Microsoft MCSE Certification Boot Camp

MCSE Exam 70-298: Designing Security for a Microsoft Windows Server 2003 Network

 

Skills Measured

This certification exam measures your ability to gather and analyze business requirements for a secure network infrastructure and design a security solution that meets those requirements. Before taking the exam, you should be proficient in the job skills listed in the following matrix.

Prerequisites
Experience in implementing and administrating Windows network operating systems with network services, and a proficient working knowledge of security concepts

Creating the Conceptual Design for Network Infrastructure Security by Gathering and Analyzing Business and Technical Requirements 

Analyze business requirements for designing security. Considerations include existing policies and procedures, sensitivity of data, cost, legal requirements, end-user impact, interoperability, maintainability, scalability, and risk.

Analyze existing security policies and procedures.

Analyze the organizational requirements for securing data.

Analyze the security requirements of different types of data.

Analyze risks to security within the current IT administration structure and security practices.

  

Design a Framework for Designing and Implementing Security

The framework should include prevention, detection, isolation, and recovery.

Predict threats to your network from internal and external sources.

Design a process for responding to incidents.

Design segmented networks.

Design a process for recovering services.

  

Analyze Technical Constraints When Designing Security

Identify capabilities of the existing infrastructure.

Identify technology limitations.

Analyze interoperability constraints.

  

Creating the Logical Design for Network Infrastructure Security 

Design a public key infrastructure (PKI) that uses Certificate Services.

Design a certification authority (CA) hierarchy implementation. Types include geographical, organizational, and trusted.

Design enrollment and distribution processes.

Establish renewal, revocation and auditing processes.

Design security for CA servers.

  

Design a Logical Authentication Strategy

Design certificate distribution.

Design forest and domain trust models.

Design security that meets interoperability requirements.

Establish account and password requirements for security.

  

Design Security for Network Management

Manage the risk of managing networks.

Design the administration of servers by using common administration tools. Tools include Microsoft Management Console (MMC), Terminal Server, Remote Desktop for Administration, Remote Assistance, and Telnet.

Design security for Emergency Management Services.

  

Design a Security Update Infrastructure

Design a Software Update Services (SUS) infrastructure.

Design Group Policy to deploy software updates.

Design a strategy for identifying computers that are not at the current patch level.

  

Creating the Physical Design for Network Infrastructure Security 

Design network infrastructure security.

Specify the required protocols for a firewall configuration.

Design IP filtering.

Design an IPSec policy.

Secure a DNS implementation.

Design security for data transmission.

  

Design Security for Wireless Networks

Design public and private wireless LANs.

Design 802.1x authentication for wireless networks.

  

Design User Authentication for Internet Information Services (IIS)

Design user authentication for a Web site by using certificates.

Design user authentication for a Web site by using IIS authentication.

Design user authentication for a Web site by using RADIUS for IIS authentication.

  

Design Security for Internet Information Services (IIS)

Design security for Web sites that have different technical requirements by enabling only the minimum required services.

Design a monitoring strategy for IIS.

Design an IIS baseline that is based on business requirements.

Design a content management strategy for updating an IIS server.

  

Design Security for Communication Between Networks

Select protocols for VPN access.

Design VPN connectivity.

Design demand-dial routing between internal networks.

  

Design Security for Communication With External Organizations

Design an extranet infrastructure.

Design a strategy for cross-certification of Certificate Services.

  

Design Security for Servers that Have Specific Roles

Roles include domain controller, network infrastructure server, file server, IIS server, terminal server, and POP3 mail server.

Define a baseline security template for all systems.

Create a plan to modify baseline security templates according to role.

  

Designing an Access Control Strategy for Data 

Design an access control strategy for directory services.

Create a delegation strategy.

Analyze auditing requirements.

Design the appropriate group strategy for accessing resources.

Design a permission structure for directory service objects.

  

Design an Access Control Strategy for Files and Folders

Design a strategy for the encryption and decryption of files and folders.

Design a permission structure for files and folders.

