- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Learn how to implement security services for a Windows? 2000 network-and prepare for the Microsoft? Certified Professional (MCP) Exam-with this official Microsoft study guide. Work at your own pace through the lessons and hands-on exercises. And use the testing tool on CD to measure what you know and where to focus your studies-before taking the actual exam. As you develop the real-world expertise needed to help manage network security, you're also preparing for MCP Exam 70-214-an elective for MCSA or MCSE certification. BUILD THE SKILLS TO: Help secure client computers with file system permissions, Group Policy, and other baseline security measures Configure IPSec and SSL to help protect communication channels for both private and public servers Manage user and network authentication, certificates, and public key encryption Implement security measures for RAS, VPNs, and wireless networks Help protect Microsoft Internet Information Services, Microsoft Exchange Server, and Microsoft SQL Server (TM) from unauthorized access Maintain software integrity with service packs, security updates, and hot fixes Monitor events, detect network intrusions, and implement prevention and recovery measures YOUR KIT INCLUDES: Comprehensive self-paced study guide that maps to MCP exam goals and objectives Learn-by-doing exercises for skills you can apply to the job Lesson summaries and review questions, including a complete Q&A summary Testing tool that generates realistic practice exams with automated scoring and explanations for both correct and incorrect answers 120-day evaluation version of Windows 2000 Server Fully searchable eBook version of the study guide For customers who purchase an ebook version of this title, instructions for downloading the CD files can be found in the ebook.
Contents
Book xv CHAPTER 1 Group Policy 1 About This Chapter 1 Before You Begin 2 Lesson 1: Active Directory and Group Policy 3 Understanding Active Directory Structures 3 Practice: Designing an Active Directory Hierarchy 5 Lesson Review 7 Lesson Summary 7 Lesson 2: Configuring Group Policy 8 Understanding Group Policy 8 Managing Group Policy 13 Practice: Managing Group Policy 16 Lesson Review 26 Lesson Summary 26 Lesson 3: Configuring Client Computer Security Policy 27 Using Client-Side Group Policy Configuration 27 Configuring Group Policy by Type of Worker 28 Configuring Internet Explorer Using Group Policy 29 Practice: Configuring Group Policy for Clients 31 Lesson Review 43 Lesson Summary 44 Lesson 4: Troubleshooting Group Policy Application 45 Understanding Typical Group Policy Application Problems 45 Understanding Windows NT 4 Domain Migration Issues 47 Anticipating Problems Relating to Windows NT 4 Trust Relationships 48 Practice: Troubleshooting the Application of Group Policy 48 Lesson Review 51 Lesson Summary 51 Lesson 5: Security Limitations 52 Understanding the Role of Group Policy in Network Security 52 Practice: Circumventing the Security Limitations of Group Policy 53 Lesson Review 55 Lesson Summary 55 CHAPTER 2 User Accounts and Security Groups 57 About This Chapter 57 Before You Begin 58 Lesson 1: Creating Local User Accounts and Security Groups 59 Managing User Accounts 59 Managing Security Groups 62 Authenticating a User on a Local Computer 64 Practice: Creating User Accounts and Security Groups 69 Lesson Review 72 Lesson Summary 73 Lesson 2: Working with Active Directory Domain Accounts and Security Groups 74 Working with Domains 74 Authenticating Domain User Accounts 75 Using Domain Security Groups Effectively 81 Practice: Creating User Accounts and Security Groups 85 Lesson Review 89 Lesson Summary 90 CHAPTER 3 Restricting Accounts, Users, and Groups 91 About This Chapter 91 Before You Begin 92 Lesson 1: Understanding Account Policies 93 Applying Account Policies 93 What Are the Account Policy Settings? 94 Practice: Configuring Account Policies 100 Lesson Review 103 Lesson Summary 103 Lesson 2: Managing User Rights 104 Assigning User Rights 104 Practice: Modifying User Rights 105 Lesson Review 108 Lesson Summary 108 Lesson 3: Controlling Access Through Restricted Groups 109 Applying Restricted Group Settings 109 Practice: Creating a Restricted Group 110 Lesson Review 112 Lesson Summary 112 Lesson 4: Administering Security Templates 113 Understanding the Purpose of Security Templates 114 Why Use Predefined Security Templates? 