Home Page Icon
Home Page
Table of Contents for
VI. Designing Network Infrastructure
Close
VI. Designing Network Infrastructure
by Paul Murphy, Michael Moncur
MCSE: Windows 2000 Exams in a Nutshell
MCSE in a Nutshell: The Windows 2000 Exams
Preface
Contents
Conventions Used in This Book
Other MCSE Resources
Comments and Questions
Acknowledgments
1. About the MCSE Exams
The MCSE 2000 Program
Required Core Exams
Optional Core Exams
Elective Exams
MCSE 2000 Core Exams
Windows 2000 Professional
Windows 2000 Server
Active Directory
Network Infrastructure
Designing Active Directory
Designing a Network Infrastructure
Designing Security
The Examination Process
Notes About the Windows NT 4.0 MCSE Track
Preparing for Exams
Scheduling and Payment
How the Exams Work
Single answer
Multiple answer
Scenario
Simulation questions
Select and Place, Create a Tree
Test-Taking Tips
Continuing Education
Retired Exams
New Exams
Beta Exams
I. Windows 2000 Professional
2. Exam Overview
Areas of Study
Windows 2000 Basics
Installing Windows 2000 Professional
Configuring Windows 2000 Professional
Managing Disk Storage
Managing Network Components
Administration and Security
Optimization and Troubleshooting
3. Study Guide
Windows 2000 Basics
Terminology
Operating Systems
Windows 3.1x
Windows 95/98/Me
Windows NT
Windows 2000 Professional
Windows 2000 Server
Networking Basics
Server-based networks
Peer-to-peer networks
Computer types
The Boot Process
The BOOT.INI file
Using Windows 2000
The Logon dialog
The desktop
Management utilities
Installing Windows 2000 Professional
Planning the Installation
Hardware requirements
Disk partitions
Installation Methods
Performing the Installation
Text-mode phase
GUI phase (Setup Wizard)
Upgrading to Windows 2000
Checking hardware compatibility
Upgrading from Windows 95/98/Me
Upgrading from Windows NT
Unattended Installation
Setup Manager
Disk duplication
Remote Installation Services (RIS)
Using Service Packs
Configuring Windows 2000 Professional
Microsoft Management Console (MMC)
Task Scheduler
Control Panel
The System Control Panel
The Registry
Registry editors
Configuring Mobile Systems
Offline files and folders
Synchronization Manager
Power management
Configuring Hardware
Device Manager
System Information
Driver signing
Managing Disk Storage
Basic Disks
Primary partitions
Extended partitions and logical drives
Dynamic Disks
Simple volumes
Spanned volumes
Striped volumes
Disk Management
Partitioning
Creating spanned volumes
Creating striped volumes
Converting basic to dynamic storage
Defragmenting disks
Disk Compression
Compressing files
Moving and copying files
Disk Quotas
EFS (Encrypted Filesystem)
Managing Backups
Backing up files
Restoring files
Scheduling backups
Managing Network Components
TCP/IP
IP addressing
TCP/IP protocols and services
Managing TCP/IP
Other Protocols
Active Directory
Active Directory basics
Active Directory structure
Directory replication
Remote Access
Remote access security
Managing dial-out connections
Managing dial-in connections
Administration and Security
The Windows 2000 Logon Process
Users and Groups
Adding and modifying users
Configuring groups
Default users and groups
Security Policies
Account policies
Security Options
Audit Policy
NTFS Security
Copying and moving files
File Sharing
Monitoring Users and Shares
Managing Printers
Installing and configuring printers
Print pools
Scheduling and priorities
Managing print jobs
Optimization and Troubleshooting
Monitoring Performance
Performance Console
Event Viewer
Troubleshooting Boot Problems
Boot options
Emergency Repair Disk (ERD)
Recovery Console
4. Suggested Exercises
Installing Windows 2000 Professional
Configuring Windows 2000 Professional
Managing Disk Storage
Managing Network Components
Administration and Security
Optimization and Troubleshooting
5. Practice Tests
Comprehensive Test
Case Study
Multiple Choice
Create a Tree
Answers
Comprehensive Test
Case Study: Multiple Choice
Case Study: Create a Tree
Create a Tree Answer # 1
Create a Tree Answer # 2
6. Highlighter’s Index
Windows 2000 Basics
Operating System Characteristics
Windows 2000
Network Types
Computer Types
Boot and System Partitions
BOOT.INI
Installing Windows 2000 Professional
Hardware Requirements
Filesystems
Upgrading to Windows 2000
