Microsoft KB Archive/875369

= MCSA/MCSE Training Kit (Exam 70-299): Implementing And Administering Security In A Microsoft Windows Server 2003 Network comments and corrections =

Article ID: 875369

Article Last Modified on 7/25/2007

-

APPLIES TO


 * MSPRESS MCSA/MCSE Training Kit (Exam 70-299): Implementing And Administering Security In A Microsoft Windows Server 2003 Network ISBN 0-7356-2061-x

-



SUMMARY
This article contains comments, corrections, and information about known errors relating to the Microsoft Press book MCSA/MCSE Training Kit (Exam 70-299): Implementing And Administering Security In A Microsoft Windows Server 2003 Network, 0-7356-2061-x.

The following topics are covered:


 * Page 1-8: The word &quot;changed&quot; is used in place of the word &quot;hinged&quot;
 * Page 1-29: Incorrect description of Exercise 2
 * Page 2-5: Managers Group Should Be Accounting Group
 * Page 2-14: Group assignment missing from practice
 * Page 2-22: Correction To Table 2.1
 * Page 3-5: The word &quot;Setup&quot; missing from Security.inf
 * Pages 6-42 and 6-47: Incorrect information regarding Automatic Update client configuration
 * Page 7-9: Correction To CA
 * Page 7-14: Enterprise Root CA Should Be Enterprise Subordinate CA
 * Page 8-32: Ipsec dynamic referenced in place of Ipsec static
 * Page 8-47: Correction To Question 2
 * Page 9-26: Chapter 3 Should Be Chapter 2
 * Page 10-19: Figure 10.2 contains incorrect label for top level icon
 * Page 11-21: Reference to figure 11.8 should be disregarded
 * Page 12-9: Correction To Table 12.1
 * Page 15-28: GPO three should be GPO four and vice versa
 * Pages 15-47 and 15-53: Incorrect figures used



Page 1-8: The word &quot;changed&quot; is used in place of the word &quot;hinged&quot;
On page 1-8, the first sentence of the &quot;Real World&quot; box reads:

&quot;Since the beginning of computer systems, some of the most widely used security attacks have changed upon the attacker gaining access to the operating system’s password file.&quot;

It should read:

&quot;Since the beginning of computer systems, some of the most widely used security attacks have hinged upon the attacker gaining access to the operating system’s password file.&quot;

Page 1-29: Incorrect description of Exercise 2
On page 1-29, the description of Exercise 2 reads:

&quot;In this exercise, you will configure the domain controllers to accept only NTLM and refuse LM default domain controller security policy.&quot;

This sentence is incorrect and should be disregarded.

Page 2-5: Managers Group Should Be Accounting Group
On page 2-5, in the last sentence of the first paragraph,

Change:

&quot;... the Deny ACE means that all memebers of the Managers group will be denied access to the file.&quot;

To:

&quot;... the Deny ACE means that all memebers of the Accounting group will be denied access to the file.&quot;

Page 2-14: Group assignment missing from practice
On page 2-14, the last sentence of step 3 reads:

&quot;Assign the user account a complex password, and make Mary a member of the Administrators group.&quot;

It should read:

&quot;Assign the user account a complex password, and make Mary a member of the Accounting and Administrators groups.&quot;

Page 2-22: Correction To Table 2.1
On page 2-22, in Table 2.1, the features listed for &quot;Windows Server 2003 interim&quot; are the same as that of &quot;Windows Server 2003&quot;. This is incorrect. The features listed for &quot;Windows Server 2003 interim&quot; should be the same as that of &quot;Windows 2000 mixed&quot; in the table.

