Microsoft Certification, Exam MCSE 70-299, Microsoft Mcitp Certification

There are two important and compulsory courses available under the Microsoft mcsa certificate system engineer program. 70-216 exam, implementing and administering a Microsoft Windows 2000 network infrastructure, 70-217 exam, about Implementing and administering a Microsoft Windows 2000 Directory Services Infrastructure, 70-219 exam, designing a Microsoft Windows 2000 directory Services Infrastructure, 70-221 exam, designing a Microsoft Windows 2000 Network Infrastructure, and 70-220 exam for designing Security for a Microsoft Windows 2000 Network, are the exams under MCSE on Microsoft 2000.

The capacity offered under the 70-216 exam are implementing, administering of files and folders, advanced files and folders management, hardware configuration and optimization, events and backup, recovery and installation. Other capacity for example: implementing an active directory installation, replication and DNS, installation and configuration, and security and optimization come under 70-217 exam. Some parts of 70-219 exam are directory services infrastructure and security. Exam 70-220 verifies the candidate's knowledge about security design, communication, network services, PKI and security solution. IP routing, security addressing and naming services come under MCSE 70-216.

Tests for MCSE on Microsoft server 2003 are including: 70-294 for Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 active directory Infrastructure; 70-298 exam has subjects such as Designing Security for a Microsoft Windows Server 2003 Network; exam 70-299, Implementing and Administering Security in a Microsoft Windows Server 2003 network; exam 70-227 is on Installing, configuring, and administering Microsoft Internet Security and Acceleration (ISA) Server 2000, Enterprise Edition; 70-350, Implementing Microsoft Internet MCITP Enterprise Administrator Security and Acceleration (ISA) Server 2004. 70-270 exam, on installing, configuring, and administering Microsoft Windows XP Professional; 70-290 exam verifies the knowledge of managing and maintaining a Microsoft Windows Server 2003 environment; 70-291 exam, for Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure; 70-293 exam for Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure;

No comments

MCSE Certification can bring you recognition in the IT industry. However, getting the certification is not a simple or easy process. There are seven different exams that must be taken in order to certify you as a Microsoft Certified Systems Engineer. Each exam must be passed in order to secure the certification. Once you pass the seven exams, you have the MCSE certification for life, and may even apply it towards future certifications from Microsoft that are eligible.

There are some wonderful study aids that you can use for the exam. One of my favorite is the MCSE Certification for beginners book. Not only does the book cover each exam in mind numbingly explicit detail, but it will also give you practice exams to help check your readiness levels for each exam.

Being a Microsoft Certified Systems Engineer takes a long period of time, but the time spent will be worth the investment. The exam is recommended from Microsoft that people have at least one or two years of experience before they even begin to study for the necessary exams. Finding an entry level job at an IT company can be difficult, but is not impossible. It will give you plenty of information for the exams that you will need to take and the job may even cover the cost of taking the MCSE certification exams.

Training for the MCSE exam is not an impossible task as there are tons of options. There are training sessions online, offline books and courses, MCSE Certification Boot Camp and various self-study options. Each method allows you to train yourself for the MCSE exam.

After you have worked in a job that has given you the experience that is necessary for the certification exams, you will next need to review the materials. The greatest asset for a network engineer is having the level of knowledge that goes beyond what is written in text books and resource materials. Sharing that knowledge with others and from your work experience is essential for your MCSE Certification success.

There is no set period of time you need to wait before taking an exam. You also do not have to wait in between an exam. However, most people getting a Microsoft Certified Systems Engineer certification take around six weeks per exam. Once you have completed all the exams, you will then be certified, and will never have to take a certification exam for the MCSE again.

No comments

Training for a certification can be time intensive if you choose the traditional classroom led route. With technology and training resources constantly transforming and changing, we can now certify without spending every waking minute outside of work studying. Using these resources, which are easily at your disposal, will transform the way we learn and enable us to study more efficiently.

Use computer based training for the MCSE certification or any other certification to learn all you need to pass interactively. The main reason why computer based training is so regularly used is because it allows for interactivity usually in the classroom, but at home! Computer based training over the years has become far more complex and flexible to the person's learning needs - it's like having a personal tutor in interactive form - making it far more accommodating way to learn.

Expand your knowledge even further by understanding the processes behind it all. Accessing this knowledge will further your understanding in the long term, enabling you to certify at a higher level much quicker. Learning the Why's and What's over the facts will do more in the long term for you, but may also help you remember all you need to for the exam. Find out all you can from blogs, including the Microsoft blog, from experts, ebooks and online communities as they are bound to have the knowledge you seek.

