Watch MTA Security Fundamentals Exam 98-367

In this episode, Daniel and Mike describe common methods for implementing client and server protection. They start with client protection through User Account Controls(UAC), system updates, and software restrictions. They then move to server hardening through network isolation, disabling insecure protocols, and checking for security vulnerabilities using the Microsoft Baseline Security Analyzer.

In this episode, Mike and Daniel explore common protocol security concepts and methodologies. They start by explaining some of the common attack methods like Denial of Service, protocol spoofing, man-in-the-middle, network sniffing, and DNS poisoning, then moving into how you can protect your systems against those attacks using methods like Tunneling, IPSec, and DNSsec.

In this episode, Daniel and Mike explain the purpose of network isolation and how network isolation is practically implemented. They start with one of the most common forms of isolation, which is using Virtual Local Area Networks or VLANs and routing. Then they cover more specifically isolated devices like VPN connected devices, honeypots, and perimeter networks, aka a DMZ.

In this episode, Mike and Daniel describe the benefits and attributes of a dedicated firewall solution and Network Access Protection (NAP). They discuss the different types of dedicated firewalls, like Unified Threat Management system, Secure Content Management systems, and what the difference is between stateful and stateless firewalls. Finally they walk you through Microsoft's NAP system.

In this episode, Daniel and Mike help you better understand what malware is, how you get it, and how to protect against it. Here they cover malware attacks like viruses and worms, spyware, and buffer overflows. They then explain how malware is delivered; typically through a Trojan Horse, email link/attachment, or both; then explain what you can do to protect your email systems from attacks.

In this episode, Daniel and mike continue explaining encryption, this time they start by showing you how to encrypt an entire volume by using Microsoft's BitLocker which integrates with your system's Trusted Platform Module(TPM). Other topics discussed include VPN, Certificates and Public Key Infrastructures, and Token devices.

In this episode, Daniel and Mike walk you through the basics of encryption. Here they show you some of the different encryption types as well as detail the concept of public/private keys. They then move into Windows' Encrypting File System(EFS) to encrypt files on a hard drive, mail encryption and signing files to verify their integrity.

In this episode, Mike and Daniel describe the best practices when it comes to setting up password and audit policies. They start off by showing you where to set the password policy on both a local Windows desktop OS as well as in a Active Directory domain environment. Then they move into auditing where they show you how to enable auditing and the different types of auditing available in Windows.

In this episode, Daniel and Mike explain the details of permissions. They describe the different types of permissions like File Permissions and Share Permissions, as well as what permissions are available for the NTFS and FAT file systems. They also cover the topics of inheritance, ownership, delegation, and best practices when setting permissions.

In this episode, Mike and Daniel explain the basics of user authentication. They talk about different ways we can authenticate something you know, something you have, or something you are. They also talk about the different places and methods that authentication may be occurring; locally, remotely, or at the domain level. Also covered is certificates and PKI or Public Key Infrastructure.

In this episode, Mike and Daniel describe wireless security basics. They detail some wireless security best practices like when you should or should not broadcast the Security Set Identifier(SSID), MAC address filtering, and which encryption type to use; WEP, WPA, or WPA2.

In this episode, Daniel and Mike detail how to stay secure when connecting to the internet. They show you how to use settings in Internet Explorer that can increase your security. They also show you how to use zones to apply specific settings to specific sites. Lastly they explain how websites can be secured using certificates and the Secure Sockets Layer(SSL) protocol.

In this episode, Mike and Daniel explain the elements of proper physical security. Here they explain how to implement defense-in-depth, or layered security keeping your systems safe by creating many checkpoints that an intruder would need to bypass before gaining access. This includes things like external and internal site security, implementing locking mechanisms, and disabling local logon access

In this episode, Daniel and Mike introduce you to some of the core security principles and practices that anyone looking to get into IT should be familiar with. Here they specifically discuss the CIA triad; Confidentiality, Integrity, and Availability.