M2150: Designing a Secure Microsoft Windows 2000 Network

5 Day Course
Official Microsoft Curriculum
Code M2150

This course has been retired. Please view currently available Microsoft Windows 2000 Training Courses.


Hide all

Assessing Security Risks (5 topics)

  • Identifying Risks to Data
  • Identifying Risks to Services
  • Identifying Potential Threats
  • Introducing Common Security Standards
  • Planning Network Security

Introducing Windows 2000 Security (6 topics)

  • Introducing Security Features in Active Directory
  • Authenticating User Accounts
  • Securing Access to Resources
  • Introducing Encryption Technologies
  • Encrypting Stored and Transmitted Data
  • Introducing Public Key Infrastructure Technology

Planning Administrative Access (6 topics)

  • Determining the Appropriate Administrative Model
  • Designing Administrative Group Strategies
  • Planning Local Administrative Access
  • Planning Remote Administrative Access
  • Lab
  • Planning Secure Administrative Access

Planning User Accounts (6 topics)

  • Designing Account Policies and Group Policy
  • Planning Account Creation and Location
  • Planning Delegation of Authority
  • Auditing User Account Actions
  • Lab
  • Planning a Security-based OU Structure

Securing Windows 2000–Based Computers (8 topics)

  • Planning Physical Security for Windows 2000-based Computers
  • Evaluating Security Requirements
  • Designing Security Configuration Templates
  • Evaluating Security Configuration
  • Deploying Security Configuration Templates
  • Labs
  • Analysing a Security Template
  • Designing Customised Security Templates

Securing File and Print Resources (9 topics)

  • Examining Windows 2000 File System Security
  • Protecting Resources Using DACLs
  • Encrypting Data Using EFS
  • Auditing Resource Access
  • Securing Backup and Restore Procedures
  • Protecting Data from Viruses
  • Labs
  • Managing EFS Recovery Keys
  • Planning Data Security

Securing Communication Channels (6 topics)

  • Assessing Network Data Visibility Risks
  • Designing Application-Layer Security
  • Designing IP-Layer Security
  • Deploying Network Traffic Encryption
  • Lab
  • Planning Transmission Security

Providing Secure Access to Non-Microsoft Clients (7 topics)

  • Providing Secure Network Access to UNIX Clients
  • Providing Secure Network Access to NetWare Clients
  • Providing Secure Access to Macintosh Clients
  • Securing Network Services in a Heterogeneous Network
  • Monitoring for Security Breaches
  • Lab
  • Securing Telnet Transmissions

Providing Secure Access to Remote Users (6 topics)

  • Identifying the Risks of Providing Remote Access
  • Designing Security for Dial-Up Connections
  • Designing Security for VPN Connections
  • Centralising Remote Access Security Settings
  • Lab
  • Using RADIUS Authentication

Providing Secure Access to Remote Offices (6 topics)

  • Defining Private and Public Networks
  • Securing Connections Using Routers
  • Securing VPN Connections Between Remote Offices
  • Identifying Security Requirements
  • Labs
  • Planning Secure Connections for Remote Offices

Providing Secure Network Access to Internet Users (6 topics)

  • Identifying Potential Risks from the Internet
  • Using Firewalls to Protect Network Resources
  • Using Screened Subnets to Protect Network Resources
  • Securing Public Access to a Screened Subnet
  • Lab
  • Designing a Screened Subnet

Providing Secure Internet Access to Network Users (6 topics)

  • Protecting Internal Network Resources
  • Planning Internet Usage Policies
  • Managing Internet Access Through Proxy Server Configuration
  • Managing Internet Access Through Client-Side Configuration
  • Lab
  • Securing the Internal Network When Accessing the Internet

Extending the Network to Partner Organizations (7 topics)

  • Providing Access to Partner Organizations
  • Securing Applications Used by Partners
  • Securing Connections Used by Remote Partners
  • Structuring Active Directory to Manage Partner Accounts
  • Authenticating Partners from Trusted Domains
  • Lab
  • Planning Partner Connectivity

Designing a Public Key Infrastructure (9 topics)

  • Introducing a Public Key Infrastructure
  • Using Certificates
  • Examining the Certificate Life Cycle
  • Choosing a Certification Authority
  • Planning a Certification Authority Hierarchy
  • Mapping Certificates to User Accounts
  • Managing CA Maintenance Strategies
  • Lab
  • Using Certificate-based Authentication

Developing a Security Plan (5 topics)

  • Designing a Security Plan
  • Defining Security Requirements
  • Maintaining the Security Plan
  • Lab
  • Developing a Security Plan


Students should have: -Attended course MS1560: Updating Support Skills from Microsoft Windows NT 4.0 to Microsoft Windows 2000, or, - Attended course MS2154: Implementing and Administering Microsoft Windows 2000 Directory Services, or, - Have equivalent skills and knowledge

Course PDF