Knowledge United

Introduction:

This three-day, instructor-led course provides you with the knowledge and skills to design a secure network infrastructure. Topics include assembling the design team, modeling threats, and analyzing security risks in order to meet business requirements for securing computers in a networked environment. The course encourages decision-making skills through an interactive tool that simulates real-life scenarios that the target audience may encounter. You are given the task of collecting the information and sorting through the details to resolve the given security requirement.

• This course is intended for IT systems engineers and security specialists who are responsible for establishing security policies and procedures for an organization. Students should have one to three years of experience designing related business solutions.

At Course Completion:

After completing this course, you will be able to:

• Plan a framework for network security.
• Identify threats to network security.
• Analyze security risks.
• Design security for physical resources.
• Design security for computers.
• Design security for accounts.
• Design security for authentication.
• Design security for data.
• Design security for data transmission.
• Design security for network perimeters.
• Design an incident response procedure.

In addition, this course contains three teachable appendices that cover:

• Designing an acceptable use policy.
• Designing policies for managing networks.
• Designing an operations framework for managing security.

Prerequisites:

Before attending this course, students must have:

• A strong familiarity with Microsoft Windows® 2000 core technologies, such as those covered in Microsoft Official Curriculum (MOC) Course MS-2152, Implementing Microsoft Windows 2000 Professional and Server.
• A strong familiarity with Windows 2000 networking technologies and implementation, such as those covered in MOC Course MS-2153, Implementing a Microsoft Windows 2000 Network Infrastructure.
• A strong familiarity with Windows 2000 directory services technologies and implementation, such as those covered in MOC Course MS-2154, Implementing and Administering Microsoft Windows 2000 Directory Services.

Student Materials:

The course materials are yours to keep. The student kit includes a comprehensive workbook and other necessary materials for this class.

Course Outline

Module 1: Introduction to Designing Security

• Introduction to Designing Security for Microsoft Networks
• Contoso Pharmaceuticals: A Case Study

Module 2: Creating a Plan for Network Security

• Introduction to Security Policies
• Defining a Process for Designing Network Security
• Creating a Security Design Team

Module 3: Identifying Threats to Network Security

• Introduction to Security Threats
• Predicting Threats to Security

Module 4: Analyzing Security Risks

• Introduction to Risk Management
• Creating a Risk Management Plan

Module 5: Creating a Security Design for Physical Resources

• Determining Threats and Analyzing Risks to Physical Resources
• Designing Security for Physical Resources

Module 6: Creating a Security Design for Computers

• Determining Threats and Analyzing Risks to Computers
• Designing Security for Computers

Module 7: Creating a Security Design for Accounts

• Determining Threats and Analyzing Risks to Accounts
• Designing Security for Accounts

Module 8: Creating a Security Design for Authentication

• Determining Threats and Analyzing Risks to Authentication
• Designing Security for Authentication

Module 9: Creating a Security Design for Data

• Determining Threats and Analyzing Risks to Data
• Designing Security for Data

Module 10: Creating a Security Design for Data Transmission

• Determining Threats and Analyzing Risks to Data Transmission
• Designing Security for Data Transmission

Module 11: Creating a Security Design for Network Perimeters

• Determining Threats and Analyzing Risks to Network Perimeters
• Designing Security for Network Perimeters

Module 12: Designing Responses to Security Incidents

• Introduction to Auditing and Incident Response
• Designing an Audit Policy
• Designing an Incident Response Procedure

Appendix A: Designing an Acceptable Use Policy

• Analyzing Risks That Users Introduce
• Designing Security for Computer Use

Appendix B: Designing Policies for Managing Networks

• Analyzing Risks to Managing Networks
• Designing Security for Managing Networks

Appendix C: Designing an Operations Framework to Manage Security

• Analyzing Risks to Ongoing Network Operations
• Designing a Framework for Ongoing Network Operations