115 Managing Security Templates 116 Practice: Managing Security Templates 118 Lesson Review 129 Lesson Summary 130 CHAPTER 4 Account-Based Security 131 About This Chapter 131 Before You Begin 132 Lesson 1: Managing File System Permissions 133 Managing Permissions-Based Security 133 Establishing Permissions Best Practices 140 Troubleshooting Permissions Problems 142 Practice: Securing Files and Folders 144 Lesson Review 151 Lesson Summary 151 Lesson 2: Implementing Share Service Security 153 Understanding Share Security 153 Managing Shares and Share Security 155 Share Security Best Practices 156 Practice: Applying Shares and Share Permissions 156 Lesson Review 160 Lesson Summary 160 Lesson 3: Using Audit Policies 161 Which Security Mechanisms Are Used in Auditing? 161 Managing Auditing 163 Practice: Enabling Auditing 165 Lesson Review 170 Lesson Summary 171 Lesson 4: Including Registry Security 172 Why Use Registry Security? 172 Editing the Registry 173 Practice: Exploring the Registry 174 Lesson Review 176 Lesson Summary 176 CHAPTER 5 Certificate Authorities 177 About This Chapter 177 Before You Begin 177 Lesson 1: Understanding Certificates 178 How Encryption Works 178 Verifying Identities with Digital Signatures 180 Combining Encryption and Certificates 181 Lesson Review 187 Lesson Summary 188 Lesson 2: Installing Windows 2000 Certificate Services 189 Installing Certificate Authorities 189 Best Practices 194 Practice: Establishing a CA Hierarchy 195 Lesson Review 201 Lesson Summary 201 Lesson 3: Maintaining Certificate Authorities 202 Revoking Certificates 202 Issuing Certificates 203 Backing Up and Restoring CAs 203 Practice: Managing CAs 206 Lesson Review 211 Lesson Summary 211 CHAPTER 6 Managing a Public Key Infrastructure 213 About This Chapter 213 Before You Begin 213 Lesson 1: Working with Computer Certificates 214 Understanding the Purpose of Computer Certificates 214 Identifying How a Certificate Is Used 214 Using Certificate Templates 215 Deploying Computer Certificates 216 Practice: Using Two Methods to Deploy Computer Certificates 218 Lesson Review 223 Lesson Summary 223 Lesson 2: Deploying User Certificates 224 Deploying Certificates to Users 224 Moving Certificates 227 Practice: Deploying and Moving Certificates 229 Lesson Review 235 Lesson Summary 236 Lesson 3: Using Smart Card Certificates 237 Using Smart Cards 237 Issuing Smart Cards 239 Modifying the Smart Card Removal Behavior Policy 241 Troubleshooting Smart Card Enrollment 243 Practice: Deploying a Smart Card 244 Lesson Review 251 Lesson Summary 252 Lesson 4: Deploying S/MIME Certificates 253 How S/MIME Certificates Are Used 253 Troubleshooting S/MIME Deployment 254 Practice: Sending Digitally Signed Email 254 Lesson Review 258 Lesson Summary 258 CHAPTER 7 Increasing Authentication Security 259 About This Chapter 259 Before You Begin 259 Lesson 1: Supporting Earlier Versions of Windows Clients 260 Authentication Basics 260 Windows 2000 Network Authentication 261 Creating a Secure Environment 263 Practice: Enabling a Secure Mixed-Client Environment 264 Lesson Review 268 Lesson Summary 268 Lesson 2: Supporting Macintosh Clients 269 Supporting Macintosh Computers Securely 269 Practice: Enabling Macintosh Clients to Access Windows 2000 Servers 270 Lesson Review 277 Lesson Summary 278 Lesson 3: Trust Relationships 279 Understanding Trust Relationships 279 Managing External Trust Relationships 280 Practice: Creating an External Trust Relationship 280 Lesson Review 284 Lesson Summary 285 CHAPTER 8 IP Security 287 About This Chapter 287 Before You Begin 288 Lesson 1: Configuring IPSec Within a Domain 289 Understanding the IPSec Basics 289 IPSec in Windows 2000 291 Distributing IKE Secret Keys 292 IPSec Within a Private Network 292 Determining IP Security Method by Server Role 292 Practice: Enabling IPSec Between Domain Members 294 Lesson Review 301 Lesson Summary 302 Lesson 2: Configuring IPSec Between Untrusted Networks 303 Providing a Secret Key 303 What Are the IPSec Exceptions? 