Certification Galore > MCSE
Designing Security for a Microsoft� Windows� 2000 Network

Study Help
NT Server
NT Server Enterprise

Preparation Guide
NT Server
NT Server Enterprise

Self-Study Books
Microsoft Seminars
Links & Practice Tests

Contributors Wanted!

Main NT Page
Main MCSE Page

Back to Certification Galore

Other Web Pages:

arrow.GIF (61 bytes)Windows 98
Second Edition
Tips and Tricks
Desktop Tips
Internet Explorer Tips
Registry Tweaks

Easter Eggs
New Utilities
Win98 News

arrow.GIF (61 bytes)Troubleshooting
Troubleshooting Process
Troubleshooting Files
Understanding SafeMode
Hardware Troubleshooting
Understanding the Registry
Resetting the Registry
Windows 95 Tools
Windows Password Q&A
Setup Switches
Deleting a Virus
Windows 95 Updates

arrow.GIF (61 bytes)Windows News

arrow.GIF (61 bytes)Search Our Site

arrow.GIF (61 bytes)Search the Internet

arrow.GIF (61 bytes)Site Map

arrow.GIF (61 bytes)Links

arrow.GIF (61 bytes)Channel Subscription

arrow.GIF (61 bytes)Awards

arrow.GIF (61 bytes)Contact Us

arrow.GIF (61 bytes)Advertisers

Study Materials

mcse.1.gif (15100 bytes)

mcse.7.gif (12833 bytes)

Exam 70-220

This certification exam tests the skills required to analyze the business requirements for security and design a security solution that meets business requirements. Security includes:

bulletControlling access to resources
bulletAuditing access to resources

Before taking the exam, you should be proficient in the job skills listed below.

Analyzing Business Requirements

Analyze the existing and planned business models.

bulletAnalyze the company model and the geographical scope. Models include regional, national, international, subsidiary, and branch offices.
bulletAnalyze company processes. Processes include information flow, communication flow, service and product life cycles, and decision-making.

Analyze the existing and planned organizational structures. Considerations include management model; company organization; vendor, partner, and customer relationships; and acquisition plans.

Analyze factors that influence company strategies.

bulletIdentify company priorities.
bulletIdentify the projected growth and growth strategy.
bulletIdentify relevant laws and regulations.
bulletIdentify the company's tolerance for risk.
bulletIdentify the total cost of operations.

Analyze business and security requirements for the end user.

Analyze the structure of IT management. Considerations include type of administration, such as centralized or decentralized; funding model; outsourcing; decision-making process; and change-management process.

Analyze the current physical model and information security model.

bulletAnalyze internal and external security risks.

Analyzing Technical Requirements

Evaluate the company's existing and planned technical environment.

bulletAnalyze company size and user and resource distribution.
bulletAssess the available connectivity between the geographic location of work sites and remote sites.
bulletAssess the net available bandwidth.
bulletAnalyze performance requirements.
bulletAnalyze the method of accessing data and systems.
bulletAnalyze network roles and responsibilities. Roles include administrative, user, service, resource ownership, and application.

Analyze the impact of the security design on the existing and planned technical environment.

bulletAssess existing systems and applications.
bulletIdentify existing and planned upgrades and rollouts.
bulletAnalyze technical support structure.
bulletAnalyze existing and planned network and systems management.

Analyzing Security Requirements

Design a security baseline for a Windows 2000 network that includes domain controllers, operations masters, application servers, file and print servers, RAS servers, desktop computers, portable computers, and kiosks.

Identify the required level of security for each resource. Resources include printers, files, shares, Internet access, and dial-in access.

Designing a Windows 2000 Security Solution

Design an audit policy.

Design a delegation of authority strategy.

Design the placement and inheritance of security policies for sites, domains, and organizational units.

Design an Encrypting File System strategy.

Design an authentication strategy.

bulletSelect authentication methods. Methods include certificate-based authentication, Kerberos authentication, clear-text passwords, digest authentication, smart cards, NTLM, RADIUS, and SSL.
bulletDesign an authentication strategy for integration with other systems.

Design a security group strategy.

Design a Public Key Infrastructure.

bulletDesign Certificate Authority (CA) hierarchies.
bulletIdentify certificate server roles.
bulletManage certificates.
bulletIntegrate with third-party CAs.
bulletMap certificates.

Design Windows 2000 network services security.

bulletDesign Windows 2000 DNS security.
bulletDesign Windows 2000 Remote Installation Services (RIS) security.
bulletDesign Windows 2000 SNMP security.
bulletDesign Windows 2000 Terminal Services security.

Designing a Security Solution for Access Between Networks

Provide secure access to public networks from a private network.

Provide external users with secure access to private network resources.

Provide secure access between private networks.

bulletProvide secure access within a LAN.
bulletProvide secure access within a WAN.
bulletProvide secure access across a public network.

Design Windows 2000 security for remote access users.

Designing Security for Communication Channels

Design an SMB-signing solution.

Design an IPSec solution.

bulletDesign an IPSec encryption scheme.
bulletDesign an IPSec management strategy.
bulletDesign negotiation policies.
bulletDesign security policies.
bulletDesign IP filters.
bulletDefine security levels.


Copyright � 1998-2000 Intra-Designs except where noted. All rights reserved.