Secure Your Future: MCSE Exam 70-220
One of the primary jobs of a network administrator is to secure the network. Imagine a network without security: users snooping around at payroll information; folks deleting files at will; clients adding services because it's cool; and sales reps installing every shareware, dancing baby, virus-infested program they can find. Sounds like fun, huh?
Okay, so that's a worst-case scenario, but this exam will challenge your ability to implement all levels of security:
Access to resources
Auditing access to resources
That's it? Well, yes. But there are tons of issues to nitpick over.
This exam, like all of the design exams, uses the case-study approach to each batch of questions. Here's how it works: You'll be presented with a case study of a company. The case study will include information about its network, the company's goals, interviews from different employees, security issues, and plans for growth. It's almost like you're looking over someone else's notes from a meeting. After you read this dissertation you'll have to answer a batch of questions in regard to the case study.
Analyzing Business Requirements
You will need to think like a large corporation for this objective. You'll be presented with the current status of a network and the then a set of requirements for improving the company's network. This will include information about the geographical makeup of the company: international, national, subsidiary, and branch offices. Of course, for starters, how will all these locations be connected together?
On top of the geographical concerns will be the internal processes of the company: information flow, communication flow, service and product life cycles, and decision-making. What does this have to do with security? Everything! How will you secure all of the workflow within a LAN? On the WAN? For dial-up users? And protect against hackers? What laws are in place for encryption; software distribution?
Another business requirement is the relationship that the company has with its vendors, partners, and customers. How much access will these different relations be allowed? How will the level of access be controlled? Is it Web-based or VPN? Think group strategy and Group Policy Objects.
You'll be challenged with consulting on the IT administration. In some instances, the geographical makeup will mean a decentralized model, whereas other times a centralized model would be most effective. In addition, will Organizational Units (OUs) be delegated by departments or on a case-by-case basis? And of course, all of these concerns are ruled by a budget.
Study Hint: Think big business—and sketch out a security design for a world-wide corporation. Consider WAN links, sites, domains, and OUs.