This certification exam measures your ability to gather and analyze business
requirements for a secure network infrastructure and design a security solution
that meets those requirements.
| Creating the Conceptual Design for Network Infrastructure
Security by Gathering and Analyzing Business and Technical Requirements: |
| - |
Analyze business requirements for designing security. Considerations include
existing policies and procedures, sensitivity of data, cost, legal requirements,
end-user impact, interoperability, maintainability, scalability, and risk.
|
| - |
Design a framework for designing and implementing security. The framework
should include prevention, detection, isolation, and recovery. |
| - |
Analyze technical constraints when designing security |
| Creating the Logical Design for Network Infrastructure
Security |
| - |
Design a public key infrastructure (PKI) that uses Certificate Services. |
| - |
Design a logical authentication strategy. |
| - |
Design security for network management. |
| - |
Design a security update infrastructure. |
| Creating the Physical Design for Network Infrastructure
Security |
| - |
Design network infrastructure security |
| - |
Design security for wireless networks. |
| - |
Design user authentication for Internet Information Services (IIS). |
| - |
Design security for Internet Information Services (IIS). |
| - |
Design security for communication between networks |
| - |
Design security for communication with external organizations |
| - |
Design security for servers that have specific roles. Roles include domain
controller, network infrastructure server, file server, IIS server, terminal
server, and POP3 mail server |
| Designing an Access Control Strategy for Data |
| - |
Design an access control strategy for directory services. |
| - |
Design an access control strategy for files and folders |
| - |
Design an access control strategy for the registry |
| Creating the Physical Design for Client Infrastructure
Security |
| - |
Design a client authentication strategy |
| - |
Design a security strategy for client remote access |
| - |
Design a strategy for securing client computers. Considerations include
desktop and portable computers |
