The International Leader in Audit and Information Security Training EARN 30 CPE CREDITS HANDS-ON SECURING AND AUDITING WINDOWS 2003 A Detailed Look Inside the Security and Control Features of Microsoft’s Latest Server Operating System 13th - 16th March 2007, London COURSE DIRECTOR: Steve Rimell, CPFA, PIIA In this hands-on, four-day programme you will: Learn how to install Windows 2003 and Active Directory to your best advantage Master a methodology for managing your network through improved security and audit features Assess the effects of Windows 2003 security settings Gain an understanding in role-based security and software restriction policies to create new security mechanisms Display, modify and test the effect of Group Policies for Windows 2003 Acquire the knowledge needed to conduct an efficient and effective audit of a Windows 2003 based network WWW.MISTIEUROPE.COM COURSE DIRECTOR: Controlling and Securing Windows 2003 Server Steve Rimell, CPFA, PIIA, has a courses in this subject for Systems 13 - 16 March 2007, reputation as the most respected Security's Bristol training centre London authority in the UK with over 20 since 1996, where he proves to the years practical experience in students that apparently highly Prerequisite information systems audit. He technical areas are not as hard to A basic knowledge of the principles of provides training, security reviews, audit as they appear. Steve is a operating systems. No previous experience consulting services, and internal member of CIPFA and the Institute of Windows 2000 or 2003 is required audit support for a wide range of of Internal Auditors. He has public and private sector clients in delivered public and in-house Learning Level the UK, Europe and many other training presentations for System Intermediate customers. He has also had Security, MIS Training and many extensive experience as an audit other clients. He is regularly invited Who Should Attend manager running a commercial IS to speak at professional meetings Systems Administrators; Information audit service. Steve specialises in and conferences in the UK and the more technical aspects of overseas, and is presently engaged Technology and Technical Operational information systems audit, having in a variety of projects to develop Auditors; Information Security extensive knowledge of the security audit automation software for professionals responsible for the and control of UNIX, Oracle, network and operating system security and audit of Windows 2003 Windows NT/2000, and networking security testing. Steve is also the networks; Integrators of Windows environments such as TCP/IP. He owner and proprietor of Rimell has presented hands-on training Associates Ltd. 2003 networks Fee GBP£2,099 Earn 30 CPE’s DAY ONE “A valuable course in Auditing Directory Service Access – new audit categories in W2003 many ways - resource WINDOWS 2003 BRIEF INTRODUCTION rich, informative and Windows 2003 brief introduction Improvements over Windows enjoyable” Audit Manager, DAY FOUR 2000 Old Mutual ACTIVE DIRECTORY SERVICES Controlled services in Windows Active Directory Services 2003 – new service accounts Interface and how the auditor Introduction to Active Directory can use it. Active Directory Objects – Forests and Trees, Domains and Sites, OUs Groups and Users DAY THREE “The instructor is extremely helpful, uses DAY TWO AUTHENTICATION New authentication features– easy to understand terminologies (not too forest trusts, the Credentials technical, perfect pace ACTIVE DIRECTORY Manager and constrained with very clear Trust relationships in Active delegation Directory explanation” Access Control – Role-based Reviewing the deployment of security, URL-based access Active Directory Senior Auditor, control and Software Restriction The Active Directory Policies Management Tools Unesco Group Policy Objects and how Object permissions in Active they are used Directory and what they mean New tools for managing Group Extracting information from File and directory permissions Policy Objects – The Group Active Directory for audit and how to audit them Policy Management Console purposes Delegation of Control and how Useful audit software: to audit it DumpSec SEMINAR FOCUS AND FEATURES In January 2002, Microsoft announced that it was working to develop a new version of Windows that would be the most secure and reliable so far. Their aim was for it to be ‘Secure by Design’, ‘Secure by Default’ and ‘Secure in Deployment’. In this four-day hands-on workshop, you will learn all the essential features of Windows 2003 and Active Directory. You’ll learn how it is installed, how it works in a networked environment, and how it’s much talked about, improved security and audit features can be used to create a secure, well managed network. With hands-on access to your own Windows 2003 server, you’ll learn how to inspect the operating system configuration, and see how the new control settings provide a higher standard of ‘out of the box’ security than previous versions of Windows. Starting with a basic server, you’ll learn how Active Directory, the core of Windows networks, is deployed and configured. You will be able to use the Active Directory management tools at Administrator level to display and inspect all the important areas of AD. You’ll learn about the Windows 2003 access permissions system, and how it controls access to files, folders, printers, MBSA registry settings and Active Directory objects. In a series of Log dumper tools practical exercises you will be able to assess the effects of The built-in NET commands security settings and group membership on the access granted Using scripts to audit Windows 2003 to system resources. You’ll learn how to use the Security Configuration and Analysis tools to measure the security status of your system against a benchmark. Windows 2003 has new “Very good introduction and tools for the management of Group Policy Objects. GPOs are a major area of audit interest, as they can be used to control broad, but in depth review of almost every aspect of the behaviour of Windows servers and key risk areas re: windows” workstations. You’ll be able to use the new Group Policy Management Console to display, modify and test the effect of Internal Auditor, Group Policies on Windows