Course Outline

2830 - Designing Security for Microsoft Networks


 

Course Outline
 

Module 1: Introduction to Designing Security
This module describes the basic framework for designing network security and introduces key concepts used throughout the course. It also introduces an ongoing case study that is utilized in the labs.
Lessons
Introduction to Designing Security for Microsoft Networks
Contoso Pharmaceuticals: A Case Study

 

Module 2: Creating a Plan for Network Security
This module discusses the importance of security policies and procedures in a security design. It also explains how a security design team must include representation from various members of your organization. After completing this module, you will be able use a framework for designing security and create a security design team.
Lessons
Introduction to Security Policies
Defining a Process for Designing Network Security
Creating a Security Design Team
Lab A: Planning a Security Framework
After completing this module, you will be able to:
Describe common elements of security policies and procedures.
Create a security design framework by using the Microsoft Solutions Framework (MSF) process model.
Create a security design team.

 

Module 3: Identifying Threats to Network Security
This module explains how to identify likely threats to a network and explains attacker motivations. After completing this module, you will be able to explain common threats and predict threats by using a threat model.
Lessons
Introduction to Security Threats
Predicting Threats to Security
Lab A: Identifying Threats to Network Security
After completing this module, you will be able to:
Explain common network vulnerabilities and how attackers can exploit them.
Predict threats to security by using the STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege) threat model.

 

Module 4: Analyzing Security Risks
This module explains how to determine what resources in an organization require protection and how to categorize them in order to assign an appropriate level of protection. After completing this module, you will be able to apply a framework for planning risk management.
Lessons
Introduction to Risk Management
Creating a Risk Management Plan
Lab A: Analyzing Security Threats
After completing this module, you will be able to:
Explain the purpose and operation of risk management.
Draft the elements of a risk management plan.

 

Module 5: Creating a Security Design for Physical Resources
This module describes threats and risks to physical resources in an organization, as well as how to secure facilities, computers, and hardware. After completing this module, you will be able to design security for physical resources.
Lessons
Determining Threats and Analyzing Risks to Physical Resources
Designing Security for Physical Resources
Lab A: Designing Security for Physical Resources
After completing this module, you will be able to:
Determine threats and analyze risks to physical resources.
Design security for physical resources.

 

Module 6: Creating a Security Design for Computers
This module explains how to determine threats and analyze risks to computers on your network. After completing this module, you will be able to design security for computers.
Lessons
Determining Threats and Analyzing Risks to Computers
Designing Security for Computers
Lab A: Designing Security for Computers
After completing this module, you will be able to:
Determine threats and analyze risks to computers.
Design security for computers.

 

Module 7: Creating a Security Design for Accounts
This module describes the threats and risks to accounts in an organization. After completing this module, you will be able to design security for accounts.
Lessons
Determining Threats and Analyzing Risks to Accounts
Designing Security for Accounts
Lab A: Designing Security for Accounts
After completing this module, you will be able to:
Determine threats and analyze risks to accounts.
Design security for accounts.

 

Module 8: Creating a Security Design for Authentication
This module describes threats and risks to authentication. After completing this module, you will be able to design security for authentication.
Lessons
Determining Threats and Analyzing Risks to Authentication
Designing Security for Authentication
Lab A: Designing Authentication Security
After completing this module, you will be able to:
Determine threats and analyze risks to authentication.
Design security for authentication.

 

Module 9: Creating a Security Design for Data
This module examines threats and risks to data. After completing this module, you will be able to design security for data.
Lessons
Determining Threats and Analyzing Risks to Data
Designing Security for Data
Lab A: Designing Security for Data
After completing this module, you will be able to:
Determine threats and analyze risks to data.
Design security for data.

 

Module 10: Creating a Security Design for Data Transmission
This module discusses threats and risks to data transmission. After completing this module, you will be able to design security for data transmission.
Lessons
Determining Threats and Analyzing Risks to Data Transmission
Designing Security for Data Transmission
Lab A: Designing Security for Data Transmission
After completing this module, you will be able to:
Determine threats and analyze risks to data transmission.
Design security for data transmission.

 

Module 11: Creating a Security Design for Network Perimeters
This module describes threats to the points where your network connects to other networks, such as the Internet. After completing this module, you will be able to design security for network perimeters.
Lessons
Determining Threats and Analyzing Risks to Network Perimeters
Designing Security for Network Perimeters
Lab A: Designing Security for Network Perimeters
After completing this module, you will be able to:
Determine threats and analyze risks to network perimeters.
Design security for network perimeters.

 

Module 12: Designing Responses to Security Incidents
This module provides information about auditing and creating procedures to direct how you respond to security incidents. After completing this module, you will be able to design an audit policy and an incident response procedure.
Lessons
Introduction to Auditing and Incident Response
Designing an Audit Policy
Designing an Incident Response Procedure
Lab A: Designing an Incident Response Procedure
After completing this module, you will be able to:
Explain the importance of auditing and incident response.
Design an auditing policy.
Design an incident response procedure.

 

Appendices

 

Appendix A: Designing an Acceptable Use Policy
This appendix provides information about creating policies for acceptable use of network resources by users.
Lessons
Analyzing Risks That Users Introduce
Designing Security for Computer Use

 

Appendix B: Designing Policies for Managing Networks
This appendix offers guidelines for ensuring that network administrators manage networks in a secure manner.
Lessons
Analyzing Risks to Managing Networks
Designing Security for Managing Networks

 

Appendix C: Designing an Operations Framework to Manage Security
This appendix explains how to create a framework to ensure security of a network as the network changes and as the security requirements of the organization change.
Lessons
Analyzing Risks to Ongoing Network Operations
Designing a Framework for Ongoing Network Operations