MCSE: Windows(r) Server 2003 Network Security Design Study Guide (70-298)

You should give yourself 20 minutes to review this testlet, review the exhibits, and complete the questions.

Overview

IntelliAgent Management provides management and consulting services to customers in North and South America.

Physical Locations

The company’s corporate headquarters is located in Miami. The company has four satellite offices in the following cities:

• Los Angeles

• New York

• Rio de Janeiro, Brazil

• Santiago, Chile

Planned Changes

IntelliAgent Management is entering into a partnership with JC Enterprises, a worldwide management conglomerate. The JC Enterprises network is made up of a Windows 2000 Active Directory domain, and JC Enterprises has no plans to upgrade its servers to Windows Server 2003.

The partnership between the two companies will exist exclusively over the Internet. Marketing users from both companies will require access to a shared folder named CustomerData, which is housed on a Windows Server 2003 server within the IntelliAgent corporate network.

Existing Environment

Directory Services The existing Active Directory forest for IntelliAgent Management is shown in the Active Directory Infrastructure exhibit in the case study exhibits section.

The IntelliAgent network consists of a single Windows Server 2003 Active Directory forest. The forest contains three domains named IntelliAgent.com, na.IntelliAgent.com, and sa.IntelliAgent.com.

Network Infrastructure The company’s existing network infrastructure is shown in the Network Infrastructure exhibit in the case study exhibits section.

A Windows Server 2003 database server is located in the Los Angeles office perimeter network. All of the workstations in North America run Windows XP Professional with Service Pack 1. Each office has a domain controller, which also serves as a file server.

Problem Statements

The following business problems must be considered:

• The IT staff is having difficulties maintaining all client computers with the latest security patches and service packs.

• Unauthorized users have been able to modify data on some of the IntelliAgent servers. Unauthorized users must not be able to modify the data on the company’s servers.

• Access to the resources is currently assigned on a per-user basis, which causes an immense amount of administrative overhead.

Interviews

Chief Information Officer Over the course of the last six months, we have been focusing our security on internal threats. Now we realize that, because we are relying on the Internet to maintain the partnership with JC Enterprises, we must focus on external threats to keep the connection points secure.

One of our competitors has recently been hacked and their confidential customer information was posted to the public. Occurrences such as these need to be prevented. We also suspect that some users are attempting to access the server and delete files that they are not authorized to delete.

Network Administrator There is no IT staff in the South American offices, and when the users there lose their password, they need to contact the Help Desk in the Los Angeles office.

Business Requirements

The following business requirements must be considered:

• Any solutions implemented must minimize administrative overhead.

• You must be able to track users’ access to the file servers.

• The marketing department for each company must be able to access the customer information.

Written Security Policy

The company’s written security policy includes the following requirements:

• All customer information must be kept confidential. Access to customer data must be tracked.

• Certain marketing information is available to the general public. Modifications to this public information must be tracked.

Case Study Exhibits