1 / 19

Microsoft Technology Associate

Microsoft Technology Associate. 98-367 : Security Fundamentals. Christopher Chapman | Content PM , Microsoft Thomas Willingham | Content Developer, Microsoft. Background IT manager and implementer focused on deploying, maintaining and optimizing networks of all sizes

lgloria
Télécharger la présentation

Microsoft Technology Associate

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM , Microsoft Thomas Willingham | Content Developer, Microsoft

  2. Background IT manager and implementer focused on deploying, maintaining and optimizing networks of all sizes IT Consulting projects include Custom SharePoint for Microsoft IT, Netware/Notes migration to AD/Exchange, Transition to centralized management (250 clients) Instructor and Director of Instruction Multiple Microsoft and other industry certifications (MCP, MCTS, MCSA, MCSE, MCT) Contact christophermva@microsoft.com @ChristopherMSL Meet the Presenters Christopher Chapman, MCT Content Project Manager, Microsoft Learning

  3. Meet the Presenters Thomas Willingham Content Developer, Cloud and Enterprise Background • Taught the Microsoft MCSE and the Novell CNE certifications, and worked as a network consultant for almost 10 years • Courseware Author for MS Learning • Content developer for Remote Desktop Virtualization at Microsoft for the last 5 years Contact • gotthomas@microsoft.com

  4. Course Topics

  5. Setting Expectations • Target Audience • IT Help Desk staff interested in moving into Network/Systems Administration • Anyone interested in learning more about networking • Suggested Prerequisites/Supporting Material • 40349A: Windows Operating System Fundamentals: MTA Exam 98-349 • 40366A: Networking Fundamentals: MTA Exam 98-366 • 40365A: Windows Server Administration Fundamentals: MTA Exam 98-365 • Exam 98-349: Windows Operating System Fundamentals • Exam 98-366: Networking Fundamentals • Exam 98-365: Windows Server Administration Fundamentals

  6. Module 1 Understanding Security Layers Christopher Chapman | Content PM , Microsoft Thomas Willingham | Content Developer, Microsoft

  7. Module Overview • Core Security Principles • Physical Security

  8. Core Security Principles

  9. Confidentiality, Integrity, Availability (CIA) • Confidentiality • Confidentiality deals with keeping information, networks, and systems secure from unauthorized access. This can be achieved by using encryption, authentication, and access control. • Integrity • Integrity is defined as the consistency, accuracy, and validity of data or information. This can be achieve by using hashing. • Availability • Availability describes a resource being accessible to a user, application, or computer system when required.

  10. Least Privilege, Attack Surface, and Social Engineering • Least Privilege • User, systems, and applications should have no more privilege than necessary to perform their function or job. • Attack Surface • Set of methods and avenues an attacker can use to enter a system and potentially cause damage.  • Social Engineering • Method used to gain access to data, systems, or networks, primarily through misrepresentation. Relies on the trusting nature of the person being attacked.

  11. Risk Management • Responses: • Avoidance • Acceptance • Mitigation • Transfer

  12. Physical Security

  13. Physical Security • First line of defense • Achieve by using access control at different layers • Defense in Depth approach

  14. Defense in Depth

  15. External Perimeter • First line of defense surrounding office • Secured by using: • Security cameras • Parking lot lights • Perimeter fence • Gate with guard • Gate with access badge reader • Guard patrols

  16. Internal Perimeter • Once inside the building • Secured by using: • Locks (on exterior doors, internal doors, office doors, desks, filing cabinets, etc.) • Security cameras • Badge readers (on doors and elevators) • Guard desks and patrols • Smoke detectors • Turnstiles and mantraps

  17. Secure Areas • Specific potion of the building • Secured by using: • Badge readers and Keypads • Biometric technologies (e.g., fingerprint scanners, retinal scanners, voice recognition systems, etc.) • Security doors • X-ray scanners and Metal detectors • Cameras • Intrusion detection systems (light beam, infrared, microwave, and/or ultrasonic)

  18. Device Security • Servers • Locked in data centers (secure area) • Desktops • Secured to desks • Mobile Devices • Docking stations • Laptop security cables • Laptop safes • Theft recovery software • Laptop alarms

  19. Additional Resources & Next Steps www.microsoft.com/learning • Books • Exam 98-367 Security Fundamentals • Exam 98-366: MTA Networking Fundamentals • Exam Ref 70-410: Installing and Configuring Windows Server 2012 • Instructor-Led Courses • 40349A: Windows Operating System Fundamentals: MTA Exam 98-349 • 40366A: Networking Fundamentals: MTA Exam 98-366 • 40365A: Windows Server Administration Fundamentals: MTA Exam 98-365 • 20410C: Installing and Configuring Windows Server 2012 • Exams & Certifications • Exam 98-367: Security Fundamentals • Exam 98-349: Windows Operating System Fundamentals • Exam 98-366: Networking Fundamentals • Exam 98-365: Windows Server Administration Fundamentals • Exam 70-410: Installing and Configuring Windows Server 2012

More Related