Besides using computer based training, you can train for the MCSE at home by going through the questions practically. Actually do what the certification requires you to do, it will help you pass the exam as well as have the necessary practical understanding, which is vital to a job in IT. If you already work in IT, try to make associations between the facts you need to know and the jobs you do. Every time you complete a process, perhaps reiterate the Why's, What's and How's that you need to know for the exams.

Make revising for the MCSE part of your everyday life - don't just go online or use computer based training for a set period, use your smart phone iPhone to research an answer or find out facts for a few minutes in your lunch break. You'll find this relaxed approach may help information go in far easier if you get stressed out about revising.

Use the technology you have at hand to expand your knowledge and pass your MCSE. Training for the MCSE does not necessarily have to be stressful and time consuming, especially if you use technology to aid the learning process.

No comments

If you have been searching for MCSE certification exams then you probably have noticed that there are so many to choose from. So how on earth do you know which one's are going to be the best. Getting the proper training for your MCSE certification exam is the key to passing the exam with flying colors.

There are many online MCSE certification training classes that you can join and this is great if you have limited amount of time due to your current working situation. It's self paced so you have to be sure that you are conditioned enough to study the right amount of time in order to gain the necessary knowledge that you will need in order to pass the MCSE exams.

I suggest that if you have the time that you should take the classes at one of the local schools in your area. Classroom training is the best way to learn all of the information. I understand that this may not always be an option, but if you can find a way to make it work then you should. A teacher will be there to help you in area's that you need help with. There is a lot of information that you are going to need to know and it's not always so easy to remember or understand.

After you have completed your MCSE training you will be ready to take your MCSE certification exams. These exams will be announced directly through Microsoft, but you can also find out about them in other ways as well.

Once you have passed your MCSE certification exam you will have your certificate and you that is your proof that you have the knowledge to do the job of a MCSE. You should be proud of yourself, and now you will have many other opportunities available to you. There are plenty of other things that you can do to increase your income such as taking another course to get certified in many other IT careers.

The IT profession is ever changing and there is always new things coming out and there is always going to be many different opportunities within this field and by understanding this and progressing even further by advancing your career you will be offering yourself more pay and much more stability in your life.

No comments

Is MCSE Exam hard to pass? Which is the most difficult part of it? As for a candidate, there are many questions keep spinning in their head, that make them feel so pain. Here, I will post something about MCSE, and hope it will help you to weaken your pain. MCSE certification course is a part of MCP courses related to various technologies and products of the Microsoft company. MCSE is an acronym for Microsoft Certified System Engineer. Holding this certificate certifies that the individual is a Microsoft certified professional in the field of system engineering. MCSE Practice Exams are a means to clear the actual MCSE exams successfully. Their need arose because of Microsofts policy to allow aspirants to appear only once for any certification course conducted by them.

The key aspects that these MCSE practice tests cover includes installing, configuring and administering the Windows Server 2000 and 2003, implementing network infrastructure for them, implementing and administering directory infrastructure for Windows2000 and 2003 servers, installing windows systems, designing the directory structure, designing securities and managing the network environment.

The MCSE practice exam covers all the aspects of the real MCSE exam. The benefit of appearing for a practice test before the actual MCSE exam is that they help an individual to know about those areas where he has to further work up on to improve his knowledge. According to the rules and regulations for appearing in the MCSE exam test or any other exam for the Microsoft certification test, the candidate is eligible to appear in the particular exam only once. After that the candidate can never reappear for the exam.

Candidates can join intensive training programs for MCSE exam. However, it is important for the candidate to keep a tab up on his or her ability to clear the exam in one attempt. For that, he or she can opt for a practice test. These practice tests are even more difficult and typical than actual papers. This is done in order to prepare the candidate for the toughest situations that he or she could face during the real exam paper.There are certain MCSE practice exam in the market that give a chance to the candidate to know where they stand the real test. A+ certification test is one such test that a candidate can opt for.

Success comes with a careful planning and practice. The first step is to choose the Microsoft certification course of choice. Then before enrolling for any type of training, it is important to get some hands on experience on the technology in which you have chosen to get the certificate. If you find it alright, only then you should go for some training program. After completing the training program, you should look forward to the practice exam in order to get a feel of the actual exam pattern. And then finally go for the actual exam. Whether MCSE Practice Exam or any other practice exam for a different certification course, the planning should go on in similar ways so that you can achieve success in these examinations.

No comments

What kind of job is people's favourite? In the world of technology people prefer being a Microsoft Certified Systems Engineer or MCSE. MCSE enhances the position in an organization along with quick rise in the salary.

MCSE is a certification which increases one's confidence and knowledge and of course dedication to the information technology field. MCSE certification makes a tremendous difference in how a person is viewed in an organization. MCSE certification provides many benefits like access to technical and product information can be received directly from Microsoft along with invitation to conferences, technical training sessions and participation in special events for the individuals who earn MCSE certification from Microsoft. These individuals also have free access to Microsoft certified professional magazine, which is a career and professional development magazine.

