A rchive Date
[ 20-04-2001 ]
Category
[ Information Technologies ]
sub-Categoy
[ Microsoft ]
|
[http://www.examcram.com/insider/51/
Network Security on Windows 2000
As a network administrator, one of your primary responsibilities is to provide a secure computing environment for your company. If you're charged with providing such an environment in a Windows 2000 operating system, you may feel that earning a Microsoft certification will give you a leg up. You're right. There are a host of certification options related to Windows 2000. Let's look at those related to network security.
One of the biggest differences between Windows 2000 and Windows NT 4.0 is the security features offered. Windows 2000 has what Microsoft calls Distributed Security, with such new features as account management via integration with Windows 2000's Active Directory services and Kerberos v.5 authentication protocol. It also uses public-key certificates, secure channels based on Secure Sockets Layer (SSL) 3.0, and CryptoAPI to provide authentication and maintain data integrity and privacy across public networks. The highlights of the Windows 2000 Distributed Security Services are detailed.
Because so much is new with Windows 2000 security, Microsoft has developed two exams specifically to test your skills and knowledge in this area. Please note that these exams assume that you work in a medium to very large computing environment, with 200 to 26,000 or more supported users in multiple physical locations, and provide such services as outbound access for Web, email, Telnet, FTP, virtual private networking (VPN), and desktop management services, among others. If you're working in a smaller environment, Windows 2000 may not be your best choice for a certification program.
The first exam, #70-220: Designing Security for a Windows 2000 Network, can be used as either a core or elective exam in earning your MCSE. This exam first became available last July, and is one of Microsoft's new Case Study-Based exams. For more information on this type of test, see Microsoft's exam info. According to Microsoft, "This certification exam tests the skills required to analyze the business requirements for security and design a security solution that meets business requirements. Security includes: controlling access to resources; auditing access to resources; authentication; and encryption." They expect you to have gained this knowledge through real-world experience, and the case-study format of the exam tests your ability to synthesize information about a networking problem and devise a solution—-so the more experience you have the better!
The second and newest security-focused exam for the Windows 2000 Server program, released in its live version February 27, 2001, is Exam 70-227: Installing, Configuring, and Administering Microsoft Internet Security and Acceleration (ISA) Server 2000, Enterprise Edition. This exam counts as an elective toward the Microsoft Certified Systems Engineer (MCSE) designation, and passing it earns you the Microsoft Certified Professional (MCP) credential. Note that this exam is only for the Enterprise edition, not the Standard version. It tests your ability to install an ISA server; to configure and troubleshoot server services, policies and rules, and client computers; and to monitor and manage ISA server use.
If you're working in a Windows 2000 operating system, and responsible for ensuring that your users' data, and corporate computing assets are kept safe, you'll want to take a look at these exams and see how they can enhance your skill set and move you down the road to your MCSE certification.
Security Services
Windows 2000 Distributed Security has many new features to simplify domain administration, improve performance, and integrate Internet security technology based on public-key cryptography. The highlights of the Windows 2000 Distributed Security Services include Integration with Windows 2000 Active Directory services to provide scalable, flexible account management for large domains with fine-grain access control and delegation of administration; Kerberos version 5 authentication protocol, which is implemented as the default protocol for network authentication; strong authentication using public-key certificates, secure channels based on Secure Sockets Layer (SSL) 3.0, and CryptoAPI to deliver industry-standard protocols for data integrity and privacy across public networks.
These documents provide in-depth information and deployment procedures for the Windows 2000 Security Services, including security management using the Microsoft Security Configuration Tool Set, support for IP Security, the Encrypting File System, Public Key Infrastructure, smart cards, and Kerberos.
http://www.microsoft.com/windows2000/library/technologies/security/default.asp
Overviews
General Technical Documents
Planning & Deployment
Frequently Asked Questions:
Case Study-Based Test Demo
The MCP program has developed new types of questions for MCP exams that are very different from exam formats currently in use. We strongly urge MCP candidates to download and try the Case Study-Based Test Demo to become familiar with these new types of questions.
Q. What is the Case-Study-Based Test Demo?
A. The Case Study-Based Test Demo, a self-extracting file available for download, demonstrates an exam format that the MCP program is introducing with some exams. The demo is designed to give you practice with these types of questions. |  |
|
Q. What are the minimum system requirements for using this demo?
A. The minimum system requirements are a personal computer with a 486/75 processor, 32 megabytes of RAM, and 800 X 600 resolution. Please close all other applications while running the demo. Monitor colors should not be set to high-contrast black. |
|
Q. Is the demo a practice test?
A. The demo is not intended to be used as a practice test. Scenarios and questions in the demo do not reflect actual exam content. Your performance on the demo is not scored. |
|
Q. Why doesn't the demo give me a score?
A. The purpose of the demo is to familiarize candidates with the new question types, not to measure expertise. |
|
Q. Why are case studies used?
A. Case studies more accurately simulate what solution developers and systems engineers do on the job. A case study model also allows us to test the candidate's ability to analyze and synthesize information to make decisions. |
|
Q. When I begin a case study, will I be able to review previous ones?
A. In some exams, you may not be able to review previous case studies once you have completed a case study and its associated questions. | |
|
Q. The scenarios are so long and seem to require a lot of memorization. Are these questions testing memory?
A. These items are designed to test your ability to analyze and synthesize information in order to make decisions—not to test memory. You can refer to scenario details as often as necessary while you are working on questions within that scenario. |
|
Q. Some questions require multiple answers. Will I get credit for responses that are partially correct?
A. For some questions, you can receive partial credit for partially correct responses. |
|
Q. Some questions look like they could have more than one correct solution.
A. Some questions do have more than one correct solution. On an actual exam with these item types, you would receive full credit for choosing any response that is correct. On this demo, responses are not scored. |
|
Q. Are points deducted for incorrect answers?
A. If you were taking an actual exam with these item types, within some questions, you would be penalized for incorrect answer choices. Any penalty you receive for one question would not affect any other question. The lowest score you could receive for any question is 0. On this demo, responses are not |
|