5 Lesson 3: Analyzing Auditing Requirements; 9.6 Lesson 4: Designing Security for Backup and Recovery Operations; 9.7 Lesson 5: Designing a File Encryption and Decryption Strategy; 9.8 Design Activity: Designing Data Access Security; 9.9 Chapter Summary; 9.10 Exam Highlights; 9.11 Questions and Answers; Chapter 10: Designing a Secure Client Infrastructure; 10.1 Why This Chapter Matters; 10.2 Before You Begin; 10.3 Lesson 1: Designing the Client Authentication Infrastructure; 10.4 Lesson 2: Designing a Secure Remote Access Strategy for Client Computers; 10.5 Design Activity: Designing a Secure Client Infrastructure; 10.6 Chapter Summary; 10.7 Exam Highlights; 10.8 Questions and Answers; Chapter 11: Designing a Secure Client System; 11.1 Why This Chapter Matters; 11.2 Before You Begin; 11.3 Lesson 1: Designing a Strategy for Securing Client Computers; 11.4 Lesson 2: Designing a Strategy for Hardening Client Operating Systems; 11.5 Lesson 3: Designing a Strategy for Restricting User Access to Operating System Features; 11.6 Design Activity: Designing Technical Controls to Manage the Use of Laptop Computers; 11.7 Chapter Summary; 11.8 Exam Highlights; 11.9 Questions and Answers; Part V: Creating a Security Design for Wireless Networks and Web Servers; Chapter 12: Designing Security for Wireless Networks; 12.1 Why This Chapter Matters; 12.2 Before You Begin; 12.3 Lesson 1: Designing Security for Wireless Networks; 12.4 Lesson 2: Designing Security Using 802.1x for Wireless Networks; 12.5 Design Activity: Securing a Network from a Free Wireless Access Site; 12.6 Chapter Summary; 12.7 Exam Highlights; 12.8 Questions and Answers; Chapter 13: Designing Security for IIS; 13.1 Why This Chapter Matters; 13.2 Before You Begin; 13.3 Lesson 1: Designing IIS Security Baselines; 13.4 Lesson 2: Designing User Authentication for IIS; 13.5 Design Activity: Designing Security for IIS; 13.6 Chapter Summary; 13.7 Exam Highlights; 13.8 Questions and Answers; Glossary; System Requirements; Uninstall Instructions;