Unattended Installation
Service Packs
Configuring Windows 2000 Professional
Microsoft Management Console (MMC)
Task Scheduler
Registry Subtrees
Registry Editors
Managing Disk Storage
Basic Disks
Dynamic Disks
Disk Quotas
EFS (Encrypted Filesystem)
Backup Types
Managing Network Components
Protocol Suites
IP Address Classes
Administration and Security
Users and Groups
NTFS Permissions
File Sharing Permissions
Optimization and Troubleshooting
Monitoring Performance
Troubleshooting Boot Problems
II. Windows 2000 Server
7. Exam Overview
Objectives
8. Study Guide
Windows 2000 Server Basics
Windows 2000 Server Editions
Windows 2000 Server
Windows 2000 Advanced Server
Windows 2000 Datacenter Server
Windows 2000 Architecture
User mode
Kernel mode
Hardware Abstraction Layer (HAL)
Networking Basics
The Active Directory model
Installing Windows 2000 Server
Planning the Installation
Hardware requirements
CD and network installation
The installation process
Pre-copy
Text mode
GUI mode
Unattended installation
Distribution folders
Installing service packs
Understanding failed installations
Upgrading a Windows NT Domain
Upgrading the primary domain controller
Upgrading backup domain controllers
Upgrading a member server
The transition period
Managing Disk Storage
Changes to NTFS in Windows 2000
Disk quotas
Reparse points
Native Structured Storage
Link tracking
Sparse files
The Change Journal
The Unique Sequence Number Journal
The Distributed Filesystem
Standalone Dfs roots versus domain Dfs roots
Dfs links
File Replication Service (FRS)
Intrasite replication
Intersite replication
Knowledge Consistency Checker (KCC)
The Encrypted Filesystem (EFS)
Data Compression
Backup and Restore
Windows 2000 Active Directory
Active Directory Basics
Planning and Implementing Active Directory
Installing Active Directory Services
Managing an Active Directory Network
Managing Network Components
Internet Information Server 5.0 (IIS)
The web server
WebDAV permissions
The File Transfer Protocol (FTP) server
The Telnet server
Terminal Services
Installation and configuration
Remote administration mode
Application sharing mode
Remote Access
Remote Access Service (RAS)
Virtual private networks
Administration and Security
Managing Users and Groups
User profiles
Groups
Group nesting
Managing Group Policies
Print Server Administration
Network printers
Managing print jobs
Device Drivers
Driver signing
Auditing
Security Configuration and Analysis
Kerberos
Optimization and Troubleshooting
Task Manager
Performance Console
Network Monitor
SNMP
Disk Tools
Hardware Issues
Safe Mode
Recovery Console
9. Suggested Exercises
Installing Windows 2000 Server
Creating User Accounts and Groups
Creating a Group Policy and User Profiles
Creating a Dynamic Disk
Using the Task Manager
10. Practice Tests
Test Questions
Case Study
Multiple Choice
Create a Tree
Answers
Comprehensive Test
Case Study: Multiple Choice
Case Study: Create a Tree
Create a Tree Answer # 1
Create a Tree Answer # 2
11. Highlighter’s Index
Windows 2000 Editions
Windows 2000 Architecture
Windows 2000 Installation Files
Windows 2000 Server Hardware Requirements
Windows NT Upgrade Order
Encrypting Filesystem Keys
Windows Backup Types
Windows 2000 Security Groups
Kerberos Terms
SNMP Tools
III. Active Directory
12. Exam Overview
Objectives
13. Study Guide
Introduction to Active Directory
Terminology
Installing Active Directory
Planning
Installation
Verifying the Active Directory installation
Configuring Active Directory
Creating Active Directory Components
Managing intersite replication
Sites
Subnets
Site links
Link bridges
Bridgehead servers
Managing intrasite replication
Global catalog servers
Organizational Unit Structure
Creating Organizational Units
Configuring Organizational Units
Managing Active Directory Objects
Active Directory object naming conventions
Creating accounts
Locating objects
Moving objects
Publishing Resources
Securing Resources
Delegating administrative control
Group Policies
Implementing a Group Policy
Creating a Group Policy Object (GPO)
Administrative Templates
Software Settings
Windows Settings
Modifying Group Policy inheritance
Filtering Group Policy settings with security groups
DNS for Active Directory
Installing and Configuring DNS
DNS zones
Integrating DNS zones
Dynamic updates
