MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure: Exam 70-293 Study Guide

Security is one of the most important issues facing network administrators today. Windows Server 2003 contains many features and technologies that can be used to create a more secure networking environment. In this chapter, we ll look at several aspects of creating an effective security framework for an organization s network. First, we ll look at how to plan and implement Active Directory (AD) security. This includes such measures as physically securing domain controllers, securing the schema, managing cross-forest security relationships, account security, and implementing AD access controls.
Next, we ll discuss the issues and procedures involved in planning and implementing wireless security. We ll provide an overview of the terminology and concepts relating to 802.11 wireless technologies, and you ll learn about authenticators and supplicants, as well as how wireless networking works under the hood. We ll discuss authentication methods for wireless networks, including authentication subtypes such as open system and shared key. You ll learn about the protocols generally used for wireless authentication, including the Extensible Authentication Protocol (EAP), EAP-Transport Layer Security (EAP-TLS), EAP-Microsoft Challenge Handshake Authentication Protocol version 2 (EAP-MS-CHAPv2), and the Protected Extensible Authentication Protocol (PEAP). We ll also talk about using Internet Authentication Service (IAS) with wireless. We ll address wireless security issues such as common insecure default settings (administrative password, service set identifier, and Wired Equivalent Privacy settings) and the weaknesses of Wired Equivalent Privacy (WEP) protocol encryption, as well as how WEP can be made more secure.
We ll then move onto discuss security monitoring, and we ll address object-based access control and security...