AUDIENCE:   This course is for computer auditors and security specialists wishing to understand security and auditing issues within the Microsoft Windows 2003 Server environment. Audit planners and Managers may also wish to attend. PREREQUISITES:   No prior knowledge of Windows 2003 Server is expected but delegates should have a general understanding of how computers work and the Windows environment. DURATION:   2 days. Hands on. OBJECTIVES:   A thorough understanding of the security and auditing issues within the Microsoft Windows 2003 Server Environment and Windows Clients. COURSE CONTENT:   Microsoft Windows Architecture – an overview User vs. kernel mode Internal security architecture The registry Windows Management Instrumentation SACLS and DACLS the foundation of windows security and auditing What are they? How do they work? Authentication Security access tokens Active Directory – the core of your network Internal structure and control Domain controller issues Group Policy – Automating configuration and lockdown Group policy application Extending group policy Data storage – Fundamentals and security Disks, volumes, encryption and network issues Network controls – securing you conversations IPSec Auditing within Windows – configuration and management Creating an audit policy – what and why Implementing an audit policy – how and when Managing event logs Keeping Windows up to date Software Update Services Other solutions Best practices From Microsoft Tools – from Microsoft and third parties A short review TB07/01