Home > Articles > Microsoft

  • Print
  • + Share This
Exam Objectives

Exam Objectives

The exam objectives are broken up into four different categories.

Understanding Security Layers

  • Understand core security principles.
  • This objective may include but is not limited to: confidentiality; integrity; availability; how threat and risk impact principles; principle of least privilege; social engineering; attack surface

  • Understand physical security.
  • This objective may include but is not limited to: site security; computer security; removable devices and drives; access control; mobile device security; disable Log On Locally; keyloggers

  • Understand Internet security.
  • This objective may include but is not limited to: browser settings; zones; secure Web sites

  • Understand wireless security.
  • This objective may include but is not limited to: advantages and disadvantages of specific security types; keys; SSID; MAC filters

Understanding Operating System Security

  • Understand user authentication.
  • This objective may include but is not limited to: multifactor; smart cards; RADIUS; Public Key Infrastucture (PKI); understand the certificate chain; biometrics; Kerberos and time skew; using Run As to perform administrative tasks; password reset procedures

  • Understand permissions.
  • This objective may include but is not limited to: file; share; registry; Active Directory; NTFS vs. FAT; enabling or disabling inheritance; behavior when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation;

  • Understand password policies.
  • This objective may include but is not limited to: password complexity; account lockout; password length; password history; time between password changes; enforce by using group policies; common attack methods

  • Understand audit policies.
  • This objective may include but is not limited to: types of auditing; what can be audited; enabling auditing; what to audit for specific purposes; where to save audit information; how to secure audit information

  • Understand encryption.
  • This objective may include but is not limited to: EFS; how EFS encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; VPN; public-key / private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices

  • Understand malware.
  • This objective may include but is not limited to: buffer overflow; worms; Trojans; spyware;

Understanding Network Security

  • Understand dedicated firewalls.
  • This objective may include but is not limited to: types of hardware firewalls and their characteristics; why to use a hardware firewall instead of a software firewall; SCMs and UTMs; stateful vs. stateless inspection

  • Understand Network Access Protection (NAP).
  • This objective may include but is not limited to: purpose of NAP; requirements for NAP

  • Understand network isolation.
  • This objective may include but is not limited to: VLANs; routing; honeypot; perimeter networks; NAT; VPN; Ipsec; Server and Domain Isolation.

  • Understand protocol security.
  • This objective may include but is not limited to: protocol spoofing; IPSec; tunneling; DNSsec; network sniffing; common attack methods

Understanding Security Software

  • Understand client protection.
  • This objective may include but is not limited to: antivirus; User Account Control (UAC); keeping client operating system and software updated;encrypting offline folders; software restriction policies

  • Understand e-mail protection.
  • This objective may include but is not limited to: antispam; antivirus; spoofing, phishing, and pharming; client vs. server protection; SPF records; PTR records

  • Understand server protection.
  • This objective may include but is not limited to: separation of services; hardening; ); keeping server updated; secure dynamic DNS updates; disabling unsecure authentication protocols; Read-Only Domain Controllers; separate management VLAN; Microsoft Baseline Security Analyzer (MBSA)

  • + Share This
  • 🔖 Save To Your Account

Related Resources

There are currently no related titles. Please check back later.