1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.


Discussion in 'Network Infrastructure' started by hippy, Jan 11, 2009.

  1. hippy

    hippy Kilobyte Poster


    Does anyone have a good site for IPSec,Kerberos,NTLM etc... ? Just read Chapter 11 Lesson 2 of the MS Press book for 70-291 and the author might as well of written it in French! I love when he mentions ISAKMP in the book for a question and hasnt mentioned it at all anywhere else i keep finding myself browsing 'google'.

    http://technet.microsoft.com/en-us/library/cc776080.aspx - alot better overview than the book for starters...

  2. zebulebu

    zebulebu Terabyte Poster

    I wouldn't worry too much about the detail of authentication methods. There are some key concepts you'll need to grasp, but I seriously doubt 70-291 will go into any depth about the protocols that make up the various methods of authentication in Windows - let alone the intricacies of IpSec!

    FWIW, you'll probably need to know things like how the ticket-granting system is implemented in Windows, the differences betweent Kerberos & NTLM (I doubt a 2K3 exam will quiz you on the differences between NTLMv1 & v2 but you never know), how the IpSec encapsulation process works - stuff at that sort of level. Anything beyond that is probably a waste of your time learning. Check these links out:

    Decent overview of Kerberos, probably at the right sort of level for 70-291
    The ever-awesome TCP/IP guide's info on IpSec
    Security Focus' guide to the Windows implementation of IpSec
    Certifications: A few
    WIP: None - f*** 'em
  3. hippy

    hippy Kilobyte Poster

    Thanks zeb, those links look pretty good! Wonder if i can be a networks/security/vmware Don Wonton Bomb :D.

    The whole of chapter 11 does seem a little bit of an after thought. I was wondering how much detail it went into, although i am enjoying it which must bode well for the security exams :)
  4. Ence

    Ence Kilobyte Poster

    May I bump rather then new post.

    IPSec would be this setup then left alone or is there much ongoing administration.
    I read about Pre - Shared key (clear text)
    why would you use this & what would the benefit be ?

    Have been thinking do I really need to know a deep knowledge.

    *off to look at zebulebu urls

Share This Page