Errata for MCSA/MCSE Self-Paced Training Kit (Exam 70-299): Implementing and Administering Security in a Microsoft® Windows Server™ 2003 Network

Ipsec dynamic referenced in place of Ipsec static On page 8-32, the last sentence before the command sample reads: "For example, the following commands launch Netsh and set the context to Ipsec dynamic:" It should read: "For example, the following commands launch Netsh and set the context to Ipsec static:"

Correction To Question 2 On page 8-47, in the first paragraph, Change: "c, e, and f" To: "c, d, and f"

The word "Setup" missing from Security.inf On page 3-5, the third sentence in the first bullet item reads: "For the domain controller setup, Security.inf is used with the DC Security.inf template." It should read: "For the domain controller setup, Setup Security.inf is used with the DC Security.inf template."

Managers Group Should Be Accounting Group On page 2-5, in the last sentence of the first paragraph, Change: "... the Deny ACE means that all memebers of the Managers group will be denied access to the file." To: "... the Deny ACE means that all memebers of the Accounting group will be denied access to the file."

Incorrect information regarding Automatic Update client configuration On page 42, the second bullet point reads: "The Automatic Updates client can be configured by using GPOs linked to Active Directory, to the local GPO, or to the registry." It should read: "The Automatic Updates client can be configured by using GPOs linked to Active Directory, the local GPO, or the registry." On page 47, the fifth bullet point reads: "The Automatic Updates client can be configured by using GPOs linked to Active Directory, to the local GPO, or to the registry." It should read: "The Automatic Updates client can be configured by using GPOs linked to Active Directory, the local GPO, or the registry."

The word "changed" is used in place of the word "hinged" On page 1-8, the first sentence of the "Real World" box reads: "Since the beginning of computer systems, some of the most widely used security attacks have changed upon the attacker gaining access to the operating system’s password file." It should read: "Since the beginning of computer systems, some of the most widely used security attacks have hinged upon the attacker gaining access to the operating system’s password file."

Correction To CA On page 7-9, under Root CAs,Change:"Because enterprise CAs rely on Active Directory to store and replicate data, all enterprise CAs must also be domain controlers."To:"Because enterprise CAs rely on Active Directory to store and replicate data."

Correction To Table 12.1 On page 12-9, in Table 12.1, "Supported by Windows Server 2003, Windows XP, and Windows 2000 clients" should have a check under EAP.

Group assignment missing from practice On page 2-14, the last sentence of step 3 reads: "Assign the user account a complex password, and make Mary a member of the Administrators group." It should read: "Assign the user account a complex password, and make Mary a member of the Accounting and Administrators groups."

Enterprise Root CA Should Be Enterprise Subordinate CA On page 7-14, in step 6, Change: "6. In the CA Type dialog box, click Enterprise Root CA, and then click Next." To: "6. In the CA Type dialog box, click Enterprise subordinate CA, and then click Next."

GPO three should be GPO four and vice versa On page 15-28, the descriptions of GPO three and GPO four in question 4 should be switched. Change: "GPO three: Server (Request Security) IPSec policy set GPO four: Secure Server (Require Security) IPSec policy set" To: "GPO three: Secure Server (Require Security) IPSec policy set GPO four: Server (Request Security) IPSec policy set"

Incorrect figures used On page 15-47, the image is incorrect and should be replaced with the image on page 15-53. On page 15-53, the image is incorrect and should be replaced with the image on page 15-47. Microsoft Press is committed to providing informative and accurate books. All comments and corrections listed above are ready for inclusion in future printings of this book. If you have a later printing of this book, it may already contain most or all of the above corrections.

Figure 10.2 contains incorrect label for top level icon On page 10-19, Figure 10.2 has an incorrect label for the top level icon only. The remaining icon labels in the hierarchy are correct. Change: "Wireless LAN users (Domain Global Group)" To: "Universal Group (access granted with remote access policy in IAS)"

Reference to figure 11.8 should be disregarded On page 11-21, the second to the last sentence in step 11 reads: "Figure 11.8 shows this dialog box completed." Figure 11.8 does not display a completed dialog box and should be disregarded.

Correction To Table 2.1 On page 2-22, in Table 2.1, the features listed for "Windows Server 2003 interim" are the same as that of "Windows Server 2003". This is incorrect. The features listed for "Windows Server 2003 interim" should be the same as that of "Windows 2000 mixed" in the table.

Chapter 3 Should Be Chapter 2 On page 9-26, in the first line, change:"See Also For information on how to enable auditing, refer to Chapter 3"To:"See Also For information on how to enable auditing, refer to Chapter 2"

Incorrect description of Exercise 2 On page 1-29, the description of Exercise 2 reads: "In this exercise, you will configure the domain controllers to accept only NTLM and refuse LM default domain controller security policy." This sentence is incorrect and should be disregarded.