Page 3-5: The word &quot;Setup&quot; missing from Security.inf
On page 3-5, the third sentence in the first bullet item reads:

&quot;For the domain controller setup, Security.inf is used with the DC Security.inf template.&quot;

It should read:

&quot;For the domain controller setup, Setup Security.inf is used with the DC Security.inf template.&quot;

Pages 6-42 and 6-47: Incorrect information regarding Automatic Update client configuration
On page 42, the second bullet point reads:

&quot;The Automatic Updates client can be configured by using GPOs linked to Active Directory, to the local GPO, or to the registry.&quot;

It should read:

&quot;The Automatic Updates client can be configured by using GPOs linked to Active Directory, the local GPO, or the registry.&quot;

On page 47, the fifth bullet point reads:

&quot;The Automatic Updates client can be configured by using GPOs linked to Active Directory, to the local GPO, or to the registry.&quot;

It should read:

&quot;The Automatic Updates client can be configured by using GPOs linked to Active Directory, the local GPO, or the registry.&quot;

Page 7-9: Correction To CA
On page 7-9, under Root CAs,

Change:

&quot;Because enterprise CAs rely on Active Directory to store and replicate data, all enterprise CAs must also be domain controlers.&quot;

To:

&quot;Because enterprise CAs rely on Active Directory to store and replicate data.&quot;

Page 7-14: Enterprise Root CA Should Be Enterprise Subordinate CA
On page 7-14, in step 6,

Change:

&quot;6. In the CA Type dialog box, click Enterprise Root CA, and then click Next.&quot;

To:

&quot;6. In the CA Type dialog box, click Enterprise subordinate CA, and then click Next.&quot;

Page 8-32: Ipsec dynamic referenced in place of Ipsec static
On page 8-32, the last sentence before the command sample reads:

&quot;For example, the following commands launch Netsh and set the context to Ipsec dynamic:&quot;

It should read:

&quot;For example, the following commands launch Netsh and set the context to Ipsec static:&quot;

Page 8-47: Correction To Question 2
On page 8-47, in the first paragraph,

Change:

&quot;c, e, and f&quot;

To:

&quot;c, d, and f&quot;

Page 9-26: Chapter 3 Should Be Chapter 2
On page 9-26, in the first line, change:

&quot;See Also For information on how to enable auditing, refer to Chapter 3&quot;

To:

&quot;See Also For information on how to enable auditing, refer to Chapter 2&quot;

Page 10-19: Figure 10.2 contains incorrect label for top level icon
On page 10-19, Figure 10.2 has an incorrect label for the top level icon only. The remaining icon labels in the hierarchy are correct.

Change:

&quot;Wireless LAN users

(Domain Global Group)&quot;

To:

&quot;Universal Group

(access granted with remote access policy in IAS)&quot;

Page 11-21: Reference to figure 11.8 should be disregarded
On page 11-21, the second to the last sentence in step 11 reads:

&quot;Figure 11.8 shows this dialog box completed.&quot;

Figure 11.8 does not display a completed dialog box and should be disregarded.

Page 12-9: Correction To Table 12.1
On page 12-9, in Table 12.1, &quot;Supported by Windows Server 2003, Windows XP, and Windows 2000 clients&quot; should have a check under EAP.

Page 15-28: GPO three should be GPO four and vice versa
On page 15-28, the descriptions of GPO three and GPO four in question 4 should be switched.

Change:

&quot;GPO three: Server (Request Security) IPSec policy set GPO four: Secure Server (Require Security) IPSec policy set&quot;

To:

&quot;GPO three: Secure Server (Require Security) IPSec policy set GPO four: Server (Request Security) IPSec policy set&quot;

Pages 15-47 and 15-53: Incorrect figures used
On page 15-47, the image is incorrect and should be replaced with the image on page 15-53.

On page 15-53, the image is incorrect and should be replaced with the image on page 15-47.

Microsoft Press is committed to providing informative and accurate books. All comments and corrections listed above are ready for inclusion in future printings of this book. If you have a later printing of this book, it may already contain most or all of the above corrections.

Additional query words: 0-7356-2061-X 978-0-7356-2061-2

Keywords: kbdocfix kbdocerr KB875369

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.