Posiadacze certyfikatów MCSA + S >> Microsoft Certified System Administrator Security Specialization muszą mieć na uwadze re-certyfikację swojego dyplomu o egzamin 70-699 Windows Server 2003, Microsoft Certified Systems Administrator (MCSA) Security Specialization Skills Update. Jest on skutkiem wypuszczenia na rynek systemów Windows 7 i Windows Server 2008 R2, gdzie mają zastosowanie takie technologie jak: BitLocker Drive Encryption; BitLocker To Go; Event Viewer, System Monitor, PerfMon, Resource Monitor (w wersjach dla Windows Vista i Windows 7); User Account Control; Trusted Platform Module. Obowiazujace do tej pory egzaminy [np.: 70-290, 70-291, 70-270/70-620, 70-299/70-227/70-350/70-351/CompTIA ] są utrzymane więc egzamin 70-699 staje się szóstym wymaganym egzaminem, jeśli chce się zachowac ścieżkę w pełni zgodną m.in. z rekomendacjami Departamentu Obrony USA. jednocześnie zdanie egzaminu, nie daje nam żadnego dodatkowego certyfikatu (np typu TS)
Zakres tego egzaminu przedstawiam poniżej:
Managing Security for Users, Computers, and Groups
•Manage local, roaming, and mandatory user profiles.
•Create and manage computer accounts in an Active Directory environment.
◦This objective may include but is not limited to: reset computer accounts
•Create, manage, and troubleshoot user and group accounts.
◦This objective may include but is not limited to: identify and modify the scope of a group; find domain groups in which a user is a member; manage group membership; import user accounts; diagnose and resolve account lockouts; diagnose and resolve issues related to user account properties
•Troubleshoot user authentication issues.
◦This objective may include but is not limited to: set password policies; trust relationships; multifactor authentication
•Configure access to files and folders.
◦This objective may include but is not limited to: folder shares permissions; file permissions; verify effective permissions; change ownership of files and folders
•Monitor and analyze security events.
◦This objective may include but is not limited to: Event Viewer, System Monitor, PerfMon, Resource Monitor (Windows Vista)
Implementing, Managing, and Maintaining Network Security
•Implement secure network administration procedures.
◦This objective may include but is not limited to: implement security baseline settings and audit security settings by using security templates; implement the principle of least privilege
•Manage security for system recovery.
◦This objective may include but is not limited to: verify the data integrity of backup job; manage backup storage media; manage backup and restore permissions; system state data; back up files and System State data to media
•Configure security based on server roles.
◦This objective may include but is not limited to: roles such as SQL, Microsoft Exchange, and Domain Controller; plan and configure security settings; plan network zones for computer roles; plan and configure software restriction policies; audit and log computer roles (Windows events, Internet Information Services [IIS], firewall log files, network logons, and RAS log files); Microsoft Baseline Security Analyzer (MBSA); Security Configuration and Analysis
•Plan and deploy security settings.
◦This objective may include but is not limited to: registry and file system permissions, account policies, audit policies, rights assignment, security options, system services, restricted groups, and event logs; desktop and portable client computers, mobile devices, Group Policy, and command-line tools and scripting; mixed operating systems, inheritance, and removal of security template settings
Implementing, Managing, and Troubleshooting Security for Network Communications
•Configure Routing and Remote Access user authentication.
◦This objective may include but is not limited to: configure remote access authentication protocols; configure Routing and Remote Access policies to permit or deny access; configure security for remote access users; authentication and VPN protocols
•Plan IPsec deployment.
◦This objective may include but is not limited to: modes, authentication methods, and functionality of existing applications and services
•Deploy and manage IPsec policies.
◦This objective may include but is not limited to: local computer policy and Group Policy objects (GPOs), commands and scripts, and certificate deployment; monitor and troubleshoot network protocol security; IP Security Monitor MMC snap-in; Event Viewer and Network Monitor; Kerberos support tools
•Implement security for wireless networks.
◦This objective may include but is not limited to: authentication, encryption methods, and policies
•Install, manage, and configure Certificate Services.
◦This objective may include but is not limited to: hierarchy, renewals, certificate templates, certificate revocation lists (CRLs), archival and recovery of keys
Configuring Client Security Features
•Configure Windows Firewall.
◦This objective may include but is not limited to: configuring rules for multiple profiles; allowing or denying an application; network-profile-specific rules; configuring notifications; configuring authenticated exceptions
•Configure Windows Internet Explorer.
◦This objective may include but is not limited to: configuring compatibility view; configuring security settings; configuring providers; managing add-ons; controlling InPrivate mode; certificates for secure Web sites
•Configure file and folder access.
◦This objective may include but is not limited to: encrypting files and folders by using EFS; configuring NTFS permissions; resolving effective permissions issues; copying files vs. moving files
•Configure user account control (UAC).
◦This objective may include but is not limited to: configuring local security policy; configuring admin vs. standard UAC prompt behaviors; configuring Secure Desktop
•Configure BitLocker and BitLocker To Go.
◦This objective may include but is not limited to: configuring BitLocker and BitLocker To Go policies; managing Trusted Platform Module (TPM) PINs; configuring startup key storage; data recovery agent support
•Configure application restrictions.
◦This objective may include but is not limited to: setting software restriction policies; setting application control policies; setting through group policy or local security policy
•Configure authentication and authorization.
◦This objective may include but is not limited to: resolving authentication issues; configuring rights; managing credentials; managing certificates; smart cards with PIV; elevating user privileges; multifactor authentication
Więcej szczegółów na stronie portalu Microsoft Learning: opis certyfikacji MCSA i opis egzaminu recertyfikującego.
0 Comments.