MCSA/MCSE Self-Paced Training Kit (Exam 70-214): Implementing and Administering Security in a Microsoft Windows 2000 Network (Pro-Certification)

My review of this book is somewhat conflicted. While I would state it would make a good book if you did not know anything about Windows 2000 Security, I find that it fails as a preparation for the 70-214 exam.

I read some of the paragraph length sentences to others at work, and they too got a chuckle out of it. The simplest of items are presented in a wordiness that would make reading Our Mutual Friend or even War and Peace akin to glancing through the Sunday comics. At the same time, many items that should be the meat of the book are glossed over in an almost trivial manner.

If this were simply a training manual, it would have received 3 or even 4 stars. While Windows NT 4.0 Server can be considered archaic, not even a full page in this text is given to security concerns during the upgrade procedure from NT 4.0 to 2000.

I would heartily suggest brushing up on upgrade issues for the exam if this book is to be your sole study guide. With only 50 questions on the exam, it would not take many NT 4.0 questions to blow your chance at passing the 70-214 exam.

After reading the Microsoft Press book for the 70-214 exam, I can recommend it as a good start to learning about securing a Windows 2000 network, which covers a lot of territory. Since I am already a MCSE I do not plan on taking the exam but read the book because I am always interested in security books. The book has a lot of content and is loaded with step by step instructions and exercises, so much so that I thought it was mostly a "cook book" and light on the theory and practical experience end. The end of chapter questions were very brief and few in number. However the content covered was thorough and by and large accurate (the statements that ipsec requires certificates and that NT4.0 workstations apply the user configuration part of group policy are wrong). It was nice to see a specific example of how to use secedit and create a few basic script files. Kerberos authentication was nicely explained along with the benefits, and why and how you should upgrade older clients to Active Directory Client to get them up to NTLM 2. There was quite a bit of coverage on pki and setting up cerificate services and great examples of using Web Enrollment to obtain certificates. The usual stuff on managing groups/users, share and ntfs permissions, and user permissions were covered. Vpn explanations were fairly thorough, with especially good explanation of differences between pptp and l2tp. It was nice to find a chapter on wireless security that included a step by step example to setting up a WAP. The section on IIS security does not require you to be a guru at IIS, but gets to the point on how to implement various authentication methods to a website from anonymous to ssl and why and when to use each. Intrusion detection is a basic part of network security and using group policy to enable various types of auditing and using Eventcomb is well covered. There is even a lesson on how to set up and use a honey pot. The often misunderstood IPSEC is explained well enough that you can learn how to implement, create a custom policy, and do some basic troubleshooting. Service packs and hot fixes are an important part to maintaining a secure operating system, and chapter 14 covers how to use various tools like MBSA and Qchain to determine the need for and to effeciently implement these updates. Slipstreaming service packs and using RIS is also well explained.
There was a lot for me to like about Implementing and Administering Security, but I felt it was short in a few areas also. It could have used an intro chapter explaining the importance of security and ramifications of lack of to get the reader in the right mindset, but the first page jumps right into group policy. There could have also been an ending "put it all together" summary chapter with general tips/tricks like the top ten security blunders or how to harden a Windows 2000 server like Microsoft has on their website. I saw very little on disabling uneeded services (though the MBSA tool checks for that). There was little detail about EFS which trips up a lot of users using it by losing their data or believing it is secure when it is not. Dcdiag and netdiag were briefly covered, but these are two very useful tools deserve more - they help troubleshoot when policies are not applied correctly. MBSA was not covered in much detail either. A couple pages on the mysterious anonymous/null session account, what it is used for, how it is a security risk, and what to do about it would have been a great inclusion. Finally I thought that even though the explanation of implementing security policy and templates was good, there was very little explanation of what any of the settings in user rights or security options actually do. Incorrect configurations of some of them can lead to problems in environments with downlevel clients and NT4.0 servers.
In Summary I though the book was a good read and worth keeping, but I would be hesitant to advise anyone to use this book alone to prepare for the 70-214 exam. It would be a good book to have even if not planning to take the exam, because it explains a lot of topics required to know in more detail than you will find in "core four" books. I highly recommend the Microsoft Press Design Security 70-220 book as a possible read to reinforce/supplement topics found here. I also STRONGLY suggest spending time at Microsoft TechNet security website. It has a tremendous amount of detailed information about topics covered in the book and much more including white papers. Finally if you are serious about learning about securing Microsoft networks beyond requirements for this exam I also recommend reading Hacking Windows 2000 Exposed and Inside Network Perimeter Security as a good foundation.

.

Having recently passed the 70-214 exam, which is new from Microsoft, I had used another book for the exam study as this one arrived 2 days before my exam. With the material contained in this book had it arrived earlier I could have used it to study for the exam.

Like most MS Press books each topic is broken down into lessons with practice labs to help you learn as you go. The cd included has a 120-day evaluation of Windows 2000 Server and the exercises coincide with the cdrom, which also has exercises on it as well.

Looking at the questions on my exam, this book came up a little short with coverage of utils like MBSA, as I several questions on the use of MBSA and there are only a few pages and labs covering the topic.

Although the book does a good job on other utils like QChain, HFNetChk and URLScan. As with any book there will areas with more coverage and areas with less coverage, which is why it is important to have multiple sources.

There is a great deal of material covered in this book and it does make a nice study tool for the exam. The cd also has a practice test generator which is a nice add-on. Overall I think a few updates are needed and this book makes a great companion with other study material.