MCSE enables to learn various skills a person would require to have. To name a few an MCSE certification teaches how to install Windows XP professional, implement and administer its resources. It also helps to monitor and troubleshoot hardware devices and driver to optimize system's performance. It gives an extended help to configure and troubleshoot desktop environment, implement, manage and troubleshoot network protocols and services as well as configure, manage and troubleshoot security.

MCSE certification also includes how to manage and maintain physical and logical devices, user's computers and groups, a server environment and access to resources as well as managing and implementing disaster recovery. It also gives an overview to implement and maintain IP addressing, name resolution, network security, routing and remote access and network infrastructure. MCSE professionals are also able to implement, manage and troubleshoot security policies. Thus MCSE certification provides and an added advantage to the professionals.

MCSE professionals also come to know about patch management, infrastructure, and security for network communications, authentications and authorization. They are also able to plan, implement and maintain server roles along with server security network infrastructure, routing and remote access and server availability.

To be an MCSE professional one should have at least one year of experience in implementing and administering a network operating system in an environment with 200 to 25000 users and five to two hundred physical locations. The environment should also provide for typical network services and applications such as messaging, database, and dial-in server, desktop management. It should have facility for web hosting and firewall or proxy server along with a connection of corporate networks to the Internet and individual offices. It should also have remote location users to the corporate office network.

In a nutshell it is for those who install, configure or troubleshoot network systems in medium to large organizations. Mainly system engineers, technical support engineers, system and network analysts prefer to have MCSE certification. This certification is one of the most coveted degrees amongst the ITprofessionals. Of course, I don't know what they are thinking about in their deep hearts, maybe some of them prefer a doctor or something, and how do you think about this?

No comments

Implementing and Administering Security in a Microsoft Windows Server 2003 Network Skills measured by exam 70-299

Implementing, Managing, and Troubleshooting Security Policies 
Plan security templates based on computer role. Computer roles include SQL Server computer, Microsoft Exchange Server computer, domain controller, Internet Authentication Service (IAS) server, and Internet Information Services (IIS) server.
*Configure security templates.
*Configure registry and file system permissions.
*Configure account policies.
*Configure .pol files.
*Configure audit policies.
*Configure user rights assignment.
*Configure security options.
*Configure system services.
*Configure restricted groups.
*Configure event logs.
 
Deploy security templates.
*Plan the deployment of security templates.
*Deploy security templates by using Active Directory-based Group Policy objects (GPOs).
*Deploy security templates by using command-line tools and scripting.
 
Troubleshoot security template problems.
*Troubleshoot security templates in a mixed operating system environment.
*Troubleshoot security policy inheritance.
*Troubleshoot removal of security template settings.
 
Configure additional security based on computer roles. Server computer roles include SQL Server computer, Exchange Server computer, domain controller, Internet Authentication Service (IAS) server, and Internet Information Services (IIS) server. Client computer roles include desktop, portable, and kiosk.
*Plan and configure security settings.
*Plan network zones for computer roles.
*Plan and configure software restriction policies.
*Plan security for infrastructure services. Services include DHCP and DNS.
*Plan and configure auditing and logging for a computer role. Considerations include Windows  Events, Internet Information Services (IIS), firewall log files, Netlog, and RAS log files.
*Analyze security configuration. Tools include Microsoft Baseline Security Analyzer (MBSA),  the MBSA command-line tool, and Security Configuration and Analysis.
 
Implementing, Managing, and Troubleshooting Patch Management Infrastructure 
Plan the deployment of service packs and hotfixes.
*Evaluate the applicability of service packs and hotfixes.
*Test the compatibility of service packs and hotfixes for existing applications.
*Plan patch deployment environments for both the pilot and production phases.
*Plan the batch deployment of multiple hotfixes.
*Plan rollback strategy.
 
Assess the current status of service packs and hotfixes. Tools include MBSA and the MBSA command-line tool.
*Assess current patch levels by using the MBSA GUI tool.
*Assess current patch levels by using the MBSA command-line tool with scripted solutions.
 
Deploy service packs and hotfixes.
*Deploy service packs and hotfixes on new servers and client computers. Considerations  include slipstreaming, custom scripts, and isolated installation or test networks.
*Deploy service packs and hotfixes on existing servers and client computers.
 
Implementing, Managing, and Troubleshooting Security for Network Communications 
Plan IPSec deployment.
*Decide which IPSec mode to use.
*Plan authentication methods for IPSec.
*Test the functionality of existing applications and services.
 
