Microsoft Managing Windows 2000 Security

Introduction and Overview

Introduction and Overview Pt.1
Introduction and Overview Pt.2

Potential Security Risks

Potential Risks Overview

Security Evaluation and Standards

Security Standards Overview
Planning for Security

Windows 2000 Security Features

Windows 2000 Security Overview
Active Directory Structure and Security
SACLs and Auditing
Group Policy
Delegating Administrative Authority

User Accounts and Security

User Accounts and Security Overview
Creating Accounts
Using Templates
Strategies for Using Groups
Creating Groups
Account Policies
Group Policies
Inheritance of Group Policies
Filtering Group Policies
Delegating Authority
Auditing User Accouts

Administrative Access

Administrative Access Overview
Administrative Models
Administrative Tasks
Local Administrative Access and Security
Remote Administrative Access and Security

Designing Security For The Network

Designing Security Overview
Physical Security
Local Security Configuration
Secuirty Templates Overview
Default and Pre-Configured Templates
Custom Templates
Security Configuration and Analysis

Securing Files

Securing Files Overview
NTFS File System
Combining NTFS with Share Access
NTFS Permissions with Groups
Encrypting File System
Auditing File Access
Backing Up and Restoring
Anti-Virus Protection

Securing Printers

Securing Printers Overview
Printer Permissions
Printer Priorities
Locating Printers

Securing LAN Communication

Securing LAN Communication Overview
Potential Risks
Application Layer Security
IP Layer Security
IPSec Policies
IPSec Authentication
IPSec Filters
Network Traffic Encryption
Verifying & Troubleshooting IPSec

Security For Non-Microsoft Clients

Security with UNIX
Secuirty with Netware
Security with Macintosh

Securing Traffic with Non-Windows 2000 Servers

Securing Non-Windows 2000 Servers Overview
Dynamic Host Configuration Protocol (DHCP)
Domain Name System (DNS)
Simple Network Management Protocol (SNMP)
Monitoring Security Breaches

Remote Access Security

Remote Access Security Overview
Security for Dial-In Access
Virtual Private Network Connection
Remote Access Polices
Setting New Remote Access Policies
Remote Access Authentication and Encryption
RADIUS Authentication and Accounting
Configuring a RAS Server for RADIUS
Configuring a RADIUS Server

Secuirty with Remote Offices

Remote Office Security Overview
Securing a Virtual Private Network
Securing Routers

Secuirty From the Internet

Security From the Internet Overview
Screened Subnets and Bastion Hosts

Security To The Internet

Protecting Internal Network Resources
Network Address Translation (NAT)
Installing and Configuring NAT
Internet Configuration
Security with MS Proxy

Security With Extranets

Security with Extranets Overview
Providing Secure Access to Partners
Securing Applications & Data Used By Partners
Active Directory and Partner Accounts
Authentication from Trusted Domains

Designing A Public Key Infrastructure

Uses for Certificates
Certificate Authorities
Setting Up Certificate Hierarchies
Managing a Standalone Server
Managing an Enterprise Server

Developing A Secuirty Plan

Developing and Designing a Security Plan
Defining Security Requirements
Maintaining Security

How to Take and Pass the 70-220 Test

Preparation and The Day of the Test