DNS replication
Monitoring DNS
Directory Maintenance and Replication
Creating a Server Object
Moving Server Objects Between Sites
Removing a Server Object
Active Directory Replication
Operations master roles
Transferring operations master roles
Remote Installation Service (RIS)
Creating an RIS Boot Disk
Installing RIS on a Server
Authorizing an RIS Server
Pre-Staging RIS Clients
RIS Account Creation
Active Directory Security
Security Templates
The Security Configuration and Analysis Console
Audit Policies
Trust Relationships
Active Directory Maintenance
Managing Accounts
Backing Up Active Directory
Restoring Active Directory
Optimizing Performance
Active Directory performance
Troubleshooting Active Directory
Troubleshooting DNS
Troubleshooting RIS
Troubleshooting Group Policies
Troubleshooting Software Deployment
Active Directory Troubleshooting Tools
14. Suggested Exercises
Installing Active Directory
Testing DNS
Configuring Active Directory
Organizational Units
Managing Objects
Group Policy Objects
Remote Installation Service
Security
Backup and Recovery
15. Practice Tests
Test Questions
Case Study
Multiple Choice
Answers
Comprehensive Test
Case Study: Multiple Choice
16. Highlighter’s Index
Site Replication
Organizational Unit Properties
Accounts
Moving Objects
Windows 2000 Permissions
Group Policy Objects
Managing Applications
DNS Zones
Active Directory Replication
Operations Master Roles
Operations Master Failure
Troubleshooting RIS
IV. Network Infrastructure
17. Exam Overview
Areas of Study
Network Basics
TCP/IP
IP Routing
IPSec (IP Security)
Host Name Resolution
NetBIOS Name Resolution
NetWare Connectivity
DHCP (Dynamic Host Configuration Protocol)
Remote Access
NAT (Network Address Translation)
Certificate Services
Monitoring Network Performance
18. Study Guide
Network Protocols
TCP/IP
IPX and SPX
NetBEUI
AppleTalk
DLC (Data Link Control)
IrDA (Infrared Data Association)
Managing TCP/IP
TCP/IP Protocols and Services
The Network Access layer
The Internet layer
The Host-to-Host layer
TCP (Transmission Control Protocol)
UDP (User Datagram Protocol)
The Process/Application layer
IP Addressing
IP address classes
Subnet masking
Reserved IP addresses
IP address assignments
Supernetting
Configuring TCP/IP
Installing TCP/IP
Managing TCP/IP settings
Packet Filtering
IP Routing
Static Routing
Default Gateways
Dynamic Routing
RIP (Router Information Protocol)
OSPF (Open Shortest Path First)
Configuring Static Routing
Configuring Dynamic Routing
IP Security (IPSec)
Configuring IPSec
Security Policy Properties
Authentication methods
Tunnel setting
Connection type
IP filter list
Filter action
Hostname Resolution
The HOSTS File
Domain Name Service (DNS)
Installing DNS Server
Configuring DNS
NetBIOS Name Resolution
Windows Internet Name Service (WINS)
How WINS works
Installing WINS
Configuring WINS
WINS replication
The LMHOSTS File
NetWare Connectivity
NWLink (IPX/SPX Protocols)
Installing NWLink
Client Service for NetWare (CSNW )
Gateway Service for NetWare (GSNW )
Configuring GSNW
DHCP (Dynamic Host Configuration Protocol)
How DHCP Works
Configuring DHCP
Installing DHCP Server
Creating a scope
DHCP authorization
DHCP reservations
DHCP options
Configuring DHCP clients
DHCP Forwarding
Using DHCP with DNS
Remote Access Server (RAS)
Configuring RAS
Dial-in Constraints
IP
Multilink
Authentication
Encryption
Advanced
Remote Access Encryption
Dial-up connections
VPN connections
RAS and DHCP
NAT (Network Address Translation)
Installing NAT
Configuring NAT
Using special ports
Internet Connection Sharing (ICS)
Certificate Services
Installing a Certificate Authority
Managing Certificates
Requesting a certificate
Revoking a certificate
Monitoring Network Performance
Using Network Monitor
Installing Network Monitor
Capturing packets
Viewing Capture results
Using Event Viewer
Monitoring IPSec
19. Suggested Exercises
Installing and Configuring TCP/IP
Configuring IP Routing
Managing IPSec
Configuring Name Resolution
Setting up NetWare Connectivity
Installing and Configuring DHCP
Installing and Managing Remote Access
Installing and Using NAT
Installing and Using Certificate Services
Monitoring the Network
20. Practice Tests
Comprehensive Test
Case Study
Multiple Choice
Create a Tree
Answers
Comprehensive Test
Case Study: Multiple Choice