Configure IPSec policies to secure communication between networks and hosts. Hosts include domain controllers, Internet Web servers, databases, e-mail servers, and client computers.
*Configure IPSec authentication.
*Configure appropriate encryption levels. Considerations include the selection of perfect   forward secrecy (PFS) and key lifetimes.
*Configure the appropriate IPSec protocol. Protocols include Authentication Header (AH) and  Encapsulating Security Payload (ESP).
*Configure IPSec inbound and outbound filters and filter actions.
 
Deploy and manage IPSec policies.
*Deploy IPSec policies by using Local policy objects or Group Policy objects (GPOs).
*Deploy IPSec policies by using commands and scripts. Tools include IPSecPol and NetSh.
*Deploy IPSec certificates. Considerations include deployment of certificates and renewing   certificates on managed and unmanaged client computers.
 
Troubleshoot IPSec.
*Monitor IPSec policies by using IP Security Monitor.
*Configure IPSec logging. Considerations include Oakley logs and IPSec driver logging.
*Troubleshoot IPSec across networks. Considerations include network address translation,  port  filters, protocol filters, firewalls, and routers.
*Troubleshoot IPSec certificates. Considerations include enterprise trust policies and   certificate revocation list (CRL) checking.
 
Plan and implement security for wireless networks.
*Plan the authentication methods for a wireless network.
*Plan the encryption methods for a wireless network.
*Plan wireless access policies.
*Configure wireless encryption.
*Install and configure wireless support for client computers.
 
Deploy, manage, and configure SSL certificates, including uses for HTTPS, LDAPS, and wireless networks. Considerations include renewing certificates and obtaining self-issued certificates instead of publicly issued certificates.
*Obtain self-issued certificates and publicly issued certificates.
*Install certificates for SSL.
*Renew certificates.
*Configure SSL to secure communication channels. Communication channels include client  computer to Web server, Web server to SQL Server computer, client computer to Active  Directory domain controller, and e-mail server to client computer.
 
Configure security for remote access users.
*Configure authentication for secure remote access. Authentication types include PAP, CHAP,  MS-CHAP, MS-CHAP v2, EAP-MD5, EAP-TLS, and multifactor authentication that combines smart  cards and EAP.
*Configure and troubleshoot virtual private network (VPN) protocols. Considerations include  Internet service provider (ISP), client operating system, network address translation  devices, Routing and Remote Access servers, and firewall servers.
*Manage client configuration for remote access security. Tools include remote access policy  and the Connection Manager Administration Kit.
 
Planning, Configuring, and Troubleshooting Authentication, Authorization, and PKI 
*Plan and configure authentication.
*Plan, configure, and troubleshoot trust relationships.
*Plan and configure authentication protocols.
*Plan and configure multifactor authentication.
*Plan and configure authentication for Web users.
*Plan and configure delegated authentication.
 
Plan group structure.
*Decide which types of groups to use.
*Plan security group scope.
*Plan nested group structure.
 
Plan and configure authorization.
*Configure access control lists (ACLs).
*Plan and troubleshoot the assignment of user rights.
*Plan requirements for digital signatures.
 
*Install, manage, and configure Certificate Services.
*Install and configure root, intermediate, and issuing certification authorities (CAs). *Considerations include renewals and hierarchy.
*Configure certificate templates.
*Configure, manage, and troubleshoot the publication of certificate revocation lists (CRLs).
*Configure archival and recovery of keys.
*Deploy and revoke certificates to users, computers, and CAs.
*Backup and restore the CA.

No comments

You'll need experience with PKI, permissions, patch management, and troubleshooting under Windows 2003 before tackling this security exam.
The latest exam to come from Microsoft is aimed at administrators who deal daily with maintaining security, and it requires specific knowledge and hands-on experience with Windows Server 2003 PKI, permissions, patch management, and troubleshooting. If you're familiar with Exam 70-214, Implementing and Administering Security in a Windows 2000 Network, consider 299 an update of that exam.

In this review, I help you prepare by covering some of the objectives as listed in the exam preparation guide.

Implementing,Managing, and Troubleshooting Security Policies
Topics under this objective range from configuring, deploying, and troubleshooting security templates to configuring permissions and security settings on desktop and server computers.

The rule of thumb: Disable unnecessary services. This closes the listening network port and reduces the attack surface of a computer. Windows Server 2003 has many new security templates and security settings beyond those found in Windows 2000 Server--somewhere close to 600 additional settings. And with the release of SP1 due out this year, security configuration choices of servers will not only become more powerful but also more complex.

Group Policy Objects are where it's at. For almost any size of Windows network, if you have deployed Active Directory, the killer feature is GPO. Security templates are a quick and easy way of securing computers in the domain with common configuration settings. When studying the Products and Technologies link; Windows Server 2003 at the Security Guidance Center, pay particular attention to the different requirements for securing domain controllers, IAS servers, Exchange servers, SQL servers, and IIS servers.

