Microsoft Virtual Academy
®
Microsoft Technology
Associate
98-367: Security Fundamentals
Christopher Chapman | Content PM , Microsoft
Thomas Willingham | Content Developer, Microsoft
Meet the Presenters
Christopher Chapman, MCT
Content Project Manager, Microsoft Learning
Background
– IT manager and implementer focused on deploying, maintaining and
optimizing networks of all sizes
– IT Consulting projects include Custom SharePoint for Microsoft IT,
Netware/Notes migration to AD/Exchange, Transition to centralized
management (250 clients)
– Instructor and Director of Instruction
– Multiple Microsoft and other industry certifications (MCP, MCTS, MCSA,
MCSE, MCT)
Contact
– [email protected]
– @ChristopherMSL
Meet the Presenters
Thomas Willingham
Content Developer, Cloud and Enterprise
Background
• Taught the Microsoft MCSE and the Novell CNE
certifications, and worked as a network
consultant for almost 10 years
• Courseware Author for MS Learning
• Content developer for Remote Desktop
Virtualization at Microsoft for the last 5 years
Contact
• [email protected]
Course Topics
98-367: Security Fundamentals
01 | Understanding Security Layers
02 | Authentication, Authorization and Accounting
03 | Understanding Security Policies
04 | Understanding Network Security
05 | Protecting Servers and Clients
Setting Expectations
• Target Audience
• IT Help Desk staff interested in moving into Network/Systems Administration
• Anyone interested in learning more about networking
• Suggested Prerequisites/Supporting Material
• 40349A: Windows Operating System Fundamentals: MTA Exam 98-349
• 40366A: Networking Fundamentals: MTA Exam 98-366
• 40365A: Windows Server Administration Fundamentals: MTA Exam 98-365
• Exam 98-349: Windows Operating System Fundamentals
• Exam 98-366: Networking Fundamentals
• Exam 98-365: Windows Server Administration Fundamentals
Microsoft Virtual Academy
®
Module 1
Understanding Security Layers
Christopher Chapman | Content PM , Microsoft
Thomas Willingham | Content Developer, Microsoft
Module Overview
• Core Security Principles
• Physical Security
Core Security Principles
Confidentiality, Integrity, Availability (CIA)
• Confidentiality
• Confidentiality deals with keeping information, networks, and systems secure
from unauthorized access. This can be achieved by using encryption,
authentication, and access control.
• Integrity
• Integrity is defined as the consistency, accuracy, and validity of data or
information. This can be achieve by using hashing.
• Availability
• Availability describes a resource being accessible to a user, application, or
computer system when required.
Least Privilege, Attack Surface, and Social Engineering
• Least Privilege
• User, systems, and applications should have no more privilege than necessary to
perform their function or job.
• Attack Surface
• Set of methods and avenues an attacker can use to enter a system and
potentially cause damage.
• Social Engineering
• Method used to gain access to data, systems, or networks, primarily through
misrepresentation. Relies on the trusting nature of the person being attacked.
Risk Management
• Responses:
• Avoidance
• Acceptance
• Mitigation
• Transfer
Identify
Risk
Statement
(If/then)
Analyze and
Prioritize
Control
Risk
database
Learn
Master Risk
ListN
Top
risks
Track and
Report
Plan and
Schedule
Physical Security
Physical Security
• First line of defense
• Achieve by using access control at different layers
• Defense in Depth approach
Defense in Depth
External Perimeter
Internal Perimeter
Secure Area
Servers
Racks
External Perimeter
• First line of defense surrounding office
• Secured by using:
• Security cameras
• Parking lot lights
• Perimeter fence
• Gate with guard
• Gate with access badge reader
• Guard patrols
Internal Perimeter
• Once inside the building
• Secured by using:
• Locks (on exterior doors, internal doors, office doors, desks, filing cabinets, etc.)
• Security cameras
• Badge readers (on doors and elevators)
• Guard desks and patrols
• Smoke detectors
• Turnstiles and mantraps
Secure Areas
• Specific potion of the building
• Secured by using:
• Badge readers and Keypads
• Biometric technologies (e.g., fingerprint scanners, retinal scanners, voice
recognition systems, etc.)
• Security doors
• X-ray scanners and Metal detectors
• Cameras
• Intrusion detection systems (light beam, infrared, microwave, and/or ultrasonic)
Device Security
• Servers
• Locked in data centers (secure area)
• Desktops
• Secured to desks
• Mobile Devices
• Docking stations
• Laptop security cables
• Laptop safes
• Theft recovery software
• Laptop alarms
Additional Resources & Next Steps
www.microsoft.com/learning
Books
• Exam 98-367 Security
Fundamentals
• Exam 98-366: MTA
Networking Fundamentals
• Exam Ref 70-410: Installing
and Configuring Windows
Server 2012
Instructor-Led
Courses
• 40349A: Windows
Operating System
Fundamentals: MTA Exam
98-349
• 40366A: Networking
Fundamentals: MTA Exam
98-366
• 40365A: Windows Server
Administration
Fundamentals: MTA Exam
98-365
• 20410C: Installing and
Configuring Windows
Server 2012
Exams &
Certifications
• Exam 98-367: Security
•
•
•
•
Fundamentals
Exam 98-349: Windows
Operating System
Fundamentals
Exam 98-366: Networking
Fundamentals
Exam 98-365: Windows
Server Administration
Fundamentals
Exam 70-410: Installing
and Configuring Windows
Server 2012