Windows Server 2003 Active Directory and Security Design
Duration: 5 Days | Price: Contact a Career Consultant for pricing
Students Will Learn:
- Network Security
- Wireless Networking
- DNS and WINS
- Certificate Services
- Internet Information Server
- Remote Access
- Domains, Trees, and Forests
- Group Policy
- Active Directory Maintenance and Troubleshooting
- Design and Planning
Description: This hands on course will allow the students to make strategic decisions about planning and securing a Windows 2003 network infrastructure in an enterprise environment. It provides support professionals with the skills necessary to effectively design, install, and support a variety of network services, security measures and protocols needed in a managed network. Included in the content of this course are Certificate Services, wireless networking, DNS and WINS name resolution services, encryption, routing, Web services, group policy and firewall implementation. In addition, software and desktop deployment with Group Policy and the firewall and caching services of ISA Server 2004 are introduced. On completion, students will fully understand design, implementation, security, maintenance, and recovery of a Microsoft Active Directory network.
Prerequisites: Completion of Windows Server 2003 and XP System Administration course or equivalent knowledge.
Windows Server 2003 Active Directory and Security Design Course Overview:
Remote Access
- Dial-up Access
- Virtual Private Networks
- Authentication Protocols
- Tunnels
- Securing Remote Access
- Remote Access Policies
- Point to Point Tunneling Protocol (PPTP)
- Layer 2 Tunneling Protocol (L2TP)
- Demand-Dial
- PAP, CHAP, EAP, SPAP, MS-CHAP
- Configuring RRAS to use RADIUS
- Internet Authentication Service (IAS)
|
|
Security Threats
- Sniffers and Probes
- Buffer Overrun
- Viruses, Trojans, Back Doors
- Social Engineering
|
NetBIOS
- NetBIOS Names
- Broadcasts
- LMHOSTS
|
|
Connecting to the Internet
- Choosing a Connection
- Firewalls
- Performance Issues
|
IP Routing
- Static Routing
- Dynamic Routing
- RIP
- OSPF
- Routing and Remote Access Service
|
|
IPSec
- Planning Policies
- Securing Communication
- Authentication Headers (AH)
- Encapsulating Security Payload (ESP)
- Configuring Authentication and Encryption
- Troubleshooting IPSec Implementations
- Monitoring Security
|
Security Templates
- Using Built-In Templates
- Applying Templates
- Configuring Audit Policies
- Configuring User Rights Assignment
- Configuring security Options
- Troubleshooting Security Templates
|
|
Authentication
- Trust Relationships
- Authentication Protocols
- Web Users
- Delegating Authentication
- NTLM Authentication
- Kerberos Authentication/Security Policy
|
Wireless Security
- Windows Backup Utility
- Safe Mode Set Up
- Advanced System Recovery
- Repair Command Console
|
|
The Registry
- Planning Authentication
- Integrating 802.11 into a Network
- WEP vs WPA
- Securing Wireless Transmissions
- Implementing Encryption and Authentication
- Deploying Wireless Access to Clients
|
Network Security
- IP Security Monitor
- Kerberos Support Tools
- Event Viewer
- Network Monitor
|
|
ISA Server 2004
- ISA Server Architecture
- ISA Server Installation
- ISA Server Configuration
- ISA Administration and Management
- Client Configuration and Access
- ISA as a VPN Server
- Performance and Optimization
- Troubleshooting ISA Server
|
Certificate Services
- Certificate Authorities
- Renewals
- Certificate Templates
- Certificate Revocation Lists (CRLs)
- Archival and Recovery of Keys
- Deploying Certificates
- Revoking Certificates
- CA Maintenance
|
|
Routing and Remote Access
- User Authentication
- Authentication Protocols
- Internet Authentication Service (IAS)
- Remote Access Policies
- Packet Filters
- Routing Protocols
- VPN
- Demand-Dial Routing
|
Designing An Active Directory Infrastructure
- Active Directory in an Enterprise Network
