Guide to MCSE 70-290, Enhanced 1

Activity 14-1: Browsing Security Templates

• Objective: To become familiar with built-in security templates

• Start Run type mmc OK File Add/Remove Snap-in Add

• Locate and view the available templates as directed

• Browse through the available templates and the specific policies associated with them

Guide to MCSE 70-290, Enhanced 2

Activity 14-2: Creating a Security Template

• Objective: to explore the creation of a custom security template

• Open a New Template from the MMC Security Templates snap-in as directed

• Configure settings for the new template as specified

• Save the template• View the template file

Guide to MCSE 70-290, Enhanced 3

Activity 14-2: Creating a Security Template (continued)

Guide to MCSE 70-290, Enhanced 4

Activity 14-3: Applying Security Template Settings to

Group Policy Objects• Objective: to use Group Policy to deploy security

template settings• Start Administrative Tools Active Directory

Users and Computers• Open the Default Domain Policy from the

Properties of the domain• Import the previously created template as directed• Verify settings

Guide to MCSE 70-290, Enhanced 5

Activity 14-4: Analyzing Security Settings Using Security

Configuration and Analysis• Objective: To use the Security Configuration and

Analysis snap-in to compare current configuration with security template settings

• Open the Security Configuration and Analysis snap-in as directed and open a new database

• Import the hisecdc.inf template for comparison• Perform the analysis• Review and compare the settings as directed

Guide to MCSE 70-290, Enhanced 6

Activity 14-4 (continued)

Guide to MCSE 70-290, Enhanced 7

Activity 14-5: Exploring Default Auditing Settings

• Objective: to explore the auditing settings of the default domain controller GPO

• Open the Properties of the Domain Controllers OU in Active Directory Users and Computers

• Edit the Default Domain Controllers Policy on the Group Policy tab as directed

• Open the Audit Policy node and browse through the various policy settings

Guide to MCSE 70-290, Enhanced 8

Activity 14-5 (continued)

Guide to MCSE 70-290, Enhanced 9

Activity 14-5 (continued)

Guide to MCSE 70-290, Enhanced 10

Activity 14-6: Configuring and Testing New Audit Policy

Settings• Objective: to become familiar with changing and

testing the configuration of audit policy settings• Open the Default Domain Controllers Policy GPO

auditing settings• Reconfigure the settings as directed• Manually refresh the Group Policy settings• Test the new settings and view results using Event

Viewer

Guide to MCSE 70-290, Enhanced 11

Activity 14-7: Configuring Auditing on an NTFS Folder

• Objective: to log failed and successful accesses to an NTFS folder

• Create and configure NTFS permissions for a new folder

• Configure auditing settings for the folder• Test the auditing settings and permissions by

attempting to access and delete the folder• Use Event Viewer to verify correct auditing

Guide to MCSE 70-290, Enhanced 12

Activity 14-7 (continued)

Guide to MCSE 70-290, Enhanced 13

Activity 14-8: Configuring Event Viewer Log Properties

• Objective: to use the find and filter features in Event Viewer to manage log files

• Open Event Viewer and view local Security log• Use the Find feature to locate specific types of

events as directed• Next, use the Filter feature to manage the log,

displaying only events meeting specified criteria• Redisplay all records in the log as directed

Guide to MCSE 70-290, Enhanced 14

Activity 14-9: Editing Security Log Settings and Saving Events• Objective: to configure properties of the Security

log and save event entries for archiving purposes• Open the Properties of the Security log through

Event Viewer• Reconfigure the Security log size and overwrite

properties as directed• Save and clear the Security log as noted• Open the saved log to verify