McSa/MCSE Self-Paced Training Kit (Exam 70-214): Implementing and Administering Security in a Microsoft Windows 2000 Network: Implementing and Adminis

After reading the Microsoft Press book for the 70-214 exam, I can recommend it as a good start to learning about securing a Windows 2000 network, which covers a lot of territory. Since I am already a MCSE I do not plan on taking the exam but read the book because I am always interested in security books. The book has a lot of content and is loaded with step by step instructions and exercises, so much so that I thought it was mostly a "cook book" and light on the theory and practical experience end. The end of chapter questions were very brief and few in number. However the content covered was thorough and by and large accurate (the statements that ipsec requires certificates and that NT4.0 workstations apply the user configuration part of group policy are wrong). It was nice to see a specific example of how to use secedit and create a few basic script files. Kerberos authentication was nicely explained along with the benefits, and why and how you should upgrade older clients to Active Directory Client to get them up to NTLM 2. There was quite a bit of coverage on pki and setting up cerificate services and great examples of using Web Enrollment to obtain certificates. The usual stuff on managing groups/users, share and ntfs permissions, and user permissions were covered. Vpn explanations were fairly thorough, with especially good explanation of differences between pptp and l2tp. It was nice to find a chapter on wireless security that included a step by step example to setting up a WAP. The section on IIS security does not require you to be a guru at IIS, but gets to the point on how to implement various authentication methods to a website from anonymous to ssl and why and when to use each. Intrusion detection is a basic part of network security and using group policy to enable various types of auditing and using Eventcomb is well covered. There is even a lesson on how to set up and use a honey pot. The often misunderstood IPSEC is explained well enough that you can learn how to implement, create a custom policy, and do some basic troubleshooting. Service packs and hot fixes are an important part to maintaining a secure operating system, and chapter 14 covers how to use various tools like MBSA and Qchain to determine the need for and to effeciently implement these updates. Slipstreaming service packs and using RIS is also well explained. There was a lot for me to like about Implementing and Administering Security, but I felt it was short in a few areas also. It could have used an intro chapter explaining the importance of security and ramifications of lack of to get the reader in the right mindset, but the first page jumps right into group policy. There could have also been an ending "put it all together" summary chapter with general tips/tricks like the top ten security blunders or how to harden a Windows 2000 server like Microsoft has on their website. I saw very little on disabling uneeded services (though the MBSA tool checks for that). Th

Having recently passed the 70-214 exam, which is new from Microsoft, I had used another book for the exam study as this one arrived 2 days before my exam. With the material contained in this book had it arrived earlier I could have used it to study for the exam. Like most MS Press books each topic is broken down into lessons with practice labs to help you learn as you go. The cd included has a 120-day evaluation of Windows 2000 Server and the exercises coincide with the cdrom, which also has exercises on it as well. Looking at the questions on my exam, this book came up a little short with coverage of utils like MBSA, as I several questions on the use of MBSA and there are only a few pages and labs covering the topic. Although the book does a good job on other utils like QChain, HFNetChk and URLScan. As with any book there will areas with more coverage and areas with less coverage, which is why it is important to have multiple sources. There is a great deal of material covered in this book and it does make a nice study tool for the exam. The cd also has a practice test generator which is a nice add-on. Overall I think a few updates are needed and this book makes a great companion with other study material.