Untitled Document

The Computer Institute is a unique training institute and we offer personalized service that no other training institute can match.

Take a moment to learn about the Computer Institute.

Read our newsletters and get latest information.

We help our graduates secure top jobs in the IT industry.

After browsing our class schedule, register to take any of our classes.

We work closely with our partners to provide you with a wide variety of services.

Financing is never a problem. For qualified applicants, We can help to secure funds to further their education and find employment that utilizes new skills.

Find out about job openings at the Computer Institute.

The Computer Institute class schedule is posted online for your convenience.

Get detailed information about certification workshops offered by the Computer Institute.

As a Microsoft Certified Technical Education Center (CTEC) we offer quality education in partnership with Microsoft.

Get detailed information about A+ certification workshops offered by the Computer Institute.

Get detailed information about Network+ certification workshops offered every month by the Computer Institute.

Get detailed information about Security+ certification offered every month by the Computer Institute.

Get detailed information about Microsoft Certified Systems Engineer certification (MCSE) program offered by the Computer Institute.

Learn how to become Cisco certified by taking workshops offered by the Computer Institute.

Get detailed information about Novell CNA certification workshops offered by the Computer Institute.

Get detailed information about Oracle Certified Developer courses offered by the Computer Institute.

Get detailed information about Oracle Certified DBA courses offered by the Computer Institute.

Get detailed information about Oracle Certified Developer & DBA courses offered by the Computer Institute.

Learn about courses offered for Web designers and developers.

1335 Rockville Pike
Rockville, MD 20852
(301) 424-0044
(301) 424-1693 (fax)

COMPUTER

INSTITUTE

Wednesday, January 07, 2009

Designing a Secure Microsoft Windows 2000 Network
Course No. Course Length:	2150 5 days
At Course Completion This provides students with the knowledge and skills necessary to design a security framework for small, medium, and enterprise networks using Microsoft® Windows® 2000 technologies. This course contains four units that describe security in specific areas of the network: Providing Secure Access to Local Network Users Providing Secure Access to Remote Users and Remote Offices Providing Secure Access Between Private and Public Networks Providing Secure Access to Partners Prerequisites Working knowledge of Windows 2000 Directory Services Completion of course 1560, Upgrading Support Skills from Microsoft Windows NT 4.0 to Microsoft Windows 2000 OR Completion of course 2154, Implementing and Administering Windows 2000 Directory Services OR Equivalent knowledge
Course Outline
Day 1
Module 1: Assessing Security Risks
Topics What is at Risk? What are the Potential Threats to the Network? Describing Common Security Standards Planning Enterprise Security Lab Introducing Northwind Traders Skills Students will be able to: Determine what is at risk if security is compromised on a network. Determine common threats against network security. Review common standards against which security is measured. Discuss a methodology for securing enterprise networks.
Module 2: Introducing the Windows 2000 Security Model
Topics The role of Directory Services in the Security Framework Identifying Authentication Methods Available Within Windows 2000 Networks Controlling Access to Resources on Windows 2000 Networks Introducing Encryption Technology Encrypting Stored and Transmitted Data in Windows 2000 Networks Introducing Public Key Infrastructure Technology Labs Assessing Security in Given Scenarios What Type of Authentication Is Available in Given Scenarios? Skills Students will be able to: Analyze the role of Windows 2000 Active Directory in the Windows 2000 security framework. Describe the authentication protocols used by Windows 2000. Describe how objects and resources are secured in Windows 2000. Examine common methods of encrypting and validating data. Describe how Windows 2000 supports the encryption of both stored data and transmitted data. Describe how a public key infrastructure can be used to implement certificate-based identification and authentication. Plan security for local resources and access on a local network.
Module 3: Planning Administrative Access
Topics Defining the Administrative Structure Assigning Administrative Roles Providing Administrative Access Labs Planning an Administration Structure Secondary Logon and Remote Administration Skills Students will be able to: Define the network administrative roles that exist in an organization. Plan memberships in the Windows 2000 administrative groups. Plan secure administrative access to the network.
Module 4: Planning User Accounts
Topics Designing a Domain and Organizational Unit Structure Planning Account Creation and Location Planning Delegation of Authority Designing an Audit Policy for Tracking Account Changes Labs Planning a Security-based OU Structure Group Policy Security Settings Skills Students will be able to: Design a Windows 2000 domain and organizational unit (OU) structure that will support your account and group policy configuration. Plan for the creation of accounts within the OU structure using both batch methodology and the Active Directory Users and Computers console. Plan a delegation of authority strategy for OUs. Design an audit strategy that will track changes made to the Active Directory contents.
Day 2
Module 5: Securing Windows 2000-Based Computers
Topics Evaluating the Security Requirements of Windows 2000-Based Systems Securing Physical Access to Windows 2000-Based Systems Designing Security Configuration Policies Analysis of Security Configuration Labs Planning a Security Baseline Template Evaluating a Baseline Template Skills Students will be able to: Evaluate the security requirements for Windows 2000-based systems with respect to their role in the enterprise network. Plan physical and hardware configuration measures to secure Windows 2000-based systems. Design security configuration templates that can be used to enforce security settings. Plan the use of security baseline templates to evaluate the current security configuration of a Windows 2000-based system.
Module 6: Securing File and Print Resources
Topics Comparing the Security of Windows 2000 File Systems Protecting Data Using Access Control Lists Encrypting Data Using EFS Auditing Resource Access Securing Backup and Restore Procedures Protecting Data From Viruses Labs Planning Data Security Managing EFS Recovery Skills Students will be able to: Describe the security provided in the file systems supported by Windows 2000. Design a security strategy for protecting the registry, files resources, and print resources by using Access Control Lists. Design a strategy for the protection and recovery of file resources using EFS. Design an auditing strategy to determine file and print resource access. Design a secure backup and restore procedure that allows for disaster recovery. Plan for virus protection in your network security design.
Day 3
Module 7: Securing Communication Channels on the Local Network
Topics Demonstration: Investigating Web Access Assessing Network Data Visibility Risks Evaluating Network Authentication Methods Protecting Network Data Transmission from Packet-Level Impersonation Encrypting Network Data Transmissions with Internet Protocol Security (IPSec) Labs Planning Network Data Transmission Security Evaluating Transport Security using IPSec Policies Skills Students will be able to: Assess potential risks to data risks to data when it is transported between clients on the Local Area Network. Compare and contrast the network authentication methods that can be used by Windows 2000 clients and down-level clients. Design a strategy for protecting data transmissions on the private network from packet-level impersonation. Design an IPSec strategy for encrypting private network data transmissions.
Module 8: Providing Secure Access to Non-Microsoft Clients
Topics Demonstration: Investigating a TelNet Connection Providing Secure Access to IP-Based Clients Providing Secure Access to NetWare Clients Providing Secure Access to Macintosh Clients Labs Planning Non-Microsoft Client Access to Shared Resources Investigating IP Protocol Risks Skills Students will be able to: Describe the inherent risks and the management strategy involved when deploying standard IP client/server sockets-based applications. Describe the additional security measures that must be taken when integrating NetWare clients on your network. Describe the additional security measures that must be taken when integrating Macintosh clients on your network.
Module 9: Providing Secure Access to Remote Users
Topics Planning Remote Access Security Authentication and Accounting Providers Planning Server-side Security for Remote Connectivity Planning Client-side Security for Remote Connectivity Labs Planning Secure Remote Access Analyzing Remote Data Transmissions Skills Students will be able to: Compare and contrast the common methods that may be used by remote users to connect to the private network. Compare and contrast the server configuration options available to allow secure remote connectivity to your network by individual users. Compare and contrast the client configuration options available to allow secure connectivity to a remote private network. Create a distributed authentication framework for remote clients.
Module 10: Providing Secure Access to Remote Offices
Topics Comparing Private and Public Networks Securing WAN Links Over a Private Network Securing WAN Links Over a Public Network Labs Planning Secure Connections for a New Remote Office Investigating Tunneling Filters Skills Students will be able to: Introduce how public and private networks interact and describe the common physical technologies that are used to provide connectivity. Plan secure WAN links to branch offices using dedicated network connections. Plan secure WAN links to branch offices using tunneling technologies over public networks.
Day 4
Module 11: Maintaining Security When Allowing Public Access to Your Private Network
Topics Potential Risks Protecting Networks using Firewalls Demonstration: Port Mapping Example Protecting Resources Exposed on the Internet Planning Placement of Servers in a Firewall Configuration Labs Planning an ISP Using Windows 2000 Validate a Demilitarized Zone Configuration Planning Common Packet Filtering Skills Students will be able to: Analyze the common threats that are introduced when your private network is connected to a public network. Design a firewall strategy for protecting your private network. Design a secure method for exposing private network resources to the public network. Plan secure placement of servers when working with interconnected private and public networks.
Module 12: Maintaining Security When Accessing Public Networks from Your Network
Topics Analyzing Threats Introduced by an Internet Connection Protecting Internet Network Addressing Schemes Using Server-Side Configuration to Control Content Accessed by Network Users Using Client-Side Configuration to Control Content Accessed by Network Users Labs Planning a Deployment Plan for the Client Systems Using NetStat to View What Is Being Used by the Clients Configuring Proxy Server to Only Allow Specific Protocol Usage Skills Students will be able to: Analyze the various threats that are introduced to the network when users are allowed to access the Internet. Design a strategy for protecting the private network IP addressing scheme from the public network. Design the server side requirements for maintaining security when authenticated users access public networks. Design the client-side requirements for maintaining security when authenticated users access public networks. Plan security when trusted individuals and organizations access private network data and resources over a public network.
Day 5
Module 13: Authenticating Trusted Partners
Topics Authenticating Partners Using Windows 2000 User Accounts Authenticating Partners Using Trusted Domains Authenticating Partners Using Internet Technologies Planning Certificate-Based Authentication Labs Planning Authentication Methods for Partner Organizations Investigating the Effects of Certificate Revocation Skills Students will be able to: Design a secure framework for partner access using Windows 2000 user accounts. Design a secure framework for trusted partners to access the private network by using trust relationships. Compare and contrast the methods available for authenticating clients by using Internet technologies. Design a certificate-based authentication framework for a Windows 2000 network.
Module 14: Providing Secure Resource Access
Topics Providing Secure Access Using Resource Permissions Securing Access for Remote Partners Providing Secure Partner Access to Data Using Terminal Services Providing Secure Partner Access to Data Using Web Technologies Providing Secure Partner Access to Data Using Messaging Labs Selecting Access Methods for Partners Configuring a Certificate Authority Hierarchy Skills Students will be able to: Design secure resource access for trusted partners by using access control lists. Plan which resources will be exposed to trusted partners and where those resources will be placed on the network. Design secure resource access to trusted partners by using terminal services. Design secure access to resources using Web technologies. Design secure resource sharing using a messaging solution.
Module 15: Providing Business to Business and E-Commerce Security
Topics Planning for Business-to-Business Applications Planning for Secure Business Communication Between Partners Labs Planning an E-Commerce Site Planning a Personalization and Membership Server Skills Students will be able to: Describe the various technologies commonly used when implementing secure business-to-business applications. Plan knowledge management and business communications between business partners.
Module 16: Title
Topics Developing a Security Team Defining the Scope of Security Analyzing the Current Network Configuration Designing a Security Baseline for Your Network Developing and Implementing a Project Plan Maintaining Security Maintaining Awareness of Current Security Issues Skills Students will be able to: Plan the composition of a security team that will develop your organization's security plan. Determine the security needs for your network based on your local network, remote networks, public networks and associations with trusted partners. Analyze the current security configuration of your network. Design the security baseline for your network based on your organization's security goals. Design a security plan rollout. Design a strategy to maintain your network's current level of security as the security landscape changes.


Copyright Computer Institute 1999 Last Updated: Wednesday, January 07, 2009

At Course Completion

Lab

Skills

Labs

Skills

Topics

Labs

Skills

Labs

Skills

Labs

Skills

Labs

Skills

Labs

Skills

Labs

Skills

Topics

Labs

Skills

Labs

Skills

Topics

Labs

Skills

Labs

Skills

Topics

Labs

Skills

Labs

Skills

Labs

Skills

Skills