- Conducting Organizational Analysis
- Architectural Overview of Active Directory
|
|
Windows Internet Name Service (WINS)
- Setting up a WINS Server
- Setting up a WINS Client
- WINS Manager
- The WINS Database
- WINS Replication
- Backing up the WINS Database
- Integrating WINS and DNS
- Win2003 WINS Server Installation
|
Active Directory Structural Design
- Design, Planning and Implementation of a DNS Naming Strategy
- Active Directory Domain Planning
- Design, Planning and Implementation of Trees and Forests
- Planning a Domain Controller and Global Catalog Strategy
- Trust Relationships
- Design, Planning and Implementation of OU's
- Basic Kerberos and LDAP
- Application Partitions
|
|
Active Directory Topological Design
- Sites, Site Links, Site Link Bridges, Connectors and Subnets
- Understanding the Active Directory Topology and Structure
- Replication
- Update Sequence Numbers (USN)
|
Managing Operations Masters
- Understanding and Planning Operations Masters
- Troubleshooting Operations Masters
- Transferring and Seizing Roles
|
|
Active Directory Schema
- Defining the Active Directory Schema
- Administering the Active Directory Schema
- Schema Modification
- Object Classes and Attributes
- Deactivating Schema Objects
|
Implementing Active Directory
- Dcpromo
- Migrating from NT4 Domains
- Migrating from Windows 2000 Active Directory
- Utilities to assist in the Implementation of Active Directory
- Migration Tools
- Adding domain controllers
|
|
Active Directory Maintenance
- Domain Operating Modes
- Operations Master Roles
- FSMO Maintenance
- How Active Directory Stores System Data
- Performance Monitoring of Active Directory
- Backup and Restoration of Active Directory
- Performance Tuning
- Directory Modification Tools
- Global Catalog Server
- Searching the Global Catalog
- Adding Global Catalog Servers
|
Group Policy
- Planning Policies
- Group Policy vs. Local Computer Policy
- Desktop Restrictions
- Software Deployment
- Combining Policies
- Editing Policies
- GPO Link
- Group Policy Objects (GPOs)
- Default Inheritance and Precedence
- GPupdate, GPresult, FAZAM, RSoP
- Group Policy Management Console
|
|
Integrating Applications with Active Directory
- AD-Aware Applications
- Preparing the Directory
- Post-Integration Tasks
|
Domain Name Service (DNS)
- DNS Introduction
- DNS Components
- Domain Name Space
- Name Servers
- Resolving a DNS Query
- Planning DNS
- Installing Microsoft DNS Server
- HOSTS
- Win2003 DNS Server Installation
- Dynamic DNS
- Integration with Active Directory
- Active Directory Required Components
|
|
Active Directory Security
- DNS and Active Directory
- Object ACL and Permissions
- Delegating Management in an OU
- Certificates
|
Student Testimonials
"Material was well prepared, concepts were well taught throughout the course and enforced with in-depth discussion and lab. One of the better taught technical classes taken."
– A.M, New Mexico Department of Labor
"Excellent course, very comprehensive in the topics covered. Instructor
was very knowledgeable about concepts of course. Wouldn’t hesitate to
take another course from HOTT!"
– D.F., Aurora College: Aurora Research Institute
"This past week has been a very positive training experience for me. The instructor is exceptional and has a very effective teaching style. I learned a lot from him this week and plan on attending HOTT courses based on this experience in the future."
– J.B., FCHS
„Ausgezeichneter Kurs, in dem kein relevantes Thema fehlte. Der Kursleiter
verfügte über hervorragende Fachkenntnisse. Ich würde sofort wieder
einen Kurs bei HOTT belegen.“
– D. F., Aurora College: Aurora Research Institute
„In der vergangenen Woche habe ich eine sehr positive Lernerfahrung gemacht. Der Kursleiter ist hervorragend und vermittelt den Lehrstoff sehr effektiv. Ich habe in dieser Woche viel von ihm gelernt, und nach dieser Erfahrung werde ich bestimmt wieder an HOTT-Kursen teilnehmen.“
– J.B., FCHS
