Start with 7 free days of training.

Gain instant access to our entire IT training library, free for your first week.
Train anytime on your desktop, tablet, or mobile devices.

Microsoft Technology Associate (MTA)

This video training with James Conrad covers security fundamentals, including wireless security, network access protection, and more....
This video training with James Conrad covers security fundamentals, including wireless security, network access protection, and more.

Related Area of Expertise:
  • IT Security

Recommended skills:
  • Familiarity with various Microsoft technologies

Recommended equipment:
  • Windows Server 2008

Related certifications:
  • Microsoft Technology Associate

Related job functions:
  • Students

Microsoft Exam 98-367: Security Fundamentals is designed to test your knowledge of fundamental security concepts. That makes it a must-have if you're a student, faculty, or staff member of a qualified educational institution, and you're moving into the network admin field. In this course, James Conrad covers everything you need to know to pass the exam...and gain the basic knowledge you need to move on to higher security levels - and pay grades!
 show less
1. Introduction to Security Fundamentals (5 min)
2. Security Principles (42 min)
3. Physical Security Part 1 (28 min)
4. Physical Security Part 2 (42 min)
5. Internet Security (20 min)
6. Wireless Security (38 min)
7. User Authentication Part 1 (41 min)
8. User Authentication Part 2 (45 min)
9. Certification Authorities Part 1 (42 min)
10. Certification Authorities Part 2 (35 min)
11. EFS File Encryption (32 min)
12. BitLocker Drive Encryption (39 min)
13. Understanding Permissions (73 min)
14. Auditing (18 min)
15. Malware (53 min)
16. Client Protection (37 min)
17. Firewalls (33 min)
18. Network Access Protection (31 min)
19. Network Isolation (36 min)
20. Protocol Security (42 min)
21. Email Protection (23 min)
22. Server Protection (29 min)

Introduction to Security Fundamentals


Hello. My name is James Conrad. Yes, that's me down here in the lower right. And it's my pleasure to be with you here as we explore security fundamentals from Microsoft. This is the numbered exam 98-367 that we're studying for here. Now, you might want to understand a little bit, also, about who James Conrad is if you're not familiar with me and with CBT Nuggets.


I'm also a Certified Ethical Hacker, that's a CEH, Certified Ethical Hacker, and I have to sign a paper that says that I won't hack into people's computers unless I have their permission. That's usually done with penetration testing and stuff like that.


But anyway, I have a lot of security background because of that certified ethical hacker certification, and I want to take you through some of things that I have learned, that I'm aware of for security purposes. Now, one of the things we'll be taking a look at here, as I'm just going to go through the list of the various topics we'll address in the security fundamentals exam pack here.


One of the things we'll talk about, first of all, is security layers and principals. If you're new-- new to security, there are several things that you'll be a little bit baffled about, little terms that come up here and there. The understanding of how the threats and risk impact your principles, something like the principle of least privilege, a lot of those different types of things we'll be addressing here.


We'll also address physical security. I mean, after all, if a five-year-old with a hammer can bash your server in, then you don't have very good security, right? So we need to also make sure that in addition to things like internet security and firewalls and things like that, still have to have good physical security.


Now this is going to involve a number of different things, such as how people can get into the server room, how they're able to access data and potentially walk off with it, things like this as well. We'll take a look also at internet security, and this is going to be a big issue in any environment nowadays.


We'll take a look at how we can secure websites, what kinds of things make a website secure, for example. We'll look at certification authorities and how they play a role in some of this kind of thing, as well. We'll take a look at wireless networks.


This again, this is a wide-open field for security vulnerabilities because many wireless access points are completely insecure. They're wide open, and they don't have any kind of encryption applied to them. We'll talk a little bit about the kinds of encryption you can apply and which ones might be better than others.


We'll take a look at user authentication and some important topics there, such as how you can use certificates to help make sure that users have secure authentication, for example. We'll also take a look at encryption technologies. These involve a number of different things, such as the encrypting file system from Microsoft and an understanding of how certificates play a role in that and how you can configure that.


As well as things such as BitLocker, BitLocker To Go and things of this-- And as we continue our discussion of security fundamentals, we'll also take look at permissions. This can be a really difficult thing sometimes, because they can be quite complicated if users belong to multiple security groups and there's multiple levels of folders that have to be involved.


And you might need to identify exactly what permissions this specific user has or understand why they're not able to access a specific file, for example. So there's a lot of different complexities involved in permissions that we'll take a look at, hopefully help to iron some of those things out.


Auditing is also very important because you need to understand what's been going on on a given server, for example. Who's been trying to access these files? Have they been authorized or unauthorized? There'll be a record of the date and time that these attempts have been taking place.


You need to keep track of those auditing items. And then we'll take a look at malware as well. It's kind of a general term that applies to things such as viruses, worms, spyware, adware, all those sorts of things. And it's a very frustrating thing to have to deal with these days, but it's a constant battle that we as security administrators will have to deal with.


There's also the issue of client protection. This frequently involves things such as user account control or encrypting your offline files, software restriction, policies, making sure that users do not run software that they're not authorized to run, things of this nature.


And then, of course, firewalls, which primarily will protect us from the internet public but can also be used internally to protect you from threats that might be within your own network. And as we continue our discussion of security fundamentals, we'll also take a look at Network Access Protection, which is a great way to make sure that the clients are secure before they connect to your network.


In other words, they've got the latest antivirus definitions, anti-spyware, the firewall might be turned on, those sorts of things. We take a look at network isolation as well, such as Virtual Local Area Networks or VLANs, which is a great way to segment your network out into different broadcast domains.


We take a look at a lot of different things related to virtual private networking there, as well. We take a look at server protection. This is going to be important because you might have services out there that are running that present a security vulnerability.


We need to know how to turn those services off, for example, or to use read-only domain controllers or some of the free tools that Microsoft makes available to us, such as the Microsoft Baseline Security Analyzer, which will help to easily identify security vulnerabilities on your servers.


Well, I've got to tell you I'm very excited about this whole series and going through it with you. I do hope that you enjoy listening to it and watching it as much as I've enjoyed making it. And with that, let's get started and take a look at the next video.

Security Principles

Physical Security Part 1

Physical Security Part 2

Internet Security

Wireless Security

User Authentication Part 1

User Authentication Part 2

Certification Authorities Part 1

Certification Authorities Part 2

EFS File Encryption

BitLocker Drive Encryption

Understanding Permissions



Client Protection


Network Access Protection

Network Isolation

Protocol Security

Email Protection

Server Protection

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Intermediate 13 hrs 22 videos


Training Features

Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Our iOS and Android mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Develop and maintain a study plan with one-to-one assistance from coaches.

Supplemental Files
Files/materials that supplement the video training.

Speed Control
Play videos at a faster or slower pace.

Included in this course
Pick up where you left off watching a video.

Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Follow what the trainers are saying with ease.
James Conrad
Nugget trainer since 2003