Case Study: Create a Tree
Create a Tree Answer # 1
Create a Tree Answer # 2
21. Highlighter’s Index
Network Protocols
TCP/IP
IPX/SPX
NetBEUI
AppleTalk
DLC
IrDA
TCP/IP
Network Access Layer
Internet Layer
Host-to-Host Layer
Process/Application Layer
IP Address Classes
Subnet Masking
Private IP Address Ranges
IP Filtering
IP Routing
Static Routing
Dynamic Routing
IPSec (IP Security)
IPSec Components
IPSec Options
IPSec Authentication Methods
Name Resolution
Hostname Resolution Order
NetBIOS Name Resolution Order
DNS (Domain Name Service)
WINS (Windows Internet Naming Service)
NetWare Connectivity
DHCP (Dynamic Host Configuration Protocol)
DHCP Basics
DHCP Features
Remote Access
Remote Access Basics
Authentication Methods
NAT (Network Address Translation)
NAT Features
NAT Versus ICS
Certificate Services
Basics
CA Types
Network Monitoring
Network Monitor
Event Viewer
IPSECMON
V. Designing Active Directory
22. Exam Overview
Objectives
23. Study Guide
Directory Services Overview
Active Directory Versus the NT Domain Model
Active Directory Components
Balancing Technical and Business Requirements
Analyzing the Company
Mapping Organizational Structure
Physical locations
Departmental structure
Functional structure
IT structure
Active Directory Architecture
Domain Structure
Domain controller placement
Operations masters placement
Global catalog server placement
Multiple domains
Multiple domain trees
Empty root domains
Multiple forests
Multiple-tree forests
Organizational Units
Objects
Windows 2000 groups
Designing Trust Relationships
Transitive trusts
External trusts
Authentication issues
Shortcut trusts
Designing Group Policies
Group Policy goals
Security group filtering
Group Policy blocking
Delegating Authority
Object ownership
Permissions inheritance
DNS Naming
Organizing a DNS structure
Schema Modification
Attribute-schema objects
Class-schema objects
Modifying the schema
Replication
Sites
Site links
Site link bridges
Bridgehead servers
24. Suggested Exercises
Domain Naming
Company IT Mapping
Trust Relationships
DNS
Site Replication
25. Practice Tests
Test Questions
Case Study
Multiple Choice
Create a Tree
Answers
Comprehensive Test
Case Study: Multiple Choice
Case Study: Create a Tree
26. Highlighter’s Index
Analyzing Your Company Evaluation Notes
IT Structure Types
Reasons for a Multiple Domain Structure
Security Groups
External Trusts
DNS Naming Conventions
Site Level Traffic Optimization
VI. Designing Network Infrastructure
27. Exam Overview
Areas of Study
Designing a Network Infrastructure
Designing TCP/IP Networks
Designing DHCP Services
Designing Name Resolution Services
Designing Internet Connectivity
Designing Routing and Remote Access
28. Study Guide
Designing a Network Infrastructure
Network Services Overview
Examining Requirements
Business requirements
Technical requirements
Analyzing the existing network
Planning for change
Designing TCP/IP Networks
IP Addressing
Public addresses
Private addresses
How addresses are assigned
TCP/IP Network Security
Packet filtering
IPSec encryption
Optimizing TCP/IP Networks
Improving availability
Improving performance
Designing DHCP Services
Basic DHCP Design
DHCP and Other Services
DHCP and routing
DHCP and remote access
DHCP and DNS
DHCP and Active Directory
Optimizing DHCP Services
Single servers
Multiple servers per subnet
Servers in separate subnets
Supporting non-Windows clients
Improving performance
Designing Name Resolution Services
Basic DNS Design
Choosing zone types
Planning DNS Security
Securing DNS replication
Securing DNS updates
Optimizing DNS
Measuring and improving performance
Designing for availability
Basic WINS Design
WINS and other services
Number of WINS servers
Optimizing WINS
Improving availability
Improving performance
Designing Internet Connectivity
Network Address Translation (NAT)
Placement and connectivity of the NAT server
Replacing DHCP and DNS services
Allowing Internet access
NAT security
Optimizing NAT
Microsoft Proxy Server
Basic proxy server design
Proxy server security
Web publishing
Optimizing proxy server availability
Optimizing proxy server performance
Designing Routing and Remote Access
Basic Routing Design
Router placement
Static and dynamic routing
Routing protocols
Planning Routing Security
Authentication
IP filtering
