Exam Essentials

Make sure you know which tools are used for each of the common security tasks. Know that the Security Configuration And Analysis snap-in is used to compare the settings of a machine with those defined in a template as well as it can apply the settings defined in the template to the machine. The Security Templates snap-in is used to create and modify security templates.

Know the major types of settings that can be applied with security policies. You should be aware of how the security policies are applied and how they will resolve conflicts when different settings are assigned at different locations within the Active Directory organization.

Make sure you know which environment applies to your infrastructure. This will help you to determine what, if any, custom templates need to be created or which predefined template you will use.

Know how to secure your organization’s DNS servers. Separate the name resolution role for the internal network and the external network. This will allow you to permit updates, securely, on the internal DNS servers while preventing updates to the DNS servers accessible from the Internet. Make sure you restrict zone transfers, if they need to be supported, to a predefined list of IP addresses.