Microsoft Security Fundamentals Exam Summary:
Exam Name | Microsoft Technology Associate (MTA) - Windows Server 2016 |
Exam Code | 98-367 |
Exam Price | $127 (USD) |
Exam Price | 50 mins |
Number of Questions | 30-50 |
Passing Score | 700 / 1000 |
Books / Training | 40032A: Networking and Security Fundamentals: Training two-pack for MTA Exams 98-366 and 98-367 40367A: Security Fundamentals: MTA Exam 98-367 |
Sample Questions | Microsoft Security Fundamentals Sample Questions |
Practice Exam | Microsoft 98-367 Certification Practice Exam |
Microsoft 98-367 Exam Syllabus Topics:
Topic (Weights) | Details |
Understand security layers (25–30%) | Understand core security principles ◈ Confidentiality; integrity; availability; how threat and risk impact principles; principle of least privilege; social engineering; attack surface analysis; threat modelling Understand physical security Understand Internet security Understand wireless security ◈ Advantages and disadvantages of specific security types; keys; service set identifiers (SSIDs); MAC filters |
Understand operating system security (35-40%) | Understand user authentication ◈ Multifactor authentication; physical and virtual smart cards; Remote Authentication Dial-In User Service (RADIUS); biometrics; use Run As to perform administrative tasks Understand permissions Understand password policies Understand audit policies ◈ Types of auditing; what can be audited; enable auditing; what to audit for specific purposes; where to save audit information; how to secure audit information Understand encryption ◈ Encrypting file system (EFS); how EFS-encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; virtual private network (VPN); public key/private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices; lock down devices to run only trusted applications Understand malware ◈ Buffer overflow; viruses, polymorphic viruses; worms; Trojan horses; spyware; ransomware; adware; rootkits; backdoors; zero day attacks |
Understand network security (20–25%) | Understand dedicated firewalls ◈ Types of hardware firewalls and their characteristics; when to use a hardware firewall instead of a software firewall; stateful versus stateless firewall inspection; Security Compliance Manager; security baselines Understand network isolation ◈ Understand protocol security Protocol spoofing; IPsec; tunnelling; DNSsec; network sniffing; denial-of-service (DoS) attacks; common attack methods |
Understand security software (15–20%) |
Understand client protection ◈ Antivirus; protect against unwanted software installations; User Account Control (UAC); keep client operating system and software updated; encrypt offline folders, software restriction policies; principle of least privilege Understand email protection ◈ Antispam, antivirus, spoofing, phishing and pharming; client versus server protection; Sender Policy Framework (SPF) records; PTR records Understand server protection |
Note:
This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format. To help you prepare for this exam, Microsoft recommends that you have hands-on experience with the product and that you use the specified training resources. These training resources do not necessarily cover all of the topics listed in the "Skills measured" section.
0 comments:
Post a Comment