VPNs and IPSec
Optimizing the Routing Design
Planning Remote Access
Placement of remote access servers
Remote access security
Tunneling protocols
Optimizing remote access
Remote access using RADIUS
29. Suggested Exercises
Designing a Network Infrastructure
TCP/IP and DHCP Design
Name Resolution Design
Internet Connectivity
Routing and Remote Access
30. Practice Tests
Comprehensive Test
Case Study
Multiple Choice
Create a Tree
Answers
Comprehensive Test
Case Study: Multiple Choice
Case Study: Create a Tree
Create a Tree Answer # 1
Create a Tree Answer # 2
31. Highlighter’s Index
TCP/IP Design
TCP/IP Basics
IP Address Classes
Subnet Masking
Private IP Address Ranges
IP Filtering
DHCP Design
DHCP Basics
DHCP Features
Name Resolution Design
DNS (Domain Name Service)
WINS (Windows Internet Naming Service)
Internet Connectivity
NAT (Network Address Translation)
Internet Connection Sharing (ICS)
Proxy Server 2.0
Routing and Remote Access
Remote Access Basics
Authentication Methods
VII. Designing Security
32. Exam Overview
Areas of Study
Planning Network Security
Designing Basic Security
Encrypting Filesystem (EFS)
Designing Auditing
Securing Network Services
Designing Secure Connectivity
Planning IP Security
33. Study Guide
Planning Network Security
Windows 2000 Security Overview
Authentication
Controlling access to resources
Auditing resource access
Encryption
Analyzing Business Requirements
Company structure
Size and locations
Analyzing Technical Requirements
Connectivity and bandwidth
Performance requirements
Mapping Company Information
Information flow
Product life cycle
Decision-making structure
Mapping Network Roles
End-user roles
Resource ownership
Administrative roles
Service roles
Analyzing Security Risks
Finding current security risks
Determining acceptable risks
Analyzing new systems
Planning for Change
Identifying upgrades and patches
Technical support
System administration
Designing Basic Security
Creating a Security Baseline
Domain controllers
Operations masters
File and print servers
Application servers
RAS servers
Desktop computers
Portable computers
Kiosks
Planning Authentication
Clear-text passwords
LM and NTLM authentication
Kerberos authentication
Digest authentication
Smart cards
RADIUS
Certificates
SSL
Integration with other systems
Certificate-Based Security
Certificate authority (CA) hierarchies
Certificate server roles
Managing certificates
Mapping certificates
Third-party certificate authorities
Encrypted Filesystem (EFS)
EFS Basics
How EFS works
Key storage locations
Planning Recovery
EFS Options
Designing Auditing
Creating an Audit Policy
Planning Use of Audit Data
Securing Network Services
DNS Security
Remote Installation Services (RIS) Security
Terminal Services Security
Designing Secure Connectivity
Securing Public Network Access
Securing Internet access
Providing access to local resources
VPNs (Virtual Private Networks)
PPTP
L2TP
SMB Signing Security
Planning IP Security
Creating an Encryption Scheme
IPSec Negotiation
Phase One Negotiation
Phase Two Negotiation
IP Filtering
Defining security levels
Managing IPSec
34. Suggested Exercises
Planning Network Security
Designing Basic Security
Encrypting Filesystem (EFS)
Designing Auditing
Securing Network Services
Designing Secure Connectivity
Planning IP Security
35. Practice Tests
Comprehensive Test
Case Study
Multiple Choice
Create a Tree
Answers
Comprehensive Test
Case Study: Multiple Choice
Case Study: Create a Tree
Create a Tree Answer # 1
36. Highlighter’s Index
Planning Network Security
Basic Security Tasks
Business Requirements
Technical Requirements
Company Information
Designing Basic Security
Operations Masters
Authentication Methods
Certificate Authority Roles
Encrypting Filesystem (EFS)
EFS Terminology
Designing Auditing
Built-in Audit Policies
Events to Audit
Securing Network Services
DHCP and Dynamic DNS
RIS Security
Designing Secure Connectivity
Internet Connectivity Methods
VPN Protocols
Windows 2000 SMB Features
Planning IP Security
IPSec Terminology
IPSec Modes
Common TCP/IP Ports
Index
Colophon
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Site Level Traffic Optimization
Next
Next Chapter
27. Exam Overview
Part VI. Designing Network Infrastructure
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset