Securing Windows Server 2003: Hands-On

Frequently Asked Questions

What is this course about? The course provides comprehensive and practical knowledge of Windows Server 2003 security architecture and technologies. It takes a "real world" practical approach to the vulnerabilities of the operating system and shows you how to lock down Windows Server 2003. Windows Server 2003 offers a wide range of security services. This course covers state-of-the-art Windows Server 2003 security technologies, such as: Smart card management Kerberos authentication Delegation of administration Public key infrastructure (PKI) Patch management Encryption File System (EFS) Securing the Active Directory (AD) IP security (IPsec) Through detailed coverage of the aspects essential to system security, you develop the skills you need to implement and secure a Windows Server 2003 environment. Who will benefit from this course? This course is useful for those who design, implement or support Windows Server 2003 systems. Typical participants include: Systems administrators or support personnel who need to secure Windows Server 2003 Information security personnel UNIX, NetWare, Windows NT or Windows 2000 users who are evaluating or moving to Windows Server 2003 Application developers and programmers who need to familiarize themselves with the Windows Server 2003 security architecture Network administrators/planners who are evaluating Windows Server 2003 for enterprise computing Information systems security analysts and auditors who are evaluating or certifying an information system environment What background do I need? Course 595, Windows Server® 2003: A Comprehensive Hands-On Introduction, or equivalent experience, is assumed. For example, you should be able to: Perform basic management functions within the Active Directory Move around in the file system Set up TCP/IP clients and servers Course 595 covers some of the basics of system security and implementation. Course 599 provides an advanced understanding of the security architecture, as well as the skills you need to effectively build a secure infrastructure and implement an effective security policy based upon industry best practices. Will this course teach me how hackers attack Windows Server 2003 systems? Yes. The course helps you understand the current design of the Windows Server 2003 security architecture, perspectives on areas where attackers might penetrate inherent weaknesses and how to protect your system. Does the course cover network security? Yes. However, the focus of this course is on how to lock down the operating system. Network security is covered from the perspective of Windows Server 2003 implementation of IPsec. Does the course cover Kerberos security? Yes. The course covers in detail the implementation of Kerberos version 5 for Windows Server 2003. Other authentication models, such as NTLM, and SSL/TLS are also covered in this course. How much time is spent on each topic? Content Hours Introduction to Windows Server 2003 security features 2.0 Installing and leveraging a certificate services environment 4.5 Deploying a scalable security model using the Active Directory 5.0 Locking down the file system 4.5 Audit techniques and patch management 5.5 Authentication concerns 4.0 Network security 2.5 Times, including the workshops, are estimates; exact times may vary according to the needs of each class. What kinds of hands-on exercises are in the course? This course has extensive hands-on exercises in which you learn to configure a variety of security services and options. You work with the new Windows Server 2003 tools to create a secure environment. Does the course cover integrating Windows Server 2003 with UNIX or mainframes from a security perspective? Yes. However, the focus of the course is not on integration. Many security-related technologies, such as Kerberos and SSL/TLS, are based on industry standards. Therefore, a level of integration is built into the design of Windows Server 2003. Will I learn how to secure the Active Directory in this course? Yes. This course covers securing the Active Directory from both a logical and physical perspective. First, we address the Active Directory database through permission and delegation of administration. Then we address the physical Active Directory via Group Policies. Why should I take this course instead of one offered by Microsoft? Learning Tree is dedicated to helping accelerate the careers of our clients by providing them with world-class technology and management training. Our independence from Microsoft (and any other vendor) allows us to give an unbiased view of what works and what does not. This course is objective in its approach, having been developed independently from Microsoft by industry experts who bring their real-world experience to the classroom. How does this course relate to other Learning Tree courses? Windows Server 2003 Courses: 595, Windows Server® 2003: A Comprehensive Hands-On Introduction  596, Windows Server® 2003 Active Directory®: Hands-On  597, Deploying and Managing a Windows Server® 2003 Environment: Hands-On  566, Internet Information Services 6 for Windows Server® 2003: Hands-On  539, Deploying Clusters on Windows Server® 2003: Hands-On  Windows XP and Vista courses: 950, Windows Vista®: A Comprehensive Hands-On Introduction  Additional Windows Courses: 558, Automating Windows® Administration with VBScript: Hands-On  559, Windows Server® 2003 AD Troubleshooting: Hands-On  For detailed information about these courses, please refer to the individual Q&As.

Windows Server is a registered trademark of Microsoft Corporation.