microsoft ® virtual academy microsoft technology associate 98-367: security fundamentals...
TRANSCRIPT
![Page 1: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/1.jpg)
Microsoft® Virtual AcademyMicrosoft Technology Associate 98-367: Security Fundamentals
Christopher Chapman | Content PM , MicrosoftThomas Willingham | Content Developer, Microsoft
![Page 2: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/2.jpg)
Meet the PresentersChristopher Chapman, MCTContent Project Manager, Microsoft Learning
Background– IT manager and implementer focused on deploying,
maintaining and optimizing networks of all sizes
– IT Consulting projects include Custom SharePoint for Microsoft IT, Netware/Notes migration to AD/Exchange, Transition to centralized management (250 clients)
– Instructor and Director of Instruction
– Multiple Microsoft and other industry certifications (MCP, MCTS, MCSA, MCSE, MCT)
Contact
– @ChristopherMSL
![Page 3: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/3.jpg)
Meet the PresentersThomas Willingham
Content Developer, Cloud and EnterpriseBackground
• Taught the Microsoft MCSE and the Novell CNE certifications, and worked as a network consultant for almost 10 years• Courseware Author for MS Learning• Content developer for Remote Desktop Virtualization at Microsoft for the last 5 years
Contact
![Page 4: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/4.jpg)
Course Topics
98-367: Security Fundamentals01 | Understanding Security Layers
02 | Authentication, Authorization and Accounting
03 | Understanding Security Policies
04 | Understanding Network Security
05 | Protecting Servers and Clients
![Page 5: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/5.jpg)
Setting Expectations
•Target Audience• IT Help Desk staff interested in moving into Network/Systems Administration• Anyone interested in learning more about networking
•Suggested Prerequisites/Supporting Material• 40349A: Windows Operating System Fundamentals: MTA Exam 98-349• 40366A: Networking Fundamentals: MTA Exam 98-366• 40365A: Windows Server Administration Fundamentals: MTA Exam 98-365• Exam 98-349: Windows Operating System Fundamentals• Exam 98-366: Networking Fundamentals• Exam 98-365: Windows Server Administration Fundamentals
![Page 6: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/6.jpg)
Microsoft® Virtual Academy
Module 1Understanding Security Layers
Christopher Chapman | Content PM , MicrosoftThomas Willingham | Content Developer, Microsoft
![Page 7: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/7.jpg)
Module Overview
•Core Security Principles•Physical Security
![Page 8: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/8.jpg)
Core Security Principles
![Page 9: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/9.jpg)
Confidentiality, Integrity, Availability (CIA)
•Confidentiality• Confidentiality deals with keeping information, networks, and systems secure from unauthorized access. This can be achieved by using encryption, authentication, and access control.
• Integrity• Integrity is defined as the consistency, accuracy, and validity of data or information. This can be achieve by using hashing.
•Availability• Availability describes a resource being accessible to a user, application, or computer system when required.
![Page 10: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/10.jpg)
Least Privilege, Attack Surface, and Social Engineering
• Least Privilege• User, systems, and applications should have no more privilege than necessary to perform their function or job.
•Attack Surface• Set of methods and avenues an attacker can use to enter a system and potentially cause damage.
•Social Engineering• Method used to gain access to data, systems, or networks, primarily through misrepresentation. Relies on the trusting nature of the person being attacked.
![Page 11: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/11.jpg)
Risk Management
•Responses:• Avoidance• Acceptance• Mitigation• Transfer
IdentifyRisk
Statement(If/then)
Analyze and Prioritize
Master Risk List
Track and Report
Control Plan and Schedule
Top N risks
LearnRisk database
![Page 12: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/12.jpg)
Physical Security
![Page 13: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/13.jpg)
Physical Security
• First line of defense•Achieve by using access control at different layers•Defense in Depth approach
![Page 14: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/14.jpg)
Defense in Depth
External PerimeterInternal Perimeter
Secure Area
ServersRacks
![Page 15: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/15.jpg)
External Perimeter
• First line of defense surrounding office•Secured by using:• Security cameras• Parking lot lights• Perimeter fence• Gate with guard• Gate with access badge reader• Guard patrols
![Page 16: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/16.jpg)
Internal Perimeter
•Once inside the building•Secured by using:• Locks (on exterior doors, internal doors, office doors, desks, filing cabinets, etc.)• Security cameras• Badge readers (on doors and elevators)• Guard desks and patrols• Smoke detectors• Turnstiles and mantraps
![Page 17: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/17.jpg)
Secure Areas
•Specific potion of the building•Secured by using:• Badge readers and Keypads• Biometric technologies (e.g., fingerprint scanners, retinal scanners, voice recognition systems, etc.)• Security doors• X-ray scanners and Metal detectors• Cameras• Intrusion detection systems (light beam, infrared, microwave, and/or ultrasonic)
![Page 18: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/18.jpg)
Device Security
•Servers• Locked in data centers (secure area)
•Desktops• Secured to desks
•Mobile Devices• Docking stations• Laptop security cables• Laptop safes• Theft recovery software• Laptop alarms
![Page 19: Microsoft ® Virtual Academy Microsoft Technology Associate 98-367: Security Fundamentals Christopher Chapman | Content PM, Microsoft Thomas Willingham](https://reader033.vdocuments.us/reader033/viewer/2022061507/56649d825503460f94a673b7/html5/thumbnails/19.jpg)
Additional Resources & Next Steps
Books• Exam 98-367 Security
Fundamentals• Exam 98-366: MTA
Networking Fundamentals
• Exam Ref 70-410: Installing and Configuring Windows Server 2012
Instructor-Led Courses• 40349A: Windows
Operating System Fundamentals: MTA Exam 98-349
• 40366A: Networking Fundamentals: MTA Exam 98-366
• 40365A: Windows Server Administration Fundamentals: MTA Exam 98-365
• 20410C: Installing and Configuring Windows Server 2012
Exams & Certifications• Exam 98-367:
Security Fundamentals
• Exam 98-349: Windows Operating System Fundamentals
• Exam 98-366: Networking Fundamentals
• Exam 98-365: Windows Server Administration Fundamentals
• Exam 70-410: Installing and Configuring Windows Server 2012
www.microsoft.com/learning