Using GPOs, you can configure desktop and client computers for permissions. One common method among Windows administrators is to assign a user local administrator access to their desktop computer. This allows users to install software and change system settings, but this method can sometimes bite you in the butt!

Windows Server 2003 security templates now include software restriction policies which are a smarter method of allowing users to install and run tested and approved software on their desktop. SRPs are a collection of policies that define what software can run based on group policy security levels. Exceptions can be created based on the hash rule types; certificates, paths, registries, and even Internet Explorer zones.

Administering Security (70-299)
Reviewer's Rating
This exam is an update of the Windows 2000 exam 70-214 and will test your knowledge of Windows Server 2003 PKI, permissions, patch management, and troubleshooting.

Exam Title
70-299: Implementing and Administering Security in a Windows Server 2003 Network

Who Should Take It
Candidates for MCSA or MCSE on Windows Server 2003

Course
2823: Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Exam Objectives
http://www.microsoft.com/traincert/exams/70-299.asp

Tip: Only one password policy using Group Policy Objects can be configured per domain.

Gpupdate replaces Secedit /refreshpolicy in Windows Server 2003. Gpupdate can be used to force group policy settings for immediate compliance and recover a computer with incorrect settings applied. To troubleshoot a computer that has been locked down incorrectly to the point of where you can't log on with the domain administrator account, restart the computer in Safe Mode, log on as the local administrator, run gpupdate, restart the computer in normal mode, and then log on normally.

Tip: Group policy loopback processing mode can be used to override user-based settings on a computer with a computer policy.

Secedit at the command line, and the Security Configuration and Analysis snap-in can be used in Windows Server 2003 to analyze, configure, and validate computer security configuration settings.

Implementing, Managing, and Troubleshooting Patch Management Infrastructure
Topics included: planning the deployment of service packs and hotfixes, verifying with MBSA, to SUS deployment and administration. This is certainly a hot topic for many of us: patch management. Unless you're an administrator who has been hiding in a server closet for the past 24 months, you've no doubt had your challenges with patch management — a nightmare if not done correctly. Patch management is one of the key aspects of securing a network.

In the exam world — which can be completely different from the real world- patch management of Windows computers must be done with Microsoft's free tools: the Microsoft Baseline Security Analyzer and Software Update Services. MBSA is a network-based scanning tool that runs on Windows 2000, XP, and 2003 operating systems; it looks for missing patches and security updates on all flavors of Windows down to Windows NT 4.0. It also supports scanning of IIS, SQL, and Exchange servers. MBSA comes in both a GUI wizard version and a command line version called mbsacli.exe.

Windows Update is a client-side scanning tool that can check for installed and missing patches and service updates against the Windows Update web site or a locally installed SUS server. And along with Automatic Updates, Windows computers can be configured to download and install patches and service packs at scheduled intervals. Server and client computers can be configured to connect to and scan for available updates from SUS servers using Group Policy, SMS (Systems Management Server) with the SUS Feature Pack, or logon scripts if Active Directory has not been deployed. If users aren't granted local administrator level access to their desktop, Automatic Updates can be configured for a scheduled date and time to install the updates and restart the computer automatically.

SUS servers deployed within a network allow administrators to collect, approve and distribute critical updates for server and client computers. SUS parent servers can be configured to synchronize with the Microsoft Windows Update Web site and pass updates to child SUS servers, which, in turn, distribute the updates to the server and client computers on the network.

Tip: For failed deployments of patches or service packs with SUS, you must cancel approval of the update on the SUS server to prevent further installations.

Implementing, Managing, and Troubleshooting Security for Network Communications
Most of the topics here center on IPSec for securing network data. You'll also find a sprinkle of data security as it relates to wireless, SSL and remote access networks. My exam seemed to include many questions regarding IPSec authentication headers! I'll briefly cover each of the network data security protocols and methods.

IPSec is a rule-based security protocol that protects data traffic. It uses on-demand authentication and encryption between two end points. IPSec packets are signed with certificates, verified, encrypted and decrypted at the OSI network layer, making the process transparent to upper layer protocols. L2TP and IPSec can be used to create VPNs. IPSec can be used in two modes; AH (Authentication Header) and ESP (Encapsulating Security Payload). AH packets can be routed without loss or change to the header signature. ESP packets can use either DES (Data Encryption Standard) or 3DES in the Transport or Tunnel modes. In Transport mode, ESP encrypts the entire data packet with the exception of the header. In Tunnel mode, ESP encrypts the entire packet for VPN connections. Using AH and ESP together provides the most secure data transmission.

