Summary of Exam Objectives


Windows Server 2003 provides administrators with new technology and resources for system, domain, and wireless security. Secure cross-domain and cross-forest trust relationships can be used to allow access to resources between domains in the same or separate forests, using various types of available trusts.

Wireless networking is convenient for users, but it also presents security challenges for network administrators. You can use RADIUS, which controls user authentication for wireless clients with IAS to provide for enhanced connection capabilities in the Windows Server 2003 network and better security for your wireless connections.

Support is provided for numerous IEEE standards to allow wireless clients the ability to connect to the network for data access. Using various protocols such as EAP-TLS, PEAP, and EAP-MS-CHAPv2, security can be greatly enhanced for all types of clients including VPN clients, clients who use certificates, and clients who want to change their passwords after authentication has been successfully completed. Because of the lack of security inherent in the wireless standards, it is a good idea to use data-encryption technologies when connecting to a wireless network. WEP is the basic encryption protocol for wireless networks, but it has many flaws. Although better than no security, WEP should not be relied on as your sole security mechanism if you have any confidential data on the network. New standards and technologies such as 802.1x and 802.11i address some of the problems with WEP and provide solutions designed to make wireless networking more secure.

Monitoring is an important aspect of evaluating and improving your security strategy. You can use the Wireless Monitor to gather information about your wireless clients and WAPs. You can enable auditing of objects and use Group Policy to log object-based access control events on items such as files, folders, services, and Registry information. This can allow you more control over security issues within your organization. Security policies can also be enforced to allow you to control many aspects of network security, including account lockout, password policies, and user rights assignments. Windows Server 2003 includes a variety of built-in utilities that make it easier for you to manage security within your organization. The security configuration and management tools can be used to access and control security policies at the command prompt or by using a management console.

Microsoft has also made it easier for you to keep up with security vulnerabilities and installation of updates and hotfixes with the add-on programs MBSA and SUS. MBSA allows administrators to check for security on client and server machines. SUS allows administrators to provide a central internal location from which clients can retrieve security patches and hotfixes.




MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure. Exam 70-293 Study Guide and DVD Training System
MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure: Exam 70-293 Study Guide and DVD Training System
ISBN: 1931836930
EAN: 2147483647
Year: 2003
Pages: 173

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net