1-800-THE-TREE (1-800-843-8733)

Windows Server 2008 Security Infrastructure: Hands-On

Course: 964 Type: Hands-On Training Duration: 4 Days

You Will Learn How To

Apply Windows Server 2008 features to secure your infrastructure
Deploy a Windows-based Public Key Infrastructure (PKI) as a foundation for security services
Enhance access controls with policy-based multifactor authentication
Build a scalable encryption solution that assures recovery of protected data
Install and configure Network Access Protection (NAP) to exclude unhealthy computers
Implement Domain Isolation to decrease network risk for sensitive servers

Course Benefits

Securing the network infrastructure has become a top priority and a major technical challenge for most organizations. Windows Server 2008 provides powerful and complex technologies for decreasing network risk and improving policy compliance. This course provides you with the knowledge and skills necessary to correctly implement these solutions.

Who Should Attend

IT professionals responsible for securing a Windows-based network infrastructure. Knowledge at the level of Course 960, "Windows Server 2008 Comprehensive Introduction," or practical experience configuring and managing Windows Server 2003, is assumed.

Hands-On Training

Extensive hands-on exercises provide practical experience designing and implementing a secure network infrastructure. Exercises include:

Deploying Certificate Servers to provide key escrow and Key Recovery Agents
Implementing policy-based, multifactor authentication
Restoring encrypted data with Data Recovery Agents and supporting policies
Configuring NAP to quarantine unhealthy computers
Remediating quarantined clients to allow full network access
Building a Domain Isolation solution to restrict access to sensitive servers

Course 964 Content

Enterprise Security Infrastructure

Introduction to layered security

Identifying key features of a secure infrastructure
Distinguishing between enterprise and host-based security

Assessing security technologies

Applying Windows Server 2008 enhancements
Leveraging Windows Server 2008 server roles

Building a Public Key Infrastructure (PKI)

PKI fundamentals

Identifying security services provided by a PKI
Mining key business benefits of certificate services
Implementing public key encryption

Managing certificates

Creating and responding to certificate requests
Controlling certificate issuance with permissions
Securing web-based enrollment with HTTPS
Revoking compromised keys
Publishing a Certificate Revocation List (CRL)

Storing, archiving and recovering keys

Exporting certificates and private keys
Deploying Key Recovery Agent accounts
Maintaining secure key escrow
Providing secure storage for private keys

Leveraging MultiFactor Authentication

Extending authentication solutions

Installing domain support for multifactor authentication
Testing Kerberos with smart cards and biometrics

Authenticating with smart cards and tokens

Configuring smart card enrollment stations
Issuing smart card user certificates
Implementing a Certificate Hold on misplaced tokens
Rolling out domain-wide smart card user and computer policies

Credentialing with biometrics

Surveying available biometric technologies
Applying biometric authentication in the enterprise
Accommodating false negatives and minimizing false positives
Controlling access to exemplar databases
Auditing biometric user enrollment

Deploying a Scalable Data Protection Model

Identifying confidentiality solutions

Specifying information security requirements
Analyzing data protection technologies
Matching native solutions to enterprise requirements

Implementing EFS in the enterprise

Invoking Group Policy to control encryption
Assuring data access with Recovery Agents
Recovering lost or damaged keys from escrow
Selecting approved encryption algorithms in regulatory environments

Assuring BitLocker Data Recovery

Analyzing the business case
Planning enterprise BitLocker deployments
Compensating for EFS vulnerabilities
Maximizing data recovery in the event of BitLocker key loss

Implementing Network Access Protection

Maintaining network integrity with NAP

Integrating health-based decisions with enterprise security
Tailoring access policies for managed and unmanaged clients
Controlling access from inside and outside machines

Verifying client health compliance

Defining comprehensive client compliance policies
Authenticating health claims with the System Health Validator (SHV)
Remediating and ensuring ongoing compliance

Enforcing network access restrictions

Configuring NAP server components
Limiting network access to conformant machines using DHCP and VPN Quarantine Enforcement Clients (QEC)

Applying Domain and Server Isolation

Isolating high-value servers

Protecting intellectual property and personal privacy
Segregating servers with highly sensitive data

Securing Domain Access with IPsec

Calculating segmentation requirements
Building domain isolation on AD and Group Policy
Configuring exception servers for unmanaged computers
Maximizing security while minimizing user impact

Related Courses

Windows is a registered trademark of Microsoft Corporation.

Course Description

Save as much as $2,350 on a Triple-Pack!

Enter online today to win one FREE Learning Tree Course per year for life plus a FREE Course for your Colleague!

Windows Server 2008 Security Infrastructure: Hands-On

Upcoming Dates

Jul 8 - 11, 2008
Washington, DC (Rockville, MD)

Jul 22 - 25, 2008
Los Angeles

Jul 29 - Aug 1, 2008
New York

Aug 26 - 29, 2008
Washington, DC (Reston, VA)

Sep 2 - 5, 2008
Washington, DC (Alexandria, VA)

Sep 9 - 12, 2008
Ottawa

Sep 16 - 19, 2008
Chicago (Schaumburg)

Sep 23 - 26, 2008
Toronto

Oct 14 - 17, 2008
Washington, DC (Rockville, MD)

Oct 21 - 24, 2008
Los Angeles

Course Tuition

$ 2,650	Standard Tuition
Tuition with a Savings Plan
$ 1,660	10-Day Pass
$ 1,665	Training Passport
$ 1,830	Flex-Pass
$ 2,095	Voucher 10-Pack
$ 2,385	Alumni Gold Discount
$ 2,360	Government Discount

Participants recovering from the loss of BitLocker keys.

Customer Service or Enroll: 1-800-843-8733