Exam Objectives Fast Track

Previous page
Table of content
Next page


Planning and Implementing Active Directory Security

  • A forest trust is a trust between two Windows Server 2003 forests.

  • Explicit Allow permissions cannot be overridden by inherited Deny permissions.

  • ACLs are used to protect schema objects from unauthorized use in AD.

  • External trusts can be set up using AD domains and trusts for authentication purposes when you do not want to create a transitive forest trust or you need access to Windows NT 4 domains.

Planning and Implementing Wireless Security

  • RADIUS is managed through the Routing and Remote Access (RRAS) MMC.

  • PEAP is used with wireless clients.

  • EAP-MS-CHAP v2 is one of the strongest authentication methods and allows users to change their passwords.

  • WLANs are the most common wireless networks used in corporate and school environments. The 802.11b standard can carry data up to 22 Mbps, and 802.11a and 802.11g can carry data up to 54 Mbps.

  • A LAN port takes on one of two roles during network access, as either an authenticator or supplicant.

Monitoring and Optimizing Security

  • Object-based access control allows administrators to apply audit settings for files, folders, services, and Registry keys.

  • Security policies can be used to control password policies, lockout policies, Kerberos policies, and other aspects of security.

  • Kerberos policies can be used only on domain user accounts.

  • User rights and user permissions are different. Rights are attached to a user or group account and are not object-based. Permissions are attached to specific objects. User rights allow clients to perform specific tasks on their machines or on the network.

Planning a Change and Configuration Management Framework

  • Secedit is used at the command prompt to automate security configuration tasks.

  • Local Security Policy is used to configure security policies on a nondomain controller. These policies apply only to the local machine.

  • Security templates are used to configure security policies according to preset definitions and can be imported into Group Policy.

  • The Security Settings extension to Group Policy is used to configure security on an OU, a site, or a domain.

Planning a Security Update Infrastructure

  • MBSA scans for security vulnerabilities in the operating system and other Microsoft components, including IIS, Exchange Server, SQL Server, Internet Explorer, and Windows Media Player.

  • The command-line program for running MBSA is mbsacli.exe.

  • MBSA gives administrators a report after a scan has been completed. This report explains what security issues were discovered and how to correct them.

  • Microsoft SUS is used to apply security updates from a centralized location within the LAN, giving administrators more control and providing more efficient downloading of updates.


Previous page
Table of content
Next page
MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure. Exam 70-293 Study Guide and DVD Training System
MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure: Exam 70-293 Study Guide and DVD Training System
ISBN: 1931836930
EAN: 2147483647
Year: 2003
Pages: 173
Authors: Syngress, Syngress Publishing, Thomas W. Shinder, Debra Littlejohn Shinder
BUY ON AMAZON
CISSP Exam Cram 2
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
Introduction to 80x86 Assembly Language and Computer Architecture
Cisco CallManager Fundamentals (2nd Edition)
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy