Microsoft Forefront

50093 & 50094 Microsoft Forefront
Client Security & Server Security Courses

5 Day Instructor Led Course – 35 Contact Hours

Center Benefits
Microsoft Gold Partner for Learning Solutions
Microsoft Official Curriculum
Microsoft Certified Trainers
Certificate of Attendance from Microsoft
Computer Labs: 1 PC for each student
Corporate Venue: Onsite or at NLP Tech for MA
Microsoft Exam Pass Guarantee
Limited Promotions
Free Corporate Training with Microsoft SA Vouchers

Microsoft Certified Professional Exams
Technology Specialist Exam 70-557 : TS : Microsoft Forefront Client and Server, Configuration

Course Overview
This course is subject to change regarding its elements. The course bootcamp combines course 50093, Deploying and Administering Microsoft Forefront Client Security, and course 50094, Deploying and Administering Microsoft Forefront Security for Exchange Server, Microsoft Forefront Security for SharePoint, and Microsoft Forefront Server Security Management Console.

50093: Purpose of this course is to provide knowledge on critical deployment and administration abilities in this 400-level instructor-led course on Microsoft Forefront Client Security. Aimed at systems integrators, consultants, and deployment partners, this three-day course would provide lecture and hands-on labs and was developed by Microsoft Consulting Services using their detailed implementation knowledge and best practices.

50094: It is a two-day course which would offer the candidates with up to date skills and knowledge to be able deploy and administer Microsoft Forefront Server Security products. Like the 500093 this course would also includes lecture and hands-on labs (covering several server products) and was developed by Microsoft Consulting Services using their detailed implementation knowledge and best practices.

Audience
The courses are designed for technical deployment experts and senior-level administrators who can manage a Microsoft Exchange Server or Microsoft SharePoint Products and Technologies infrastructure or security practice.

At Course Completion
50093: Once the course is completed, it will allow the participants to:

Easily describe the Forefront Client Security components and architecture, and help in the identification of different server roles.

To successfully complete and troubleshoot the server setup process, identification of various server topologies, and describing basic MOM concepts and the MOM agent.

Identify Forefront Client Security client component characteristics and describe the client setup and deployment processes.

Understand the user roles and Forefront Client Security administration, Forefront Client Security Policy UI settings and policy deployments, and know how to troubleshoot the Management Console.

Understand the reporting services infrastructure used by Forefront Client Security.

Use Forefront Client Security reports and alerting services, and troubleshoot reporting procedures.

Describe and understand the security state assessment (SSA) component of Forefront Client Security, and its architecture.

Describe the object processor and manifest update in SSA.

Review the SSA Security Check messages and results.

Review methods and procedures used to submit malware to Microsoft for analysis.

50094: By the end of this course, the candidates/students would be able to:

Understand and describe various aspects of the multiple engine settings and the balance of information versus performance in Forefront Security for Exchange Server.

Address and discuss the issues regarding the transport scanning work in Forefront Security for Exchange Server.

Easily recognize and understand the differences between default mode and outbreak mode protection, and understand the file, content, and keyword filtering options available with Forefront Security for Exchange Server.

Comfortably identify various elements and services within Forefront Security for SharePoint.

Use Forefront Security in a better and effective way for SharePoint filters and templates to define scanning options.

Understand Forefront Security for SharePoint diagnostics, logging, and statistics gathered during maintenance and from notifications.

Develop a clear understand of the various alerts and reporting features available in Forefront Server Security Management Console.

Clearly identify the eight Management Console job categories and the basic role of each classification.

Prerequisites
Candidates are required to have certifications and experience in Windows server or deployment, before attending this and be familiar with the Forefront product line: Client, Server, and Edge.

50093 Course Outline

Module 1: Course Overview
The module offers an overview of the Forefront Client Security components and architecture. It clearly describes the expectations from the product, and what modules will be covered on what days.

Lessons
Forefront Product Overview
Forefront Client Security
Microsoft Forefront Client Security Components
Training Modules
After completing this module, students will be able to:
Describe the Forefront Client Security components and architecture.

Module 2: Forefront Client Security Server Roles and Topologies
This module comprehensively explains the various roles included on the server side of a Forefront Client Security infrastructure, as well as their interrelation in the various possible topologies.

Lessons
Forefront Client Security Server Roles
Collection Server
Collection Server Database
Reporting Server
Reporting Database Server
Forefront Client Security Server Setup
Role Installation Steps
Server Topologies
SQL Server Database Sizing
Configuration Wizard
MOM Concepts
Forefront Client Security Server Setup Troubleshooting

Lab 1: Installing a Three Server Topology

Launch the Virtual Environment
Create Forefront Client Security Accounts
Install the Management, Collection, and Reporting Server
Install the Reporting Server Database
Install the Distribution Server Role
Configure Client Security on a Three Server Topology
Grant Correct Permissions for Forefront Client Security Service Accounts
Verify the Installation of Client Security on a Three Server Topology

By the end of this module, students will be able to:

Identify the different server roles within Forefront Client Security.
Complete the server setup process.
Identify various server topologies.
Review basic MOM concepts.
Discuss Forefront Client Security server setup troubleshooting.

Module 3: Forefront Client Security Client
This particular module will help explaining the Forefront Client Security client setup configuration and deployment.

Lessons
General Information
Antimalware
MOM Agent
Client Setup
Client Deployment Planning
Forefront Client Security Client Deployment Methods
Troubleshooting

Lab 2: Deploying the Forefront Client Security Client
Configure WSUS 3.0 to Deploy the Forefront Client Security Client
Create a Forefront Client Security Client Package and Distribute It
Distribute the Antimalware and Security Assessment State Definition Updates
Malware and Spyware Detection
View the Malware and Spyware in the Dashboard

At the completion of this module, students will:

Be able to describe Forefront Client Security client component characteristics and information.
Be able to describe the antimalware agent and engine.
Easily understand the MOM agent.
Clear understanding of the client setup process.
Completely understand client deployment basics.

