98-367: Security Fundamentals


This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area in the exam. The higher the percentage, the more questions you are likely to see on that content area in the exam.


Microsoft Security Fundamentals Exam Summary:


Exam Name Microsoft Technology Associate (MTA) - Windows Server 2016
Exam Code   98-367
Exam Price  $127 (USD)
Exam Price  50 mins 
Number of Questions  30-50 
Passing Score  700 / 1000
Books / Training  40032A: Networking and Security Fundamentals: Training two-pack for MTA Exams 98-366 and 98-367
40367A: Security Fundamentals: MTA Exam 98-367
Sample Questions  Microsoft Security Fundamentals Sample Questions
Practice Exam  Microsoft 98-367 Certification Practice Exam

Microsoft 98-367 Exam Syllabus Topics:


Topic (Weights) Details
Understand security layers (25–30%)

Understand core security principles

◈ Confidentiality; integrity; availability; how threat and risk impact principles; principle of least privilege; social engineering; attack surface analysis; threat modelling

Understand physical security

◈ Site security; computer security; removable devices and drives; access control; mobile device security; keyloggers

Understand Internet security

◈ Browser security settings; secure websites

Understand wireless security

◈ Advantages and disadvantages of specific security types; keys; service set identifiers (SSIDs); MAC filters
Understand operating system security (35-40%)


Understand user authentication

◈ Multifactor authentication; physical and virtual smart cards; Remote Authentication Dial-In User Service (RADIUS); biometrics; use Run As to perform administrative tasks

Understand permissions

◈ File system permissions; share permissions; registry; Active Directory; enable or disable inheritance; behaviour when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation; inheritance

Understand password policies

◈ Password complexity; account lockout; password length; password history; time between password changes; enforce by using Group Policies; common attack methods; password reset procedures; protect domain user account passwords

Understand audit policies

◈ Types of auditing; what can be audited; enable auditing; what to audit for specific purposes; where to save audit information; how to secure audit information

Understand encryption

◈ Encrypting file system (EFS); how EFS-encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; virtual private network (VPN); public key/private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices; lock down devices to run only trusted applications

Understand malware

◈ Buffer overflow; viruses, polymorphic viruses; worms; Trojan horses; spyware; ransomware; adware; rootkits; backdoors; zero day attacks
Understand network security (20–25%)Understand dedicated firewalls

◈ Types of hardware firewalls and their characteristics; when to use a hardware firewall instead of a software firewall; stateful versus stateless firewall inspection; Security Compliance Manager; security baselines

Understand network isolation

◈ Routing; honeypot; perimeter networks; network address translation (NAT); VPN; IPsec; server and domain isolation

◈ Understand protocol security

Protocol spoofing; IPsec; tunnelling; DNSsec; network sniffing; denial-of-service (DoS) attacks; common attack methods
Understand security software (15–20%)

Understand client protection

◈ Antivirus; protect against unwanted software installations; User Account Control (UAC); keep client operating system and software updated; encrypt offline folders, software restriction policies; principle of least privilege

Understand email protection

◈ Antispam, antivirus, spoofing, phishing and pharming; client versus server protection; Sender Policy Framework (SPF) records; PTR records

Understand server protection

◈ Separation of services; hardening; keep server updated; secure dynamic Domain Name System (DNS) updates; disable unsecure authentication protocols; Read-Only Domain Controllers (RODC)

Note: 

This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format. To help you prepare for this exam, Microsoft recommends that you have hands-on experience with the product and that you use the specified training resources. These training resources do not necessarily cover all of the topics listed in the "Skills measured" section.

0 comments:

Post a Comment