Microsoft Forefront
50093 &
50094 Microsoft Forefront
Client Security & Server Security Courses
5 Day Instructor Led Course – 35 Contact Hours
Center Benefits
Microsoft Gold Partner for Learning Solutions
Microsoft Official Curriculum
Microsoft Certified Trainers
Certificate of Attendance from Microsoft
Computer Labs: 1 PC for each student
Corporate Venue: Onsite or at NLP Tech for MA
Microsoft Exam Pass Guarantee
Limited Promotions
Free Corporate Training with Microsoft SA Vouchers
Microsoft Certified
Professional Exams
Technology Specialist Exam 70-557 : TS : Microsoft Forefront Client and Server,
Configuration
Course Overview
This course is subject to change regarding its elements. The course bootcamp
combines course 50093, Deploying and Administering Microsoft Forefront Client
Security, and course 50094, Deploying and Administering Microsoft Forefront
Security for Exchange Server, Microsoft Forefront Security for SharePoint, and
Microsoft Forefront Server Security Management Console.
50093: Purpose of this course is to provide knowledge on critical deployment and administration abilities in this 400-level instructor-led course on Microsoft Forefront Client Security. Aimed at systems integrators, consultants, and deployment partners, this three-day course would provide lecture and hands-on labs and was developed by Microsoft Consulting Services using their detailed implementation knowledge and best practices.
50094: It is a two-day course which would offer the candidates with up to date skills and knowledge to be able deploy and administer Microsoft Forefront Server Security products. Like the 500093 this course would also includes lecture and hands-on labs (covering several server products) and was developed by Microsoft Consulting Services using their detailed implementation knowledge and best practices.
Audience
The courses are designed for technical deployment experts and senior-level
administrators who can manage a Microsoft Exchange Server or Microsoft
SharePoint Products and Technologies infrastructure or security practice.
At Course Completion
50093: Once the course is completed, it will allow the participants to:
Easily describe the Forefront Client Security components and architecture, and help in the identification of different server roles.
To successfully complete and troubleshoot the server setup process, identification of various server topologies, and describing basic MOM concepts and the MOM agent.
Identify Forefront Client Security client component characteristics and describe the client setup and deployment processes.
Understand the user roles and Forefront Client Security administration, Forefront Client Security Policy UI settings and policy deployments, and know how to troubleshoot the Management Console.
Understand the reporting services infrastructure used by Forefront Client Security.
Use Forefront Client Security reports and alerting services, and troubleshoot reporting procedures.
Describe and understand the security state assessment (SSA) component of Forefront Client Security, and its architecture.
Describe the object processor and manifest update in SSA.
Review the SSA Security Check messages and results.
Review methods and procedures used to submit malware to Microsoft for analysis.
50094: By the end of this course, the candidates/students would be able to:
Understand and describe various aspects of the multiple engine settings and the balance of information versus performance in Forefront Security for Exchange Server.
Address and discuss the issues regarding the transport scanning work in Forefront Security for Exchange Server.
Easily recognize and understand the differences between default mode and outbreak mode protection, and understand the file, content, and keyword filtering options available with Forefront Security for Exchange Server.
Comfortably identify various elements and services within Forefront Security for SharePoint.
Use Forefront Security in a better and effective way for SharePoint filters and templates to define scanning options.
Understand Forefront Security for SharePoint diagnostics, logging, and statistics gathered during maintenance and from notifications.
Develop a clear understand of the various alerts and reporting features available in Forefront Server Security Management Console.
Clearly identify the eight Management Console job categories and the basic role of each classification.
Prerequisites
Candidates are required to have certifications and experience in Windows server
or deployment, before attending this and be familiar with the Forefront product
line: Client, Server, and Edge.
50093 Course Outline
Module 1: Course Overview
The module offers an overview of the Forefront Client Security components and
architecture. It clearly describes the expectations from the product, and what
modules will be covered on what days.
Lessons
Forefront Product Overview
Forefront Client Security
Microsoft Forefront Client Security Components
Training Modules
After completing this module, students will be able to:
Describe the Forefront Client Security components and architecture.
Module 2: Forefront Client
Security Server Roles and Topologies
This module comprehensively explains the various roles included on the server
side of a Forefront Client Security infrastructure, as well as their
interrelation in the various possible topologies.
Lessons
Forefront Client Security Server Roles
Collection Server
Collection Server Database
Reporting Server
Reporting Database Server
Forefront Client Security Server Setup
Role Installation Steps
Server Topologies
SQL Server Database Sizing
Configuration Wizard
MOM Concepts
Forefront Client Security Server Setup Troubleshooting
Lab 1: Installing a Three Server Topology
Launch the Virtual Environment
Create Forefront Client Security Accounts
Install the Management, Collection, and Reporting Server
Install the Reporting Server Database
Install the Distribution Server Role
Configure Client Security on a Three Server Topology
Grant Correct Permissions for Forefront Client Security Service Accounts
Verify the Installation of Client Security on a Three Server Topology
By the end of this module, students will be able to:
Identify the different server roles within Forefront Client Security.
Complete the server setup process.
Identify various server topologies.
Review basic MOM concepts.
Discuss Forefront Client Security server setup troubleshooting.
Module 3: Forefront Client
Security Client
This particular module will help explaining the Forefront Client Security client
setup configuration and deployment.
Lessons
General Information
Antimalware
MOM Agent
Client Setup
Client Deployment Planning
Forefront Client Security Client Deployment Methods
Troubleshooting
Lab 2: Deploying the Forefront Client Security Client
Configure WSUS 3.0 to Deploy the Forefront Client Security Client
Create a Forefront Client Security Client Package and Distribute It
Distribute the Antimalware and Security Assessment State Definition Updates
Malware and Spyware Detection
View the Malware and Spyware in the Dashboard
At the completion of this module, students will:
Be able to describe Forefront Client Security client component characteristics
and information.
Be able to describe the antimalware agent and engine.
Easily understand the MOM agent.
Clear understanding of the client setup process.
Completely understand client deployment basics.
Module 4: Forefront Client
Security Management
This module explains Forefront Client Security management.
Lessons
Administration
Administration Dashboard
Forefront Client Security Policy Deployment
Forefront Client Security Management Console Troubleshooting
Lab 3: End-to-End Policy Deployment
Deploy a Test Policy
Refresh and Verify Policy on the Client
View Policy Application via GPResult
View Summary Reports
Policy Configuration Effects on Client UI
Lab 4: Configuring Forefront Data Retention
Examine Data Retention Periods
Modify Database Retention Settings
After completing this module, students will:
Be able to get hands on with Forefront Client Security administration.
Clearly understand Forefront Client Security Administration User roles.
Understand Forefront Client Security Policy UI settings and policy deployments.
Be to get hands on Forefront Client Security Management Console troubleshooting.
Module 5: Forefront Client
Security Reporting and Alerting
This module explains Forefront Client Security Reporting and Alerting.
Lessons
Reporting Services Overview
Reporting Architecture
MOM Reporting
Forefront Client Security Reports
SQL Server Reporting Services Troubleshooting
Alerts
Lab 5: Viewing Forefront Client Security Reports
Explore Forefront Client Security Reports
Lab 6: Managing Forefront Client Security Accounts
View Reporting Failure
Specify SQL Server Reporting Credentials to Forefront Client Security
Lab 7: Creating an E-Mail Report Subscription and Setting an E-Mail Notification
Configure SQL Server Reporting Services
Create an E-Mail Subscription
Create an E-Mail Notification
Follow the Alert Notification Flow
View E-Mail Server Settings
After completing this module, students will:
Manage to understand the reporting services infrastructure used by Forefront
Client Security.
Get familiar with Forefront Client Security Reports.
Get familiar with Forefront Client Security Alerting Services.
Be able to understand Forefront Client Security Reporting troubleshooting
procedures.
Module 6: Security State
Assessment
The module describes the security state assessment.
Lessons
Security State Assessment
SSA General Information
SSA Architecture
SSA Object Processor (OP) and Manifest Updates
SSA Security Checks
Lab 8: Security State Assessment
Examine Security State Assessment information in MOM and the Forefront Client
Security Management Console
Configure WSUS for Security State Assessments
Detect Vulnerabilities
Update Clients
The course at its completion will help the students to:
Comfortably understand the security state assessment component of Forefront
Client Security.
Get familiar with the architecture of the SSA.
Get familiar with the object processor and manifest update in SSA.
Easily understand the SSA security check messages and results.
Module 7: Submitting
Malware to Microsoft for Analysis
This module explains the submission of malware.
Lessons
Malware Submission
Assisting Customers with Malware Submissions
After completing this module, students will be able to:
Review methods and procedures used to submit malware to Microsoft for analysis.
Module 8: Closing
This module provides a review of the Forefront Client Security course, and a
list of Web sites that provide additional information on Forefront Client
Security.
Appendices
Appendix A: Antimalware Client Registry Settings
Appendix B: Antimalware Errors
Appendix C: PP Tracing
Appendix D: Antimalware Events
Appendix E: SSA Scan Event Log Events
Appendix F: MOM Command Line Reference
50094 Course Outline
Module 1: Forefront
Security for Exchange Server
Lessons
Forefront Security for Exchange Server Deployment Planning
Forefront Security for Exchange Server Overview
E-Mail Transport Scanning
Store Scanning
FSE Premium Anti-Spam Features with Exchange 2007
Using Filters
Settings and Templates
Managing Forefront Security for Exchange Server
Diagnostics and Logging
Lab 1: Protecting Exchange Server against Viruses
Scanning Messages for Viruses
Using File Filtering to Block Attachments
After completing this module, students will be able to:
Understand Components of multiple engine settings and the balance of information
versus performance.
Discuss FSE considerations.
Discuss how transport scanning works.
Identify and understand the difference between default mode and outbreak mode
protection.
Identify the scanning behavior changes in Exchange 2007.
Identify and describe the various file filtering, content filtering, and keyword
filtering options available.
Module 2: Forefront
Security for SharePoint
Lessons
Forefront Security for SharePoint Overview
Forefront Security for SharePoint Scanning
Forefront Security for SharePoint Using Filters and Templates
Forefront Security for SharePoint Maintenance and Notifications
Lab 2: Protecting SharePoint Servers
Scanning Documents for Viruses
Running a Manual Scan Job
Using Keyword Filtering and Notifications
Updating Scan Engines
At the end of this module, students will be able to:
Recognize the various components and services within Forefront Security for
SharePoint.
Fully understand how to scan files through real time and manual scans.
Develop the use filters and templates to further define scanning options.
Clearly understand diagnostics, logging, and statistics gathered during
maintenance and from notifications.
Module 3: Forefront Server
Security Management Console
Lessons
Security and Access Offerings
System Requirements
Forefront Server Security Management Console Features
Managing Packages
Reports
Alerts
Cluster Continuous Replication (CCR) Support
FSSMC Redundancy
Maintenance and Troubleshooting
Microsoft FSSMC Summary
Lab 3: Using Forefront Server Security Management Console
Configuring Forefront Server Security Management Console
Using Jobs in FSSMC to Manage Forefront Servers
Managing Reports and Quarantine Items with FSSMC
After completing this module, students will be able to:
Describe the various alerts and reporting available through FSSMC.
Identify the eight different categories of FSSMC jobs and the basic role of each
classification.
Understand the features of the Management Console.