AH can be implemented using Kerberos, certificates, or preshared keys! IPSec is a wide-ranging protocol and includes many small details. Be sure and study it and IPSec policies thoroughly prior to the exam.

Tip: IPSec traffic cannot pass through older NAT servers.

SSL (Secure Sockets Layer) and TLS (Transport Level Security) both use public key and symmetric key encryption for TCP-based communications. They provide session encryption and integrity, and server authentication. This prevents eavesdropping, tempering, and message forging. Both SSL and TLS require digital certificates! SSL and TLS can be used to secure web, email, news, and FTP traffic.

PPTP over TCP/IP can be used to secure upper layer protocol traffic between clients and servers for such things as VPNs. It uses either PAP (Password Authentication Protocol) or MS-CHAP (Microsoft Challenge Handshake Authentication Protocol) for the exchange process of credentials. PPTP traffic can pass through all NAT servers, but PPTP does not provide for data integrity.

SMB (Server Message Block) signing can be used to secure client-to-server file sharing traffic on a Windows network. SMB signing can be enabled using GPOs and uses a method of digital signing and a keyed hash to protect the integrity of each SMB packet.

WEP (Wired Equivalent Privacy) is used to secure wireless data traffic between wireless clients and access points connected to a wired network.

Remote client traffic can be secured using various methods and protocols. PPTP and IPSec/L2TP to create a VPN connection are becoming the most widely used.

EAP-TLS (for Extensible Authentication Protocol-Transport Level Security) is the most secure remote access method and protocol. Because of its support for two-factor authentication with the use of smart cards or USB keys, and certificates, it meets all the requirements of message and data CIA (Confidentiality Integrity Authentication).

Tip: If the network includes smart cards and certificate services is present to issue both user and computer certificates, use EAP-TLS for the most security.

For the exam you'll also need to be familiar with CMAK (Connection Manager Administration Kit), a tool for managing remote connections and remote access policies. CMAK allows administrators to pre-configure remote access clients, add custom behavior and appearance and provide an updateable phonebook that users can turn to and find the most convenient dial-up access numbers. When gaining that all-important hands-on experience for this exam, be sure to load up CMAK and create a profile or two.

Familiarity with Microsoft's Internet Security and Acceleration server is also a must for this exam. ISA server provides perimeter firewall services, proxy caching services, policy-based access control, secure web publishing, and intrusion detection services.

Tip: Client computers may need to install the ISA server firewall client to access the internal or external network.

Planning, Configuring, and Troubleshooting Authentication, Authorization, and PKI
This objective includes topics such as authentication, authorization, security groups, and certificate services. Know your group types, distribution and security, scopes; universal, domain local, global, local, and the recommended group strategy; A-G-DL-P Accounts get placed into Global groups which get placed into Domain Local groups which are assigned Permissions.

Tip: Group nesting is supported when a domain is at functional level Windows 2000 native or higher.

The special group type, Self, represents the permissions assigned to the ACE (Access Control Entry) of a user, group, or computer and is a placeholder for that security principal.

Trust relationships are something you should be familiar with at this point in your MCSA/MCSE studies. Remember that an external trust can be used to connect to a domain in another forest, and a shortcut trust is used to speed authentication between domains — they are both one way trusts! Forest-level trusts can be set up between Windows Server 2003 forests.

Certificate services-related questions are present on many of the Windows 2003 MCSA and MCSE exams. If this exam is your first exposure to Microsoft certification, you'll need to study everything about certificate services to pass. Configuring, deploying, revoking, and managing user and computer certificates is necessary for many of the security-related technologies discussed thus far. A digital certificate verifies the identity of a user, computer, or program. It contains information about the issuer and subject and is signed by the CA. Certificate templates define the format and content for the certificate's intended use. Only enterprise CAs can issue certificates based on certificate templates! Certificate templates can be issued for a variety of reasons; web servers, email, EFS (Encrypting File System), smart cards, remote access, and IPSec to name just a few.

Certificate deployment can be handled using various methods such as autoenrollment, enrollment agents, and Web-based enrollment. Web-based is a popular method, whereby the user connects to the CA and requests a certificate, relies on the CA administrator to approve the request, then installs the certificate on the computer. Autoenrollment can be controlled using GPOs for computers running Windows 2000, XP, and 2003. This type of certificate can be used for smart card logon, EFS, and IPSec authentication.

Certificate revoking is performed by the CA administrator when a certificate is compromised. The Certificate Revocation List (CRL) is published to the network. Certificates can be lost due to a deleted user profile, reinstallation of the user's operating system, a corrupted disk, or a stolen computer. Data Recovery Agents can be used to decrypt EFS data originally encrypted by a user's missing certificate. DRAs aren't necessary in Windows Server 2003 due to the newer Key Recovery Agents. KRAs can retrieve the original certificate along with the private and public keys. Certificates can also be exported for safe keeping and to prevent loss using Microsoft Outlook, Internet Explorer, the certificates console, or using the command line utility Certutil.exe.

