Target Audience: Attendees will be current IT professionals with experience using Microsoft Windows 2000 Server or Microsoft Windows Server 2003 and with knowledge of Active Directory concepts. Students will also benefit from experience with Microsoft Exchange Server, Microsoft SQL Server, and Microsoft Internet Security and Acceleration (ISA) Server 2000. The students will be in an environment where they are responsible for aspects of security management and deployment associated with their internal network infrastructure and Internet or intranet services.

Pre-requisites: Before attending this clinic, students must have the following pre-requisites:

• Hands-on experience with Windows 2000 or Windows Server 2003 management tools.
• Experience with Active Directory and Group Policy.
• Attended Clinic 2801, Microsoft Security Guidance Training I, or have equivalent knowledge.
  

Purpose: After completing this clinic, students will be able to understand how to implement perimeter defenses; use ISA Server to protect the network perimeter; implement client defenses; use Internet Connection Firewall (ICF) to protect clients; protect wireless networks; protect networks by using IP Security (IPSec); explain the basics of network security and the reasons why your defenses should be layered from the general to the specific for the most secure environment; protect Exchange Server, SQL Server, and Microsoft Small Business Server, and keep data secure and private; identify the important tasks that you can do today to improve your organization's security; understand the importance of client and server security; describe the tasks and tools involved in implementing server security; describe the tasks and tools involved in implementing client security; identify the methods for securing Windows operating systems; list methods available for securing Microsoft Internet Information Services (IIS); list methods available for providing mobile client security; build on existing knowledge of server, client, and network security and learn practical strategies for implementing the best practices for security across your environment; learn real-world strategies for patch management and network security and how to troubleshoot problems with existing security configurations; understand best practices for enhancing security across heterogeneous environments, including legacy and third-party systems.