tailieunhanh - Designing a Microsoft SharePoint 2010 Infrastructure Vol 1 part 30

Designing a Microsoft SharePoint 2010 Infrastructure Vol 1 part 30. This course is intended for IT Professionals who use Microsoft SharePoint 2010 in a team-based, medium-sized to large environment. While they may have implemented a SharePoint deployment, they have limited experience in designing a SharePoint infrastructure. They likely work as a senior administrator who acts as a technical lead over a team of administrators. Members of this audience should have at least 6 months experience with SharePoint 2010. | Designing a Security Plan 5-35 Certificates To set up SSL encryption you must first obtain a digital certificate. You can either submit a request to an internal CA or you can use Certificate Services an optional component of Windows Server 2008 to create your own certificates for internal use. You must then install the certificate in IIS and configure the Web site to require secure communication. Port Mappings You should limit Internet-facing ports on your WFE servers to port 80 for HTTP and port 443 for HTTPS. You can assign a nonstandard port for Web applications by using SSL over HTTPS but users must specify that port number to connect to the site. This may cause extra administrative effort. MCT USE ONLY. STUDENT USE PROHIBITED 5-36 Designing a Microsoft SharePoint 2010 Infrastructure Lab Designing a Security Plan Exercise 1 Designing for Least-Privilege Security Exercise 2 Identifying and Resolving Potential Security Issues Exercise 3 Granting Read Access to the Production Auditors Group Logon information Virtual machine 10231A-NYC-DC1-05 User name CONTOSO Ed Password Pa w0rd Estimated time 60 minutes Exercise 1 Designing for Least-Privilege Security Scenario Your team must develop a security plan for the Contoso Ltd SharePoint 2010 deployment that is based on the existing logical and physical designs. The plan must conform to the principle of least privilege. You should begin by reviewing the available documentation. The main task for this exercise is as follows 1. Read the supporting information. 2. Complete the SharePoint 2010 Security Planning worksheet. Task 1 Read the supporting information 1. Read the lab scenario. MCT USE ONLY. STUDENT USE PROHIBITED Designing a Security Plan 5-37 2. Log on to 10231A-NYC-DC1-05 as CONTOSO Ed with the password Pa w0rd. 3. In the E Labfiles Lab05 Starter folder review the Contoso Business file. 4. In the E Labfiles Lab05 Starter folder review the Logical Architecture Diagram - file. 5. In the