This course explains how to create a secure IIS deployment for an enterprise network with a focus on user authentication. It also examines common vulnerabilities of Web servers, along with how to secure Web server software with options offered in Windows Server 2003.
Objectives:
Design user authentication for Internet Information Services (IIS) and a Web site
Design security for IIS
Design security for Web sites
Design a monitoring strategy for IIS
Design an IIS baseline based on business requirements
Design a content management strategy for updating an IIS server
Topics:
Designing user authentication for IIS
Designing certificate authentication
Configuring anonymous and basic authentication
Configuring digest and integrated Windows authentication
Designing RADIUS authentication
Securing IIS installations
Hardening IIS
New security features in IIS 6.0
Designing a monitoring strategy for IIS
Configuring IIS logging and monitoring Event Log activities
Enabling security auditing and health detection
Technical Requirements:
P500+ Processor, 128MB of RAM; Windows 2000, 2003, XP, Minimum screen resolution 800x600, Internet Explorer 6.0 or higher; Windows Media Player 9.0 or higher; Adobe Flash Player 8.0 or higher; 56K minimum connection; broadband (256 kpbs or higher) connection recommended; Cookies enabled; Sound card with speakers or headphones strongly recommended.