users and computers. Kensington Mortgages You’ll learn about the Windows auditing system, how it is set up and configured, how to recommend a suitable audit policy, and how to extract security-related information from the Windows Auditing features – Operations-based auditing, event logs. You’ll see how the new authentication features of ‘per-user auditing’, enhanced logon/logoff auditing Windows 2003 such as role-based security and software and the Microsoft Audit Collection System (MACS) restriction policies can be used to create new security New data encryption features mechanisms. You’ll hear about Microsoft’s planned enhancements to the auditing system, such as ‘per user’ Security improvements for wired networks and Wireless LANS auditing and the Microsoft Audit Collection Systems (MACS). The built-in NET commands Windows 2003, despite its heavy emphasis on its graphical user Using scripts to audit Windows 2003 interface, has a huge number of command-line tools and Auditing features – Operations-based auditing, utilities, and also has excellent support for scripting languages ‘per-user auditing’, enhanced logon/logoff auditing such as VBScript. You’ll learn how to make the best use of and the Microsoft Audit Collection System (MACS) these tools and scripts to extract valuable audit information from New data encryption features the Windows 2003 and Active Directory and how to import the data into other Windows programmes for later analysis. Security improvements for wired networks and Wireless LANS At the end of the course you will have all the knowledge required to plan and conduct an efficient and effective audit of a Windows 2003-based network. IN-HOUSE REGISTRATION FORM TRAINING Save up to 50% on training Tailored Training for your team and Save up to 50% If you have to comply with Sarbanes-Oxley, just installed a new ERP system, recruited new staff - or maybe you are keen to secure your network, take preventative measures to counteract fraud or comply with the latest legislation. Either way if you have 5 or more people who require training on the same topic, MIS can tailor training courses to meet your exact We charge per day and NOT per participant so the cost remains the same regardless of how many people you have in your team. With In-House Training You Will: Please Quote Ref: 206 WEB Save money over public seminar fees in addition to savings on travel and Controlling and Securing accommodation costs. Windows 2003 Server 5 easy ways to register Save time on travel as the instructor will (please photocopy form for additional delegates) Tel: +44 (0)20 7779 8944 travel to you. Furthermore, the training can be held at the most convenient time for 13th - 16th March 2007 , London Fax completed form to: you. (MT989) +44 (0)20 7779 8293 Ensure the relevance of the seminar for GBP £1,995 £ Email: firstname.lastname@example.org your organisation and industry. You may wish to tailor the structure and + VAT @ 17.5% £ Web: www.mistieurope.com methodology of your seminar or customise Grand Total £ Post completed form to: the seminar to meet the expertise levels of Lisa Davies, your attending employees. *Discounts: Government, 10% off regular MIS Training, Nestor House, fees. Please call to enquire about corporate Playhouse Yard, discounts. Discounts can not be used in London conjunction with each other. Please send me information on: EC4V 5EX UK Fees must be paid in advance of the event. In House Training Making the Transition from IT to IT Audit, Customer Information 2nd - 4th October 2006, London Title First name Surname Security & Audit of UNIX/Linux, 24th - 26th Title/Position Organisation October 2006, London E-Mail Address (Required) Defending & Testing your Internet DMZs, Address 25th - 27th October 2006, London Country Postcode Registration Information (fees must be paid in advance of the event) Telephone Fax Accommodation: MIS Training has negotiated The information you provide will be safeguarded by the Euromoney Institutional Investor PLC group whose special accommodation rates at the Radisson subsidiaries may use it to keep you informed of relevant products and services. We occasionally allow Edwardian hotels in London. For further reputable companies outside the Euromoney Institutional Investor PLC group to contact you with details of information please email products that may be of interest to you. As an international group we may transfer your data on a global email@example.com or visit basis for the purposes indicated above. If you object to contact by telephone , fax , or email please www.radissonedwardian.com/mis tick the relevant box. If you do not want us to share your information with other reputable companies please tick this box . Cancellation Policy: Should a delegate be unable to attend, a substitute may attend in his or her place. Cancellations received within 21 working Payment Information days of the event are liable for the full seminar fee. If full payment has been received you are eligible Cheque enclosed (payable to MIS Training) Please invoice my company PO# for a 75% reduction on the next run of the seminar. This discount will be valid for one year Please debit my credit card AMEX VISA MasterCard only. MIS reserves the right to change or cancel programmes due to unforeseen circumstances. Card Number Expiry Cardholders name Verification Cod VAT: All delegates attending are liable to pay VAT. After the event organisations registered for VAT in VAT No. the UK may reclaim the tax. Delegates from outside the UK but within the European Please include billing address if different from address given Community may also be able to reclaim the VAT. Organisations outside the UK should check with their excise authority as to which domestic fiscal regulations apply. High Yield/No-Risk Please note that in completing this booking you undertake to adhere to the cancellation and payment terms listed below Guarantee: Attend these workshops and receive tools and techniques that will help you do your job Signature Date better. If you do not, simply tell us why on your company letterhead and we will give you a full Approving Manager Position credit toward another programme.
Pages to are hidden for
"SECURING AND AUDITING WINDOWS 2003"Please download to view full document