Exam Objectives Fast Track

Analyze Business Requirements for Designing Security

  • Administrative policies such as Acceptable Use Policies, Privacy Policies, and User Awareness Training can assist an organization in promoting a security-conscious environment.

  • Understand how any network threats you come across can affect the confidentiality, integrity, and/or availability of your network data and resources in order to better defend against them.

  • Internal network attacks can often be more damaging than external hack attacks, since internal users already have valid logon credentials and physical access to network resources.

Design a Framework for Designing and Implementing Security

  • Use Risk Analysis to prioritize the relative importance of data on your network so that you will be able to secure data with different security requirements effectively and efficiently .

  • Most (if not all) attacks will take one of the following forms when attempting to breach your network: spoofing, tampering, repudiation , information disclosure, denial-of-service, and elevation of privilege.

  • Use auditing to create a baseline of network performance so that you will recognize anomalies that indicate an attack is taking place.

Analyze Technical Constraints when Designing Security

  • When designing security, keep in mind security constraints imposed by the use of down-level operating systems like Windows NT4. This can affect your choice of LAN and VPN protocols, since Windows NT4 does not support Kerberos, or the use of IPSec for LAN-based encryption.

  • Windows Server 2003 can serve as a KDC for non-Microsoft Kerberos clients, and Microsoft clients can also authenticate against an MIT Kerberos KDC using utilities contained in the Windows Server 2003 Support Tools.

  • Zone transfers and resource record updates with UNIX or other third-party DNS servers need to be secured against malicious activities. Consult the BIND or other DNS servers documentation for information on how to secure the transfer of non-Microsoft DNS information.

MCSE Designing Security for a Windows Server 2003 Network. Exam 70-298
MCSE Designing Security for a Windows Server 2003 Network: Exam 70-298
ISBN: 1932266550
EAN: 2147483647
Year: 2003
Pages: 122

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net