Section A: Security Foundation

• Introduction
• Security
• Privacy
• Reliability
• Prerequisites

Section B: Security Policies

• Policies vs. Procedures
• Creating Policies
• Policy Process
• Tips
• End-user Impact

Section C: Data Security

• Data Sensitivity and Classification
• Data Flow Analysis
• Data Vulnerability
• Data Categories
• Classification Alternatives

Section D: Business Requirements

• Cost Analysis
• Legal Issues
• Interoperability
• Maintainability
• Scalability

Section E: Technical Constraints

• Infrastructure
• Technology
• Interoperability Constraints
• Analyzing

Section F: Design Principles

• Defense
• Access and Access Points
• Authentication
• Implementation
• Updates
• CIA

Section G: Security Framework

• Five Factors
• Security Design Team
• Threat Prediction
• Threat Modeling
• Threat Detection
• Threat Response

Section H: Risk Management

• Overview
• Business Impact Analysis
• Business Continuity Planning
• Agents of Threat
• Risk Ratings
• Management Options

Section A: Network Management Procedures

• Secure Administration
• Privileged Groups
• Secure Systems
• Tasks and Duties
• Secure Practices
• MMC
• Remote Desktop Administration

Section B: Secure Maintenance

• Software Deployment
• Patch Detection
• EMS

Section C: Software Update Services (SUS)

• SUS
• Server-side Features
• Client-side Features
• Requirements
• Administration

Section D: Authentication

• Risks
• Server Methods
• Kerberos v5
• Passwords and Smart Cards
• Certificates

Section E: File and Folder Access

• Permissions Management
• Permissions Inheritance
• Effective Permissions
• Auditing
• Group Management

Section F: File and Folder Security

• Encrypting
• Backup and Recovery
• Registry Security
• Printer Security

Section G: Remote Access

• Security Issues
• Accessing Resources
• Policies
• RADIUS
• IAS
• NAQC

Section H: VPN Security

• VPN Traffic
• Tunneling Protocol
• Authentication

Section A: Network Infrastructure

• Domain and Forest Structure
• Transitive Trust
• Demand-dial Routing
• Firewall Configuration
• Secure Transmission
• IPSec
• IP Filtering
• IPSec Policy

Section B: Securing DNS

• Understanding DNS
• Common Attacks
• Securing DNS Methods
• DNS Options

Section C: Perimeter Security

• Segmented Networks
• Internal Segmentation
• Extranets
• Cross-certification

Section D: PKI Overview

• PKI Services
• PKI Terms
• Internal vs. External CAs

Section E: PKI Planning

• Determine Needs
• Certificate Usage
• Hierarchy
• Enrollment and Distribution
• Management
• CA Security

Section F: IIS 6.0

• Security Features
• Log and Monitor
• Monitoring
• Securing Sites
• Authentication
• Content Management
• Create Baseline

Section A: Server Baselines

• Baseline Options
• Recommendations
• Security Templates
• Create Policies
• Using Templates

Section B: Active Directory Security

• Active Directory Delegation
• Delegation Scenario
• Access Control

Section C: Client Security

• Client Threats
• Hardening Clients
• Access Restrictions
• System Restrictions

Section D: Wireless Essentials

• Overview
• Basic Infrastructure
• Public Networks
• Private Networks

Section E: Wireless Security

• Wireless Threats
• Wireless Standards
• Authentication
• Encryption
• Access Point
• Best Practices