10 Things to Practice
1. Explore and configure account and password policy settings for the domain GPO on your network.
2. Configure a Windows 2003 server to act as a VPN server and explore the various connection protocols supported.
3. Download, install, and configure MBSA on your test network.
4. Explore the various certificate templates and practice importing one using the Security Configuration and Analysis snap-in to compare against your existing security settings.
5. Install, configure, and enroll workstations using certificate services.
6. Install CMAK and create a profile or two.
7. Enable the three types of IPSec policies (client respond, request security, and require security) between two networked computers and observe the results.
8. Install and configure an SUS server on your test network--download updates and approve them for workstations.
9. Create a couple of SRPs using hash, path, and certificates. Apply them.
10. Configure GPOs to secure the various server roles in a Windows network: DCs, Member Servers, Workstations, Exchange, IIS, and IAS.

No comments

As all of us know well that Microsoft is one of the leading vendor in both system software and applications software. It develops, manufactures wide range of software applications for computers usage. Microsoft is well known in developing Microsoft windows operating system and Microsoft Office Operating System. Its headquarters is in Redmond, Washington, USA and it was founded in 1980s to develop and sell basic applications for Attair 8800 with a mission “computer on every desk and in every home with Microsoft software”. Its founders were Bill Gates and Paul Allen.
What is MCSE Certification?

MCSE stands for Microsoft Certified System Engineer which is one of the most popular certification offered by Microsoft along with MCSA and MCSD.

Having MCSE certification is a proof for your expertise in installing, managing and troubleshooting infrastructure for business solutions based on Microsoft Windows 2000 Server platform and Windows Server System.

MCSE Syllabus:

To get MCSE you must pass 7 exams.

· Four core exams on networking systems

· One core exam on client operating system

· One Core design exam

· One elective exam

Four Core Exams on Networking Systems (All Necessary)

Exam 70-290 (Managing and Maintaining a Windows Server 2003 Environment)
Exam 70-291 (Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure).
Exam 70-293 (Planning and Maintaining a Windows Server 2003 Network Infrastructure)
Exam 70-294 (Planning, Implementing, and Maintaining a Windows Server 2003 Active Directory Infrastructure)

One Core Exam on Client Operating System (choose one)

Exam 70-620 (Windows Vista, Configuring)
Exam 70-270 (Installing, Configuring, and Administering Windows XP Professional)
Exam 70-210 (Installing, Configuring, and Administering Microsoft Windows 2000 Professional)
One Core Design Exam (choose one)

Exam 70-297 (Designing a Windows Server 2003 Active Directory and Network Infrastructure)
Exam 70-298(Designing Security for a Windows Server 2003 Network)

One Elective Exam (choose one)

70-086 Exam (Implementing and Supporting Microsoft Systems Management Server 2.0)
70-089 Exam (Planning, Deploying, and Managing Microsoft Systems Management Server 2003)
70-227 Exam (Installing, Configuring, and Administering Microsoft Internet Security and Acceleration (ISA) Server 2000, Enterprise Edition)
70-228 Exam (Installing, Configuring, and Administering Microsoft SQL Server 2000 Enterprise Edition)
70-229 Exam (Designing and Implementing Databases with Microsoft SQL Server 2000 Enterprise Edition)
70-235 Exam (Developing Business Process and Integration Solutions Using Microsoft BizTalk Server)
70-236 Exam (Microsoft Exchange Server 2007, Configuring)
70-262 Exam (Microsoft Office Live Communications Server 2005 – Implementing, Managing, and Troubleshooting)
70-281 Exam (Planning, Deploying, and Managing an Enterprise Project Management Solution)
70-282 Exam (Designing, Deploying, and Managing a Network Solution for a Small- and Medium-Sized Business)
70-284 Exam (Implementing and Managing Microsoft Exchange Server 2003)
70-285 Exam (Designing a Microsoft Exchange Server 2003 Organization)
70-297 Exam (Designing a Windows Server 2003 Active Directory and Network Infrastructure)
70-298 Exam (Designing Security for a Windows Server 2003 Network)
70-299 Exam (Implementing and Administering Security in a Windows Server 2003 Network)
70-301 Exam (Managing, Organizing, and Delivering IT Projects by Using Microsoft Solutions Framework 3.0)
70-350 Exam (Implementing Microsoft Internet Security and Acceleration (ISA) Server 2004)
70-351 Exam (Microsoft Internet Security and Acceleration (ISA) Server 2006, Configuring)
70-400 Exam (Microsoft System Center Operations Manager 2007, Configuring)
70-401 Exam (Microsoft System Center Configuration Manager 2007, Configuring)
70-431 Exam (Microsoft SQL Server 2005 – Implementation and Maintenance)
70-445 Exam (Microsoft SQL Server 2005 Business Intelligence – Implementation and Maintenance)
70-500 Exam (Microsoft Windows Mobile Designing, Implementing, and Managing)
70-557 Exam (Microsoft Forefront Client and Server, Configuration)
70-620 Exam (Windows Vista, Configuring)
70-624 Exam (Deploying and Maintaining Windows Vista Client and 2007 Microsoft Office System Desktops)
70-630 Exam (Microsoft Office SharePoint Server 2007, Configuring)
70-631 Exam (Windows SharePoint Services 3.0, Configuring)
70-638 Exam (Microsoft Office Communications Server 2007, Configuring)
70-649

