298 Study notes
Psoasman
Member Posts: 2,687 ■■■■■■■■■□
Howdy,
Part of my studying for exams is to type up all the lesson, chapter, and keypoints in each chapter. I thought I'd post them, so others could use them as well. I will put them in small sections. Cheers
1. The security design must consider the consraints imposed by legacy systems
2. Building as security design framework is a good way to ensure that all possible areas are addressed in a security design. Concepts to include in your security framework include:
a. Threat modeling. Helps to develop a well-rounded approach.
b. Prevention, detection, isolation and recovery.
c. Analysis of existing security policies and procedures. This is a good 1st step for any design and might also result in you discovering weaknesses in the existing security policies.
d. Procedures must run with the policies
e. The type of data dictates the type of security used.
f. IT admin practices should be considered when performing risk analysis, threat modeling, and security design.
3. The security design must consider interopterability requirements.
4. The design must consider technical limitations.
5. Certificate hierarchies can provide security for root CA and separation of duties, solve geographical and political design issues, and provide load balancing and efficient operation.
6. Best practices include using an offline CA protected in a vault and using a hardware device for key storage.
7. Many of the advanced features of 2k3 PKI are available only with level 2 certificates, which require a 2k3 server enterprise edition.
8. Level 2 certs can be customized to provide key archival, specify that certificate issuance must be approved, and other options.
9. CA hierarchies are used to provide protection for the root CA and scale the infrastructure.
10. Any sensitive certs must be manually issued and approved.
11. Enforced role separation will prevent a computer administrator form managing the CA with the exception that he can renew the CA cert.
12. Designing border controls consist of evaluating remote access needs, understanding available borde controls, examining the use of current controls, and creating a design that maximizes security
13. Border controls consist of IDS, IPS, VPNs, firewalls, IPSec policies, network access quarantine.
14. Securing DNS protects the physical network by preventing the capture of info about the network.
15. IP packet protocol filtering can be implemented by using IPSec.
16. IPSec should be used to protect communications between 2 computers on a network. It provied confidentiality, anti-replay, authentication, encryption, integrity, and mutual machine authentication.
17. IPSec should be used to protect sensitive communications.
18. Availibility is important when designing the network.
19. Securing DNS can be accomplished by securing zone replication, using secure dynamic update, and keeping private internal data on internal DNS servers and by placing only internet-accessible services on an internet-accessible DNS server.
20. IPSec packet protocol filtering using blocking services is the best choice for implementing packet filtering directly on a server.
21. Use IPSec to protect communications between 2 computers on a LAN.
22. The forest is a security boundary, the domain is not.
23. EMS provides a way to
Part of my studying for exams is to type up all the lesson, chapter, and keypoints in each chapter. I thought I'd post them, so others could use them as well. I will put them in small sections. Cheers
1. The security design must consider the consraints imposed by legacy systems
2. Building as security design framework is a good way to ensure that all possible areas are addressed in a security design. Concepts to include in your security framework include:
a. Threat modeling. Helps to develop a well-rounded approach.
b. Prevention, detection, isolation and recovery.
c. Analysis of existing security policies and procedures. This is a good 1st step for any design and might also result in you discovering weaknesses in the existing security policies.
d. Procedures must run with the policies
e. The type of data dictates the type of security used.
f. IT admin practices should be considered when performing risk analysis, threat modeling, and security design.
3. The security design must consider interopterability requirements.
4. The design must consider technical limitations.
5. Certificate hierarchies can provide security for root CA and separation of duties, solve geographical and political design issues, and provide load balancing and efficient operation.
6. Best practices include using an offline CA protected in a vault and using a hardware device for key storage.
7. Many of the advanced features of 2k3 PKI are available only with level 2 certificates, which require a 2k3 server enterprise edition.
8. Level 2 certs can be customized to provide key archival, specify that certificate issuance must be approved, and other options.
9. CA hierarchies are used to provide protection for the root CA and scale the infrastructure.
10. Any sensitive certs must be manually issued and approved.
11. Enforced role separation will prevent a computer administrator form managing the CA with the exception that he can renew the CA cert.
12. Designing border controls consist of evaluating remote access needs, understanding available borde controls, examining the use of current controls, and creating a design that maximizes security
13. Border controls consist of IDS, IPS, VPNs, firewalls, IPSec policies, network access quarantine.
14. Securing DNS protects the physical network by preventing the capture of info about the network.
15. IP packet protocol filtering can be implemented by using IPSec.
16. IPSec should be used to protect communications between 2 computers on a network. It provied confidentiality, anti-replay, authentication, encryption, integrity, and mutual machine authentication.
17. IPSec should be used to protect sensitive communications.
18. Availibility is important when designing the network.
19. Securing DNS can be accomplished by securing zone replication, using secure dynamic update, and keeping private internal data on internal DNS servers and by placing only internet-accessible services on an internet-accessible DNS server.
20. IPSec packet protocol filtering using blocking services is the best choice for implementing packet filtering directly on a server.
21. Use IPSec to protect communications between 2 computers on a LAN.
22. The forest is a security boundary, the domain is not.
23. EMS provides a way to
Comments
-
siniabhilash Member Posts: 26 ■□□□□□□□□□Hello mate,
Its absolutely wonderful for you to spend time to post this guide. I am preparing for 298 and was wondering if something like this could be found for going through all materials in a glance.
Thanks a lot
Much appreciatedSini Abhilash
A+, N+, 270, 290, 291, 299 (MCSA)