Module 4: Forefront Client Security Management
This module explains Forefront Client Security management.

Lessons
Administration
Administration Dashboard
Forefront Client Security Policy Deployment
Forefront Client Security Management Console Troubleshooting

Lab 3: End-to-End Policy Deployment

Deploy a Test Policy
Refresh and Verify Policy on the Client
View Policy Application via GPResult
View Summary Reports
Policy Configuration Effects on Client UI
Lab 4: Configuring Forefront Data Retention
Examine Data Retention Periods
Modify Database Retention Settings

After completing this module, students will:

Be able to get hands on with Forefront Client Security administration.
Clearly understand Forefront Client Security Administration User roles.
Understand Forefront Client Security Policy UI settings and policy deployments.
Be to get hands on Forefront Client Security Management Console troubleshooting.

Module 5: Forefront Client Security Reporting and Alerting
This module explains Forefront Client Security Reporting and Alerting.
Lessons
Reporting Services Overview
Reporting Architecture
MOM Reporting
Forefront Client Security Reports
SQL Server Reporting Services Troubleshooting
Alerts

Lab 5: Viewing Forefront Client Security Reports

Explore Forefront Client Security Reports

Lab 6: Managing Forefront Client Security Accounts

View Reporting Failure
Specify SQL Server Reporting Credentials to Forefront Client Security

Lab 7: Creating an E-Mail Report Subscription and Setting an E-Mail Notification

Configure SQL Server Reporting Services
Create an E-Mail Subscription
Create an E-Mail Notification
Follow the Alert Notification Flow
View E-Mail Server Settings

After completing this module, students will:

Manage to understand the reporting services infrastructure used by Forefront Client Security.
Get familiar with Forefront Client Security Reports.
Get familiar with Forefront Client Security Alerting Services.
Be able to understand Forefront Client Security Reporting troubleshooting procedures.

Module 6: Security State Assessment
The module describes the security state assessment.

Lessons
Security State Assessment
SSA General Information
SSA Architecture
SSA Object Processor (OP) and Manifest Updates
SSA Security Checks

Lab 8: Security State Assessment

Examine Security State Assessment information in MOM and the Forefront Client Security Management Console
Configure WSUS for Security State Assessments
Detect Vulnerabilities
Update Clients

The course at its completion will help the students to:

Comfortably understand the security state assessment component of Forefront Client Security.
Get familiar with the architecture of the SSA.
Get familiar with the object processor and manifest update in SSA.
Easily understand the SSA security check messages and results.

Module 7: Submitting Malware to Microsoft for Analysis
This module explains the submission of malware.

Lessons
Malware Submission
Assisting Customers with Malware Submissions

After completing this module, students will be able to:

Review methods and procedures used to submit malware to Microsoft for analysis.

Module 8: Closing
This module provides a review of the Forefront Client Security course, and a list of Web sites that provide additional information on Forefront Client Security.

Appendices
Appendix A: Antimalware Client Registry Settings
Appendix B: Antimalware Errors
Appendix C: PP Tracing
Appendix D: Antimalware Events
Appendix E: SSA Scan Event Log Events
Appendix F: MOM Command Line Reference

50094 Course Outline

Module 1: Forefront Security for Exchange Server
Lessons
Forefront Security for Exchange Server Deployment Planning
Forefront Security for Exchange Server Overview
E-Mail Transport Scanning
Store Scanning
FSE Premium Anti-Spam Features with Exchange 2007
Using Filters
Settings and Templates
Managing Forefront Security for Exchange Server
Diagnostics and Logging

Lab 1: Protecting Exchange Server against Viruses

Scanning Messages for Viruses
Using File Filtering to Block Attachments

After completing this module, students will be able to:

Understand Components of multiple engine settings and the balance of information versus performance.
Discuss FSE considerations.
Discuss how transport scanning works.
Identify and understand the difference between default mode and outbreak mode protection.
Identify the scanning behavior changes in Exchange 2007.
Identify and describe the various file filtering, content filtering, and keyword filtering options available.

Module 2: Forefront Security for SharePoint
Lessons
Forefront Security for SharePoint Overview
Forefront Security for SharePoint Scanning
Forefront Security for SharePoint Using Filters and Templates
Forefront Security for SharePoint Maintenance and Notifications

Lab 2: Protecting SharePoint Servers

Scanning Documents for Viruses
Running a Manual Scan Job
Using Keyword Filtering and Notifications
Updating Scan Engines

At the end of this module, students will be able to:

Recognize the various components and services within Forefront Security for SharePoint.
Fully understand how to scan files through real time and manual scans.
Develop the use filters and templates to further define scanning options.
Clearly understand diagnostics, logging, and statistics gathered during maintenance and from notifications.

Module 3: Forefront Server Security Management Console
Lessons

Security and Access Offerings
System Requirements
Forefront Server Security Management Console Features
Managing Packages
Reports
Alerts
Cluster Continuous Replication (CCR) Support
FSSMC Redundancy
Maintenance and Troubleshooting
Microsoft FSSMC Summary

Lab 3: Using Forefront Server Security Management Console

Configuring Forefront Server Security Management Console
Using Jobs in FSSMC to Manage Forefront Servers
Managing Reports and Quarantine Items with FSSMC

After completing this module, students will be able to:

Describe the various alerts and reporting available through FSSMC.
Identify the eight different categories of FSSMC jobs and the basic role of each classification.
Understand the features of the Management Console.

Have a Question or
Need Information?