• Unit 1, Providing Secure Access to Local Network Users
• Unit 2, Providing Secure Access to Remote Users and Remote Offices
• Unit 3, Providing Secure Access Between Private and Public Networks
• Unit 4, Providing Secure Access to Partners

OR

OR

• Equivalent knowledge

Module 1: Assessing Security Risks

Identifying Risks to Data
Identifying Risks to Services
Identifying Potential Threats
Introducing Common Security Standards
Planning Network Security

Module 2: Introducing Windows 2000 Security

Introducing Security Features in Active Directory
Authenticating User Accounts
Securing Access to Resources
Introducing Encryption Technologies
Encrypting Stored and Transmitted Data
Introducing Public Key Infrastructure Technology

Module 3: Planning Administrative Access

Determining the Appropriate Administrative Model
Designing Administrative Group Strategies
Planning Local Administrative Access
Planning Remote Administrative Access

Module 4: Planning User Accounts

Designing Account Policies and Group Policy
Planning Account Creation and Location
Planning Delegation of Authority
Auditing User Account Actions

Module 5: Securing Windows 2000–Based Computers

Planning Physical Security for Windows 2000–based Computers
Evaluating Security Requirements
Designing Security Configuration Templates
Evaluating Security Configuration
Deploying Security Configuration Templates

Module 6: Securing File and Print Resources

Examining Windows 2000 File System Security
Protecting Resources Using DACLs
Encrypting Data Using EFS
Auditing Resource Access
Securing Backup and Restore Procedures
Protecting Data from Viruses

Module 7: Securing Communication Channels

Assessing Network Data Visibility Risks
Designing Application-Layer Security
Designing IP-Layer Security
Deploying Network Traffic Encryption

Module 8: Providing Secure Access to Non-Microsoft Clients

Providing Secure Network Access to UNIX Clients
Providing Secure Network Access to NetWare Clients
Providing Secure Access to Macintosh Clients
Securing Network Services in a Heterogeneous Network
Monitoring for Security Breaches

Module 9: Providing Secure Access to Remote Users

Identifying the Risks of Providing Remote Access
Designing Security for Dial-Up Connections
Designing Security for VPN Connections
Centralizing Remote Access Security Settings

Module 10: Providing Secure Access to Remote Offices

Defining Private and Public Networks
Securing Connections Using Routers
Securing VPN Connections Between Remote Offices
Identifying Security Requirements

Module 11: Providing Secure Network Access to Internet Users

Identifying Potential Risks from the Internet
Using Firewalls to Protect Network Resources
Using Screened Subnets to Protect Network Resources
Securing Public Access to a Screened Subnet

Module 12: Providing Secure Internet Access to Network Users

Protecting Internal Network Resources
Planning Internet Usage Policies
Managing Internet Access Through Proxy Server Configuration
Managing Internet Access Through Client-Side Configuration

Module 13: Extending the Network to Partner Organizations

Providing Access to Partner Organizations
Securing Applications Used by Partners
Securing Connections Used by Remote Partners
Structuring Active Directory to Manage Partner Accounts
Authenticating Partners from Trusted Domains

Module 14: Designing a Public Key Infrastructure

Introducing a Public Key Infrastructure
Using Certificates
Examining the Certificate Life Cycle
Choosing a Certification Authority
Planning a Certification Authority Hierarchy
Mapping Certificates to User Accounts
Managing CA Maintenance Strategies

Module 15: Developing a Security Plan

Designing a Security Plan
Defining Security Requirements
Maintaining the Security Plan