MCSE Benefits:

After becoming certified you may stands out with employers with your credential proof to get job in IT industry worldwide. MCSE engineer can earn from $55,000 to 90,000 per annum in USA and also MCSE certified has great respect in IT industry because of being well qualified and sound knowledge with skills. Also there are some other benefits to MCSE certified like 50% discount on TechNet during 5 years of certification, discount on products and services from selected organizations as well.

MCSE Training Resources

For any type of learning Internet is your best partner. However you may find Microsoft training material online for any Microsoft certification training. You may download authentic material here prepared by experienced and certified IT experts.

MCSE industry value?

Microsoft Windows Server strength in market these days shows the demand of related IT expertise and it clearly shows demands for years to come. MCSE certification is necessary for both business owners and employees. If you are hiring manager, team member then you should have good related knowledge. MCSE credential is a proof to show your ability to analyze the business needs for information system solutions along with designing and implementing infrastructure based on Windows Server 2003.

What is MCSE Certified Salary?

As I have mentioned above that MCSE Certified can earn from $55,000 to 90,000 per annum.

What are the prerequisites?

There are not prerequisites for MCSE certification at all. You just need little experience of using computer which I think every already got.

No comments

To learn how to go about applying and administering security in a Microsoft Windows Server 2003 Network, Microsoft has arisen with the 70-299 Exam. This exam is obtainable in a diversity of languages including English, French, German, Japanese, Spanish, and still a simplified version of Chinese. Like mainly other Microsoft exams, this one is also geared towards as long as core credits for a Microsoft certification, which in this container is MCSA OR Microsoft Certified System Administrator. Microsoft has a assortment of certifications for beginners and IT professionals, two of the most well-known being MCSA 2003 Certification and MCSE 2003 Certification or Microsoft Certified Systems Engineer.Each certification has a set of exams linked with it, and when a person clears all these exams, he/she gets the documentation.

This 70-299 Exam provides the applicant with a MCP Certification or Microsoft Certified Professional position after clearing it. It also provides with core credits for MCSA, and
MCSE: Security on Microsoft Windows Server 2003. Moreover, it also gives not obligator credits for MCSA, and MCSE on Microsoft Windows Server 2003. There is a diversity of technical tasks that you need to identify in order to clear this demanding exam. Thus, the skills measured comprise implementing, managing and troubleshooting security policies; implementing, managing and troubleshooting scrap management infrastructure; implementing, managing and troubleshooting security for networkcommunications;and preparation,onfiguring and troubleshooting authentication, authorization and PKI. All Microsoft exams are fairly challenging to clear, and the 70-299 one is not dissimilar.Microsoft recommends that people have thorough hypothetical as well as practical information with hands- on experience and practice.

There is classroom training on hand for the exam along with a variety of online possessions that candidates appearing for the exam can access. Apart from these, there are various other kinds of preparation equipment too that one can easily find in the marketplace.The Microsoft 70-299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network exam is one of the more difficult of the core exams for the Microsoft Certified Systems Engineer (MCSE) certifications based on Windows Server 2003. This Microsoft 70-299 exam measures the skills related to planning, implementing, and maintaining security in medium to very large network environments based on the Windows Server 2003 operating system.  This Microsoft 70-299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network exam is intended for MCSE candidates who work in medium to very large computing environments supporting 250 to more than 5000 users and use Windows Server 2003 as its network operating system and Windows XP Professional or Windows 2000 Server Professional on its client computers.

The Microsoft 70-299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network exam tests a candidates ability to plan, implement, and maintain security in a Windows Server 2003 network in medium to very large network environments. It is advised that you have a minimum of six to twelve months experience in administering clients and network operating systems in medium to very large corporations.  There are no prerequisites for the Microsoft 70-299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network exam.  Once you pass the Microsoft 70-299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network exam the candidate will achieve Microsoft Certified Professional (MCP) status if it is the first MCSE Certification that you pass.

No comments