As a network administrator or consultant, your job can involve planning, analyzing, and designing networks as much as implementing them. Security should be a major consideration in any network design.
MCSE Exam 70-220, Designing Security for a Microsoft Windows 2000 Network, deals with the design and planning of network security services and protocols. This exam can be used as an optional core exam or as an elective.
Because Active Directory is the fundamental data store for Windows 2000 security, most security techniques involve the Directory. You should be familiar with all aspects of Active Directory, as discussed in Part III. You should also consider the design of Active Directory (Part V) and Network Infrastructure (Part VI) when developing a security design.
To prepare for this chapter and the Designing Security exam, you should have studied Parts 1 and 2 for the basics of Windows 2000 Professional and Server. You should also be familiar with Windows 2000’s Active Directory and should, ideally, have real-world experience managing and securing a Windows 2000 network.
Need to Know |
Reference |
---|---|
Basic components to secure | |
Operations master types | |
Windows 2000 authentication methods | |
Certificate authority roles |
Need to Know |
Reference |
---|---|
EFS features, advantages, and disadvantages | |
EFS terminology | |
EFS process | |
Key storage locations |
Need to Know |
Reference |
---|---|
Windows 2000 DNS security features | |
Dynamic DNS support for different operating systems | |
RIS features and requirements | |
Terminal Services modes |
Need to Know |
Reference |
---|---|
Differences between NAT and Proxy Server | |
VPN protocols | |
Windows 2000 SMB security features |