Exam Objectives
This exam is broken up into five different categories. We will look at what you have to know in each category to pass the exam.
Creating the Conceptual Design for Network Infrastructure Security by Gathering and Analyzing Business and Technical Requirements
- Analyze business requirements
for designing security. Considerations
include existing policies and
procedures, sensitivity of data,
cost, legal requirements, end-user
impact, interoperability, maintainability,
scalability, and risk.
- Analyze existing security policies and procedures.
- You should be familiar with the policies and procedure of your company. Many businesses do not allow users to plug personally owned computers into the corporate network. Some do not allow flash drives, installing software, or even access to CD/DVD drives.
- Analyze the organizational requirements for securing data.
- Be aware of the purpose and sensitivity of the data, the impact of errors in the data and how much you trust third party sources that may have access to your data.
- Analyze the security requirements of different types of data.
- There are different classifications of data. Some data may be sensitive while other is classified. Classified data may compromise trade secrets or put your customers at risk. Securing data may include encryption.
- Analyze risks to security within the current IT administration structure and security practices.
- Most people in administration don’t realize all the tools you have at your disposal that allow you to secure data. You may have to work with the Human Resource department to help them understand how personnel data can be secure in a network environment.
- Design a framework for designing
and implementing security. The
framework should include prevention,
detection, isolation, and recovery.
- Predict threats to your network from internal and external sources.
- It is not allows hackers that pose a threat to your network. Careless network practices can cause as much damage as a hacker. Some of the worst problems can come from internal sources. You need to be able to identify and rate threats.
- Design a process for responding to incidents.
- If a breach of security happens on your watch, you need to have a plan in place to minimize and contain the risk.
- Design segmented networks.
- Firewall, routers and switches segment your network and limit the flow of data. The three types of segmented networks are: Bastion Host, Screen Host Gateway, and Screen Subnet Gateway.
- Design a process for recovering services.
- You should document your plan for recovering from a security incident. In order to minimize damage, you should make sure you have a good backup of your data as well as using redundant technologies such as load balancing and clustering. After the incident, you need to document what went wrong and then modify your procedure to prevent future incidents.
- Analyze technical constraints
when designing security.
- Identify capabilities of the existing infrastructure.
- It is possible that you are not employing a technology that can help your network security such as VLANs.
- Identify technology limitations.
- If you are using outdated technology, you may have to upgrade in order to prevent future incidents. In addition, technology cannot prevent incidents that are a result of social network where users are careless and don’t follow procedures.
- Analyze interoperability constraints.
Creating the Logical Design for Network Infrastructure Security
- Design a public key infrastructure
(PKI) that uses Certificate
Services.
- Design a certification authority (CA) hierarchy implementation. Types include geographical, organizational, and trusted.
- There are four types of certificates supported by Windows 2003: Enterprise Root, Standalone Root, Enterprise Subordinate and Standalone Subordinate.
- Design enrollment and distribution processes.
- Required certificates must be distributed to users by use of Autoenrollment, manual enrollment, Web page or by using the Certreq.exe command.
- Establish renewal, revocation and auditing processes.
- All certificates have an expiration date and must have a process for renewing. If a certificate has been compromised, it will be necessary to revoke the certificate. To audit certificates, you must enable auditing of object class and then choose the type of events you wish to audit.
- Design security for CA servers.
- If a server, acting as a certificate authority, is compromised, it invalidates all certificates issued by that server. It is important to decide which individuals have access to the certificate server. The roles that an individual can have on a CA server are CA Administrator, Certificate Manager, Auditor and Backup Operator.
- Design a logical authentication
strategy.
- Design certificate distribution.
- Group Policy can be used to distribute certificates.
- Design forest and domain trust models.
- External trusts, Forest trusts, and Shortcut trusts are the types of trusts that can be setup in a forest. You must be careful how you setup trust relationships as they can carry risks.
- Design security that meets interoperability requirements.
- Your authentication strategy needs to take into account the different types of operating systems you may have on your network.
- Establish account and password requirements for security.
- If you are still using passwords instead of Smart Cards or biometric technology, it is important to make sure the passwords are complex. Your password policy should include uppercase, lowercase, numbers, special characters and be sufficiently long. Users should be forced to change passwords frequently and no user should have the, “Password Never Expires” checked. That option is normally used for service accounts.
- Design security for network
management.
- Design the administration of servers by using common administration tools. Tools include Microsoft Management Console (MMC), Terminal Server, Remote Desktop for Administration, Remote Assistance, and Telnet.
- There are several practices that should be used in regards to administration of servers. An administrator should not stay logged on using his administrative account. The RunAs is an option that can be used. Remote Desktop Administration should be used instead of Terminal Server on Windows 2003 networks. Only delegate the rights necessary for the user to perform their job.
- Design security for Emergency Management Services.
- Emergency Management Services allows an administrator to restart a server that is not responding, view stop errors, view POST messages. It also includes a command line tool called Special Administration Console, which can be used to perform administrative tasks.
- Manage the risk of managing networks.
- With every network, there are threats and risks. It is up to the administrator to weigh the threats and risks and take appropriate measure to secure the network.
- Design a security update
infrastructure.
- Design a strategy for identifying computers that are not at the current patch level.
- Microsoft released patches and hotfixes on a regular basis. On occasion, they release a service pack that combines many previous patches and hotfixes. All computers on your network need to be up-to-date with the latest patches in order to be safe from the latest threats.
- Design a Software Update Services (SUS) infrastructure.
- Windows Server Update Service (WSUS) allows you to distribute and manage patches from a single location.
- Design Group Policy to deploy software updates.
- Group Policy can be used to deploy software updates. You can use this to specify which local servers will act as the WSUS server.
Creating the Physical Design for Network Infrastructure Security
- Design network infrastructure
security.
- Specify the required protocols for a firewall configuration.
- By default, a firewall blocks all traffic. You must decide what type of traffic will be allowed into your network.
- Design IP filtering.
- TCP/IP filtering limits access to your server based on TCP/UDP ports.
- Design an IPSec policy.
- Customized IPSec policies can be created, but Group Policy provides for some default policies that can be used. There can only be one IPSec policy assign per GPO.
- Secure a DNS implementation.
- If your DNS is compromised, a hacker could redirect all traffic and give the hacker access to your data. To secure DNS on your network, you should Restrict Zone Transfers, Encrypt Replication Traffic, and keep your DNS servers physically secured.
- Design security for data transmission.
- Use IPSec for VLAN traffic, SSL for Web server traffic and PPTP in conjunction with L2TP to create a secure tunnel for data transmitted over the Internet.
- Design security for wireless
networks.
- Design public and private wireless LANs.
- Wireless networks can be some of the most vulnerable. If network data is going to travel wirelessly, be sure to encrypt using WEP, WAP or some other encryption method.
- Design user authentication
for Internet Information Services
(IIS).
- Design user authentication for a Web site by using certificates.
- Design user authentication for a Web site by using IIS authentication.
- Users can access Web sites using Anonymous access, Integrated Windows Authentication, Digest 5, Basic Authentication and .NET Passport Authentication.
- Design user authentication for a Web site by using RADIUS for IIS authentication.
- Remote Access Dial-in Users Service (RADIUS) can be used to authenticate users.
- Design security for Internet
Information Services (IIS).
- Design security for Web sites that have different technical requirements by enabling only the minimum required services.
- Since your Web server is your Internet presence, it resides on the outside of your firewall and can be a target for hackers. Be sure to disable all services that are not needed so they cannot be used to exploit your network.
- Design a monitoring strategy for IIS.
- Logging is a key component for your IIS server monitoring strategy. There are several logging formats that can be used.
- Design an IIS baseline that is based on business requirements.
- As with any server, you can set a baseline that is based upon normal traffic over a period of time. If the snapshot for your baseline is too short, you will not get an accurate picture.
- Design a content management strategy for updating an IIS server.
- There are many ways to update Web content; FTP, Front Page Extensions, DreamWeaver and File Sharing.
- Design security for communication
between networks.
- Select protocols for VPN access.
- Point-to-point Tunneling Protocol (PPTP), Layer Two Tunneling Protocol over IPSec (L2TP/IPSEC), IPSec Tunnel Mode are the three protocols used by VPN.
- Design VPN connectivity.
- VPN allows a user to connect to the work network via a tunnel through the Internet. You must have a VPN server to authenticate those users. Some firewalls have VPN built in to them.
- Design demand-dial routing between internal networks.
- With Demand-dial routing, a server will dial out to the ISP or to a modem in a remote office. Once the connection is made, data can be exchanged between two networks.
- Design security for communication
with external organizations.
- Design an extranet infrastructure.
- An extranet is a computer network that allows controlled access from the outside, for specific business or educational purposes. You can communicate with extranets using VPN, or Web Applications using SSL.
- Design a strategy for cross-certification of Certificate Services.
- Cross-certification is when two or more organizations trust each other’s certifications.
- Design security for servers
that have specific roles. Roles
include domain controller, network
infrastructure server, file
server, IIS server, terminal
server, and POP3 mail server.
- Define a baseline security template for all systems.
- A security template is an .ini file containing hundreds of possible settings that can control a single or multiple computers. The security templates can control areas such as user rights, permissions, and password policies. Security templates can be deployed centrally using Group Policy object
- Create a plan to modify baseline security templates according to role.
- To design security by server role, you must identify the roles-or services that the server performs and define the security for the server role. Then you can tweak existing security templates to meet your needs.
Designing an Access Control Strategy for Data
- Design an access control
strategy for directory services.
- Create a delegation strategy.
Depending on the size of your organization, you may have several administrators. Delegation of control should always as strict as possible while still allowing the user to perform their job.
- Design the appropriate group strategy for accessing resources.
You should always assign permissions to resources based on groups instead of individuals.
- Design a permission structure for directory service objects.
- Design an access control strategy for files and folders.
You should always assign permissions to objects based on groups instead of individuals.
- Design a strategy for the encryption and decryption of files and folders.
- Design a permission structure for files and folders.
- Design security for a backup and recovery strategy.
- Analyze auditing requirements.
- Design an access control strategy for the registry.
Electronic File Encryption (EFS) should be used for encrypting files and folders. If you encrypt a folder, all the files created in that folder will be encrypted. EFS does not encrypt data that is transmitted across your network.
There are two type of permission; NTFS and Share. The most restrictive of the combined permissions will be used. For instance, if a user has Read share permissions to a folder called Temp and Full Control to a file inside the folder, the user’s effective permission is Read.
Since your backup data contains copies of all your company’s information, it is essential to secure your backups as well as your live data. Your backup media should be properly stored and labeled; preferably in an offsite location. As with any backup procedure, you must test the restore to ensure the integrity of the data.
Some data, whether live or on a backup drive, must be kept a certain amount of time. You must ensure that you store your data according to your company’s requirements.
- Design a permission structure for registry objects.
- Analyze auditing requirements.
The registry of a computer contains all of its vital settings. If the registry is compromised, an intruder can modify, delete or add registry entries that could do enormous damage. Each item in the registry can be secured with permissions; much the same as a data file or folder.
Using Group Policy, you can design an auditing policy so items can be written to the Event Viewer’s Security Log.
Creating the Physical Design for Client Infrastructure Security
- Design a client authentication
strategy.
- Analyze authentication requirements.
In a modern office, you have not only PCs, but laptops, VPN clients, wireless clients and servers. You must take all of these into consideration when developing an authentication strategy. RADIUS, biometric, smartcard and passwords are some of the authentication methods.
- Establish account and password security requirements.
- Design a security strategy for client remote access.
- Design remote access policies.
- Design access to internal resources.
- Design an authentication provider and accounting strategy for remote network access by using Internet Authentication Service (IAS).
- Design a strategy for securing
client computers. Considerations
include desktop and portable
computers.
- Design a strategy for hardening client operating systems.
There are many ways using Group Policy to harden your operating system. Account policies such as, Do Not Show Last Login can be used. You can also specify which applications can run on your systems.
- Design a strategy for restricting user access to operating system features.
You can choose to prevent users from installing software, accessing flash drives, installing printers or using the CD-ROM. You can also place users in default groups that will limit their access privileges.
User accounts and passwords are authentication methods that are most widely used. You should make sure that your passwords are complex and changed frequently. It is not a good practice to set any user password to never expire.