Chapter 1 Analyzing Business Requirements
Analyze the existing and planned business models
analyze the existing and planned organizational structures
considerations include management model;company organization;vendor,parnter,
and customer relationships;and acquistion plans
analyze factors that influence company strategies
analyze business and security requirement for the end user
analyze the structure of IT management.Considerations include type of
administration ,such as centralized and decentralized;funding model;
outsourcing;decision-making process;and change-management process
analyze the current physical model and information security model.
Chapter 2 Analyzing Technical Requirements
Evaluate the companys existing and planned technical environment
analyze the impact of the security design on the existing and planned
technical enviroment
Chapter 3 Analyzing Security Requirements
Design a security baseline for a windows 2000 network that includes domain
controllers ,operations masters,application servers,file and print servers,
RAS servers,desktop computers,portable computers,and kiosks
identify the required levels of security for each resouce,resources include
printers,files,shares,internet access,and dial-in access
Chapter 4 Designing a windows 2000 Security Solution
Design an audit policy
design a delegation of authority strategy
design the placement and inheritance of security policies for sites ,
domains,and organizational units
design an encrypting file system srategy
design an authentication strategy
design a security group strategy
design a public key infrastructure
design windows 2000 network services security
Chapter 5 Designing a Security Solution for Access between Networks
Provide secure access to public networks from a private network
provide external users with secure access to private network resources
provide secure access between private networks
design windows 2000 security for remote access users
Chapter 6 Designing Security for Communication Channels
Design an SMB-signing solution
design an IPSec solution