Microsoft’s exam 70-299, Implementing and Administering Security in a Microsoft Windows Server 2003 Network, is one of the core specialization exams for achieving your MCSE: Security on Microsoft Windows Server 2003 Certification or MCSA: Security on Microsoft Windows Server 2003 Certification. If you are not specializing in security for these designations, the exam is offered as an elective for either certification. And as the exam name implies, the focus is all on security.

The core objectives for this exam include:

• Implementing, Managing, and Troubleshooting Security Policies
• Implementing, Managing, and Troubleshooting Patch Management Infrastructure
• Implementing, Managing, and Troubleshooting Security for Network Communications
• Planning, Configuring, and Troubleshooting Authentication, Authorization, and PKI

Now these are the high level objectives and there are numerous sub-objectives under each one as you can see when you visit the official site for the exam. However, most exam takers are looking for the topics that are referred to as “What you absolutely must know before taking this exam”. So along with making sure you are up to speed on all the sub-objectives, here are a few topics you need to pay close attention to when preparing for the exam. These are topics that will more than likely appear on the exam and have been labeled as popular topics.

• Know the difference between the trust relationships in Windows Server 2003 including forest trusts, shortcut trusts, and external trusts. Make sure you understand in what scenario each type of trust is suited for.
• If you want to pass this exam, you need to know and understand everything about Certificate Services including digital certificate, certificate templates, certificate revocation, exporting certificates and certificate authorities.
• Know GPOs inside and out. Remember that gpupdate command now replaces the secedit command for refreshing group policy changes.
• Be familiar with the requirements for securing different types of servers including domain controllers, web servers, SQL servers, and so on. Also pay close attention to Security Restriction Policies.
• When it comes to patch management, be familiar with Windows Update, Software Update Services (SUS), and Microsoft Baseline Security Analyzer (MBSA).
• If you want to do well on the questions pertaining to network communications, make sure you completely understand IPSec. Most of the questions you encounter pertaining to this objective will revolve around implementing IPSec.