305 Practice: Creating a Simple Encrypted Tunnel Between Domains 305 Lesson Review 319 Lesson Summary 319 Lesson 3: Configuring IPSec on Internet Servers 320 Using Certificates to Distribute IPSec Secret Keys 320 Practice: Using Certificates to Exchange IKE Secret Keys 321 Lesson Review 329 Lesson Summary 329 Lesson 4: Troubleshooting IPSec Configuration 330 Why IPSec Might Fail 330 Practice: Troubleshooting IPSec Communications 333 Lesson Review 336 Lesson Summary 336 CHAPTER 9 Remote Access and VPN 339 About This Chapter 339 Before You Begin 340 Lesson 1: Securing RRAS Servers 341 Understanding RRAS Security 341 Configuring a New RRAS Server 344 Managing RRAS Security Options 345 Practice: Securing RRAS Servers 346 Lesson Review 350 Lesson Summary 351 Lesson 2: Managing RRAS Authentication 352 Configuring Windows RRAS Authentication 352 Using RADIUS and IAS 353 Configuring RADIUS Authentication 355 Practice: Configuring RRAS Authentication and an IAS Server 355 Lesson Review 363 Lesson Summary 364 Lesson 3: Securing Remote Clients 365 Managing Remote Access Policy 365 Using the Connection Manager Administration Kit 368 Using Connection Manager 370 Practice: Securing Remote Clients 371 Lesson Review 380 Lesson Summary 380 Lesson 4: Securing Communications Using a VPN 381 Understanding Virtual Private Networks 381 Configuring VPN Protocols 382 Practice: Configuring and Troubleshooting VPN Protocols 383 Lesson Review 395 Lesson Summary 396 CHAPTER 10 Wireless Security 397 About This Chapter 397 Before You Begin 398 Lesson 1: Setting Up a Wireless Network 399 Understanding Wireless Technology 399 Practice: Connecting a WAP and Client to the Network 402 Lesson Review 408 Lesson Summary 408 Lesson 2: Securing Wireless Networks 409 Understanding Wired Equivalent Privacy 409 Practice: Establishing WEP Encryption 411 Lesson Review 416 Lesson Summary 417 Lesson 3: Configuring Clients for Wireless Security 418 Ensuring Secure Access 418 Practice: Configuring Your Network for 802.1x Authentication 422 Lesson Review 436 Lesson Summary 436 CHAPTER 11 Public Application Server Security 437 About This Chapter 437 Before You Begin 438 Lesson 1: Providing Internet Security 439 Understanding the Requirements for Internet Security 439 What Is the Threat? 440 Securing Public Services 442 Establishing Firewall Security 443 What Are the Types of Firewall? 446 Using ISA Server 448 Practice: Configuring a Firewall 449 Lesson Review 455 Lesson Summary 456 Lesson 2: Configuring Microsoft SQL Server for Internet Security 457 Protecting Public Database Servers 457 Practice: Establishing SQL Server Security for the Internet 459 Lesson Review 467 Lesson Summary 467 Lesson 3: Securing Microsoft Exchange Server for the Internet 468 Exploiting Open Relays 469 Properly Protecting an Exchange Server 469 Securing Credentials with SSL 470 Practice: Securing Microsoft Exchange for the Internet 471 Lesson Review 482 Lesson Summary 483 CHAPTER 12 Web Service Security 485 About This Chapter 485 Before You Begin 486 Lesson 1: Securing Public Web Servers 487 Understanding Internet Information Services 487 Implementing IIS Security 488 Practice: Configuring IIS Security 491 Lesson Review 494 Lesson Summary 494 Lesson 2: Web Authentication 495 Understanding Web Authentication 495 Configuring Web Authentication 498 Practice: Selecting Authentication Methods 499 Lesson Review 503 Lesson Summary 504 Lesson 3: Using Secure Sockets Layer 505 Understanding SSL 505 Obtaining and Installing SSL Certificates 505 Managing Server Certificates 507 Authenticating Clients 508 Practice: Using SSL 510 Lesson Review 527 Lesson Summary 528 CHAPTER 13 Intrusion Detection and Event Monitoring 529 About This Chapter 529 Before You Begin 529 Lesson 1: Establishing Intrusion Detection for Public Servers 530 Common Network Intrusions 530 Detecting Network Intrusions 531 Using a Decoy Server 533 Performing Event Analysis and Preserving Evidence 538 Practice: Detecting Intruders 538 Lesson Review 544 Lesson Summary 544 Lesson 2: Event Monitoring in the Private Network 545 Establishing Intrusion Detection in Private Networks 545 Preserving the Evidence 548 Searching Audit Logs with EventComb 549 Practice: Managing Event Logs 550 Lesson Review 554 Lesson Summary 554 CHAPTER 14 Software Maintenance 555 About This Chapter 555 Before You Begin 555 Lesson 1: Working with Service Packs and Hotfixes 556 Understanding Service Packs and Hotfixes 556 Managing Service Packs and Hotfixes 557 Slipstreaming Service Packs and Hotfixes 559 Working with Remote Installation Services 560 Practice: Managing Service Packs and Hotfixes 561 Lesson Review 571 Lesson Summary 572 Lesson 2: Automating Updates with Microsoft Software Update Services 573 Using Windows Update 573 Using Automatic Updates 575 Installing and Configuring Software Update Services 576 Practice: Using Software Update Services 578 Lesson Review 590 Lesson Summary 591 Lesson 3: Deploying Updates in the Enterprise 592 Using Group Policy to Deploy Software592 Installing Multiple Hotfixes 593 Using Tools for Security Management 594 Practice: Deploying Multiple Hotfixes in the Enterprise 596 Lesson Review 599 Lesson Summary 599 APPENDIX Questions and Answers 601 GLOSSARY 625 INDEX 635
