Windows Server 2008 Security Infrastructure: Hands-On

Frequently Asked Questions

What is this course about? This course provides an in-depth look at securing an enterprise built using Windows Server 2008. However, rather than focusing on the security configuration of any one server, this course approaches security from the top down. The technologies we employ and the policies we develop are applied to all servers and workstations in the enterprise. Our approach is very "real-world" and we implement every key technology in a series of hands-on exercises. Who will benefit from this course? This course is useful for anyone who designs, implements, or supports network security in a Windows Server 2008 environment. Typical job title and responsibilities include: System administrators responsible for network security System administrators who deploy, configure, and maintain key infrastructure servers System administrators who design and implement security-related Group Policies Information security personnel Information system security analysts and auditors who certify and accredit information systems Key managers needing an in-depth understanding of available enterprise security technologies. Generally, members of help desk teams primarily concerned with desktop deployment and configuration will not possess the administrative authority to implement the policies and server roles discussed in this class. We haven't installed any Windows Server 2008 servers yet. Why should I take this course now? Several of the technologies we implement have been available in Windows servers for some time: certificate services, multi-factor authentication, Encrypting File System, and IPsec are a few examples we explore in the course. However, many organizations have not yet fully realized the potential security benefits these technologies can provide. We show you how your overall security posture can be improved using the current version of Windows servers you have deployed. In addition, you are prepared for a "fast track" implementation of some exciting but complex new security features of Windows Server 2008, such as Network Access Protection, as soon as you begin upgrading your key infrastructure servers. How is this course different from Course 599: Securing Windows Server 2003: Hands-On? This course complements rather than replaces Course 599, Securing Windows Server® 2003: Hands-On. While there is some overlap of topics - Public Key Infrastructure, for example - Course 599 focuses on locking down individual servers based on server roles. By contrast, this course is primarily concerned with securing the enterprise with policies and tools that apply to all networked workstations and servers. Course 964 addresses the need to understand what the new tools and technologies do and how to implement them. Will I learn about firewalls? We acknowledge the critical role played by network firewalls; however, we do not install or configure firewalls in this course. Course Course 941, Controlling Network Access: Hands-On, is a complementary course that provides a solid understanding of firewall installation and configuration. Will I learn how to lock down servers? Locking down individual servers is a critical component of any comprehensive security strategy. Only a few years ago, there was no generally accepted guidance on what a secure server looked like or how to economically and consistently configure large numbers of servers. Recently, however, tools like the Security Configuration Wizard have largely automated the process of securing individual servers based on their role in the enterprise. Now the emphasis has shifted to securing the enterprise with policies and tools that apply to both workstations and servers. This course addresses the need to understand what the new tools and technologies do and how to implement them. If you are primarily interested in learning how to perform such administrative tasks as setting permissions, managing group membership, controlling services, etc., please consider taking Course 961, Windows Server® 2008 Administration: Hands-On. If you are seeking expert knowledge of securing specific server roles, such as Exchange or Internet Information Server (IIS), please consider Learning Tree's excellent course offerings on those products: Course 981, Securing Exchange Server 2007: Hands-On, and Course 966, Internet Information Services 7 for Windows Server® 2008: Hands-On. Will I learn how to perform enterprise patch management? While the course includes an implementation of patch management (Windows Server Update Services, WSUS), the patch management process is not addressed in a comprehensive way. If you are responsible for enterprise patch management, please consider Course 961, Windows Server® 2008 Administration: Hands-On. What background do I need? To derive maximum benefit from this course you need knowledge and experience at the level of Course 960, Windows Server® 2008: A Comprehensive Hands-On Introduction, or equivalent Windows Server 2003 experience. For example, you should be able to: Perform basic administrative functions using Microsoft Management Consoles (MMCs) including Computer Management, and Active Directory Users and Computers (ADUC) Create, edit, and link policies using the Group Policy Management Console Understand and configure TCP/IP settings including machine IP addresses, subnet masks, DNS, and gateways Understand and configure infrastructure servers including DNS and DHCP Understand key Active Directory concepts, including domains, sites and OUs How much time is spent on each topic? Content Hours Enterprise security infrastructure 2.0 Building a Public Key Infrastructure (PKI) 4.5 Leveraging multi-factor authentication 4.5 Deploying a scalable data protection model 4.5 Implementing network access protection 4.5 Applying domain and server isolation 3.0 Times, including the workshops, are estimates; exact times may vary according to the needs of each class. How much time is devoted to hands-on exercises? This course has extensive hands-on exercises in which you implement and test the concepts you have learned. More than one-third of class hours are spent doing hands-on exercises. I have Unix and Linux servers in my enterprise. Will this course be of value? Many of the technologies discussed and implemented in the course are based on industry standards such as IPsec, Kerberos and X.509v3 certificates. Other technologies such as smart cards and biometric devices work with most operating systems, and the underlying security principles of confidentiality, integrity, authenticity, and availability are universally applicable. Only a few of the tools we employ are unique to Microsoft operating systems; examples include the Encrypting File System (EFS) and BitLocker. Why should I take this course instead of one offered by Microsoft? Learning Tree is dedicated to accelerating the careers of our clients by providing world-class technology and management training. Our vendor independence allows us to give an unbiased view of what works and what doesn't work. Learning Tree courses are objective in their approach, and are developed independently from Microsoft by industry experts based on real-world experience. I am a security auditor, not an administrator. Will I find this course useful? If the scope of your audits include network security, this course is particularly valuable. For example, every major topic includes a discussion of industry standards and best practices. By combining a detailed understanding of the tools and techniques with industry standards and organizational policy, you will be well prepared to assess your organization's security posture. I have overall responsibility for securing and/or operating the network, but I don't do day-to-day hands-on administration. Will the course be valuable? You benefit from a clear understanding of the capabilities, limitations, and complexities of the key security technologies discussed in the course. You are also likely to be interested in the discussions of industry standards and best practices, while the hands-on exercises give you an appreciation for the challenges of correctly implementing enterprise security. Finally, a variety of case studies employing real-world scenarios enhance your understanding of how to most appropriately use many of the security tools at your disposal. My organization is more of a mid-size business than an "enterprise". Are the techniques discussed in this course applicable to my organization? "Enterprises" come in many shapes and sizes. Enterprises may include corporations, non-profits, government organizations, or schools. Enterprises are distinguished by servers having unique roles (Domain Controllers, DNS servers, file servers, print servers) as opposed to high levels of server consolidation by multiple physical locations. Enterprises generally have IT departments with full-time staff and some degree of specialization (help desk, system administrators, network specialists). Most mid-size businesses meet or exceed these criteria. Additionally, the solutions provided in this course are scalable. As your organization grows, the security solutions grow as well but otherwise remain unchanged. How does this course relate to other Learning Tree courses? Learning Tree offers a number of courses that will help you expand upon the knowledge gained in this course and further your skills in several key areas. Those courses include: 961, Windows Server® 2008 Administration: Hands-On  963, Windows Server® 2008 Group Policy Management: Hands-On  962, Windows Server® 2008 Active Directory Domain Services: Hands-On  941, Controlling Network Access: Hands-On  420, Securing Wireless Networks: Hands-On  433, UNIX® and Linux® Security: Hands-On  969, Windows PowerShell™ Hands-On: Automating Administrative Tasks  558, Automating Windows® Administration with VBScript

Windows Server is a registered trademark of Microsoft Corporation.