My Top 10 Study Tips for Passing the Designing Security Exam (70-220)
Ready to start studying for the Win2K Security Design exam, but not sure where to focus your efforts? Hinne Hettema offers his top tips for getting a realistic grip the material covered.
by Hinne Hettema
5/16/2001 -- The Designing Security for a Windows 2000 Network exam is one of the three design cores in the Win2K track. To become a 2000 MCSE, you need to pass at least one of these design cores. These exams are considerably different (and many think considerably more difficult) than the "normal" MCSE test. Following is a list of 10 study tips that I think will help you pass this challenging exam.
1. Prepare To Study Differently This exam tests your design skills, which means that you have to prepare in a somewhat different way. While with the old MCSE exams it was quite possible to cram for a few days and then pass the exam, with these exams that scenario is much less likely. For this exam, your studies should be aimed at understanding the material, not memorizing the user interface of the various tools (educational theorists call this "deep learning" as opposed to "surface learning").
2. Put Everything Together As part of understanding you should focus on all the security components of Win2K and how they work together, even with other OSs. For instance, NT 4.0 machines are incapable of Kerberos authentication. Therefore, if your requirements call for the presence of an NT 4.0 machine somewhere, your proposed design has to reflect this. You cannot switch to native mode. You may have to use certificates for authentication, depending on the role of the server. In short, the focus is not so much on the individual facts, but on the integration of all these facts into an overall, coherent design. As a part of this, you will also have to focus on interoperability with other systems like Unix.
3. Determine a Reading Strategy Due to the complexity of the exam, you'll need to read quite widely and smartly. Start setting up reading time now. Prepare for a huge amount of reading -- hands-on only won't get you through these exams! Start reading the exam page on Microsoft's Web site (http://www.microsoft.com/trainingandservices/exams/examsearch.asp?PageID=70-220) and pay particular attention to all the items mentioned there. Research each and every individual item.
4. Go Online for In-Depth Info Check out www.ietf.org for the Kerberos, IPSec and L2TP RFCs (Request for Comment). These are sizable text documents that describe these standards. Win2K contains proprietary implementations of these standards, but they still adhere to the standards. The RFCs are bone-dry reads but quite detailed. In cases of doubt, they are always right. I have found these to be a big advantage while preparing.
5. Buy This Book! Ian McLean's "Windows 2000 Security Little Black Book" is an invaluable resource for this exam. Highly recommended.
6. Don't Forget TechNet Microsoft provides a large amount of whitepapers, as well as the large Deployment and Planning guide for free on their Web site. You can check out http://www.microsoft.com/technet/security for the latest updates, but chances are somewhat slim that you'll find a lot of material useful for the exam here. The security related chapters from the Deployment and Planning guide are invaluable, though -- get those.
7. Deployment Scenarios Galore I have found that close study of the Win2K deployment scenarios very useful (on http://www.microsoft.com/windows2000). These focus on specific deployments of PPTP, L2TP, secure dynamic updates for DNS and much more, and will teach you how Microsoft recommends their technology to be used in the real world. Needless to say, this is a large component of the exam.
8. Know You Don't Have To Take the Core First I decided to take the design exams before upgrading my NT "core" to the Win2K "core." As a result, I spent around six months of reading and working with the OS before I successfully tackled my first design exam. While some maintain that the core exams are a necessary preparation for the design exams, it is possible to start with the design exams first. I would only recommend this, though, if you are prepared for around six months of reading and already are an MCSE in NT 4.0.
9. Learn the Exam Format This exam consists of four case studies followed by around 10 questions each. The case studies consist of a company description, together with notes from various interviews. The goal of the design exams is to test your knowledge and ability to translate these real life scenarios into solutions using Win2K. The questions range form multiple choice to the dreaded "choose all that apply" to drag-and-drop questions, where you have to draw a diagram using boxes and connectors. (To create a connector, choose one box first, press the Shift key, choose the second box, and then continue to choose the type of connection you want to create. Remember this one! The instructions during the exam are not quite clear on this. You are already stressed, and will not be in any mood to leisurely find out how to do this!) The biggest problem is that during the exam you'll be afraid to run out of time. You will spend around half an hour reading and scribbling notes before answering your first question. Don't watch the clock, but focus on the task at hand. You have three hours to answer 40 questions. (Note that Microsoft offers information on its Web site to prepare you for these new question types: Click here to access the information on MS's Web site.)
10. Have a Failure Strategy Many people have failed these exams. Even worse: Many well-qualified people have failed these exams. Have a strategy in place for this possibility (more study, take a month's break, tackle an easier exam first, find another angle on the material or a combination of all of this). Don't plan all your studies too tightly assuming you will sail through the exams, but leave some room for more reading, more research or a break. This tip has a corollary: If you have not already started on this, now is probably the time to do so.
All in all, a pass mark on one of the design exams is quite an achievement and tremendously satisfying. This exam is tough, and many of the questions are intended to confuse you. Unlike the NT exams, there is no straight "point and click" here. The upshot is that you'll feel well tested when walking out of the exam (at least I did). Good luck!
Hinne Hettema works for a large computing outsourcing firm in Auckland, New Zealand, specialising in the area of Application Service Providers. He is Microsoft (MCSE NT4 and W2K), Citrix (CCA) and Cisco (CCNP) certified and has a PhD in computational chemistry and an MA in philosophy. He lives in a 1930s villa on the edge of the Manukau harbour with his wife, daughter and three cats, as well as numerous computers. He is also the editor of 'Quantum Chemistry: Classic Scientific Papers' (World Scientific, Singapore 2000). He can be reached at and likes to receive email.
More articles by Hinne Hettema:
|