Design security for a backup and recovery strategy.

Analyze auditing requirements.

  

Design an Access Control Strategy for the Registry

Design a permission structure for registry objects.

Analyze auditing requirements.

  

Creating the Physical Design for Client Infrastructure Security 

Design a client authentication strategy.

Analyze authentication requirements.

Establish account and password security requirements.

  

Design a Security Strategy for Client Remote Access

Design remote access policies.

Design access to internal resources.

Design an authentication provider and accounting strategy for remote network access by using Internet Authentication Service (IAS).

  

Design a Strategy for Securing Client Computers

Considerations include desktop and portable computers.

Design a strategy for hardening client operating systems.

Design a strategy for restricting user access to operating system features.

 

Boldface fields required.

First name

Company Name

Alt Phone

Mobile Phone

Country United States AfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia-HerzegovinaBotswanaBouvet IslandBrazilBritish Indian OceanBrunei DarussalamBulgariaBurkina FasoBurmaBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos IslandsColombiaComorosCongoCook IslandsCosta RicaCroatiaCubaCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland IslandsFaroe IslandsFIJI ISLANDSFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGaza StripGeorgiaGermanyGhanaGibraltarGREAT BRITAINGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsraelItalyIvory CoastJamaicaJapanJordanKazakhstanKenyaKiribatiKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLiechtensteinLithuaniaLuxembourgLybiaMacauMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesiaMoldovaMonacoMongoliaMontserratMoroccoMozambiqueNamibiaNauruNepalNetherlandsNetherlands AntillesNeutral ZoneNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorth Korea Northern Mariana IslandsNorwayOmanPakistanPalauPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarReunionRomaniaRussiaRwandaSaint HelenaSaint Kitts and NevisSaint LuciaSaint Pierre and MiquelonSaint Vincent and The GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSeychellesSierra LeoneSingaporeSLOVAK REPUBLICSloveniaSolomon IslandsSomaliaSouth AfricaSouth KoreaSpainSri LankaSudanSurinameSvalbard and Jan MayenSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUgandaUkraineUnited Arab EmiratesUnited Kingdom (Great Britain)United StatesUruguayUzbekistanVanuatuVatican City StateVenezuelaVietnamVirgin Islands (British)Virgin Islands (U.S.)Wallis And Futuna IslandsWestern SaharaYemenYugoslaviaZaireZambiaZimbabwe

Last name

Work Phone

E-mail Address

Postal Code

State Outside N. AmericaALABAMAALASKAALBERTAARIZONAARKANSASARMED FORCES AMERICAARMED FORCES CANADAARMED FORCES PACIFICBRITISH COLUMBIACALIFORNIACOLORADOCONNECTICUTDELAWAREFLORIDAGEORGIAHAWAIIIDAHOILLINOISINDIANAIOWAKANSASKENTUCKYLOUISIANAMAINEMANITOBAMARYLANDMASSACHUSETTSMICHIGANMINNESOTAMISSISSIPPIMISSOURIMONTANANEBRASKANEVADANEW BRUNSWICKNEW HAMPSHIRENEW JERSEYNEW MEXICONEW YORKNEWFOUNDLANDNORTH CAROLINANORTH DAKOTANORTHWEST TERRITORIESNOVA SCOTIAOHIOOKLAHOMAONTARIOOREGONPENNSYLVANIAPRINCE EDWARD ISLANDPUERTO RICOQUEBECRHODE ISLANDSASKATCHEWANSOUTH CAROLINASOUTH DAKOTATENNESSEETEXASUTAHVERMONTVIRGIN ISLANDSVIRGINIAWASHINGTONWashington DCWEST VIRGINIAWISCONSINWYOMINGYUKON

CBT Direct has a strong commitment to providing excellent service to all who visit this website. At CBT Direct, meeting your needs and expectations forms the foundation of everything we do. Protection of your privacy is paramount. Any information you share with us will be treated with care. We will not share your personal information with any third parties.

Back to Home Page