Legal Requirements that Influence Security Design 70-643 156-215.1 70-631 642-811
To make time spent with legal advisors efficient and productive, the security framework should include a living document that includes concise, IT-friendly statements about each law that might affect IT projects. Here is an example of current laws that might be examined for their relevance to […]
27 Nov
Posted by latoniakate as Pass4sure, update certification
Common Business Drivers for Security Design MB7-517 MB6-508 70-290
For an organization to stay in business and maximize profits, its management must consider certain business drivers for each business activity the organization undertakes. Common business drivers that the security design must address include the following:
The initial and ongoing cost of security The real and perceived cost […]
When it comes to managing the security for the systems on a network, many administrators are tempted to install service packs and hotfixes the moment that they are released. Although such a strategy can keep you on the cutting edge of security, following the strategy blindly will eventually lead to cutting yourself. 70-284 70-272 70-630 […]
Security templates are text files that store policy settings from the Security node in an Active Directory Group Policy. These text files can be imported and applied to GPOs, altering the settings in the GPO to conform to a particular security standard. Because they are text files, security templates are often far easier to manipulate […]
The vast majority of security configuration on a Microsoft Windows Server 2003 network is carried out by applying security policies either through Active Directory directory service or by means of local Group Policy objects. 000-084 000-315 640-721 000-669 MB5-629 HP0-Y18 MB4-643
Group Policy controls almost every aspect of the operation of a computer running Windows Server […]
Public Key Infrastructure Fundamentals 70-642 70-271 70-445 70-237
Computer networks are no longer closed systems in which a user’s mere presence on the network can serve as proof of identity. In this age of information interconnection, an organization’s network might consist of intranets, Internet sites, and extranets-all of which are potentially susceptible to access by unauthorized […]
Deploying Updates on New Clients 70-649 1D0-470 117-202 70-620
The setup process is a very vulnerable time for new computers. Updates can fix the vast majority of vulnerabilities for computers running Microsoft Windows, but if you install a computer using the original distribution of Windows, those vulnerabilities will be present during the setup process. Fortunately, there […]
Assessing Patch Levels 70-441 350-001 350-018
Auditing is one of security’s core concepts. Without auditing, security degrades over time. Updating is certainly no exception to this; even if you configure an airtight updating infrastructure, at some point a computer on your network will go unpatched. This can happen when a mobile computer is disconnected from the […]
Configuring Authentication for Web Users 920-221 70-299 70-541
Active Directory is a perfect way to store credentials for internal users because it can provide single sign-on authentication for a variety of network resources, including Web servers. If your organization provides an internal Web site, the Web site should authenticate users by using their existing Active Directory […]
Considerations for Evaluating Your Environment 70-431 70-646 70-236
When establishing an authentication strategy for your organization, you must become familiar with your current environment, including the structure of your organization; the users, computers, and services in your organization that require authentication; and the applications and services that are in use. This will help you to understand […]