Ms 70 293

612 views
543 views

Published on

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
612
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ms 70 293

  1. 1. PUBLISHED BY Microsoft Press A Division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2004 by Microsoft Corporation All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Library of Congress Cataloging-in-Publication Data Zacker, Craig. MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure / Craig Zacker with Microsoft Corporation. p. cm. Includes index. ISBN 0-7356-1893-3 1. Electronic data processing personnel--Certification. 2. Microsoft software--Examinations--Study guides. 3. Computer networks--Examinations--Study guides. 4. Microsoft Windows server. I. Microsoft Corporation. II. Title. QA76.3.Z32 004.6--dc21 2003 2003056205 Printed and bound in the United States of America. 1 2 3 4 5 6 7 8 9 QWT 8 7 6 5 4 3 Distributed in Canada by H.B. Fenn and Company Ltd. A CIP catalogue record for this book is available from the British Library. Microsoft Press books are available through booksellers and distributors worldwide. For further informa­ tion about international editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329. Visit our Web site at www.microsoft.com/mspress. Send comments to tkinput@microsoft.com. Active Directory, Authenticode, Microsoft, Microsoft Press, NetMeeting, Windows, the Windows logo, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corpora­ tion in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any real company, organiza­ tion, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Acquisitions Editor: Kathy Harding Project Editor: Jean Trenary Technical Editor: Linda Zacker Body Part No. X09-16614
  2. 2. Craig Zacker Craig is a writer, editor, and networker whose computing experience began in the days of teletypes and paper tape. After making the move from minicomputers to PCs, he worked as an administrator of Novell NetWare networks and as a PC support techni­ cian while operating a freelance desktop publishing business. After earning a Master’s Degree in English and American Literature from New York University, Craig worked extensively on the integration of Microsoft Windows NT into existing internetworks, supported fleets of Windows workstations, and was employed as a technical writer, content provider, and Webmaster for the online services group of a large software com­ pany. Since devoting himself to writing and editing full-time, Craig has authored or contributed to many books on networking topics, operating systems, and PC hardware, including MCSA/MCSE Self-Paced Training Kit: Microsoft Windows 2000 Network Infra­ structure Administration, Exam 70-216, Second Edition and MCSA Training Kit: Managing a Microsoft Windows 2000 Network Environment. He has also developed educational texts for college courses, online training courses for the Web, and has pub­ lished articles with top industry publications. For more information on Craig’s books and other works, see http://www.zacker.com.
  3. 3. Contents at a Glance Part 1€ 1 2 3 4 5 6 7 8 9 10 11 12 13 Part 2 14 15 16 17 18 19 Learn at Your Own Pace Planning a Network Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3€ Planning a TCP/IP Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . 2-1€ Planning Internet Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1€ Planning a Name Resolution Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1€ Using Routing and Remote Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1€ Maintaining Server Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1€ Clustering Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1€ Planning a Secure Baseline Installation . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1€ Hardening Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1€ Deploying Security Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1€ Creating and Managing Digital Certificates . . . . . . . . . . . . . . . . . . . . . . 11-1€ Securing Network Communications Using IPSec . . . . . . . . . . . . . . . . . . 12-1€ Designing a Security Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1€ Prepare for the Exam Planning and Implementing Server Roles and Server Security (1.0). . . 14-3€ Planning, Implementing, and Maintaining a € Network Infrastructure (2.0) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1€ Planning, Implementing, and Maintaining € Routing and Remote Access (3.0) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1€ Planning, Implementing, and Maintaining Server Availability (4.0) . . . . 17-1€ Planning and Maintaining Network Security (5.0) . . . . . . . . . . . . . . . . . 18-1€ Planning, Implementing, and Maintaining € Security Infrastructure (6.0) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-1€ v
  4. 4. vi Contents at a Glance Practices Choosing an Ethernet Variant . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-23€ Blueprinting a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-35€ Using Registered and Unregistered IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-12€ Designing an Internetwork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-22€ Subnetting IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-32€ Installing and Configuring the DHCP Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-38€ Understanding WAN Speeds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-13€ Configuring a Windows Server 2003 Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-21€ Configuring a NAT Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-31€ Specifying Name Resolution Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-16€ Designing a DNS Namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-24€ Understanding DNS Server Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-35€ Creating a Zone. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-37€ Installing a WINS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-47€ Understanding DNS Security Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-56€ Installing RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-21€ Installing a Routing and Remote Access Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-35€ Using Network Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-13€ Establishing a Performance Baseline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-28€ Using Windows Server 2003 Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-42€ Creating a Network Load Balancing Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-25€ Creating a Single Node Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-42€ Modifying Default Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-30€ Creating a Group Policy Object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-14€ Modifying the GPO for the Domain Controllers Container’s GPO . . . . . . . . . . . . . . . . . .9-28€ Deploying Multiple GPOs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-34€ Using the Security Templates Snap-in. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-15€ Using the Security Configuration And Analysis Snap-in . . . . . . . . . . . . . . . . . . . . . . . 10-23€ Viewing a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-7€ Installing a Windows Server 2003 Certification Authority . . . . . . . . . . . . . . . . . . . . . 11-16€ Requesting a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-25€ Creating Packet Filters in Routing and Remote Access Service . . . . . . . . . . . . . . . . . .12-9€ Creating an IPSec Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-30€ Using Resultant Set of Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-39€ Using Microsoft Baseline Security Analyzer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-8€ Configuring Remote Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-27€
  5. 5. Contents at a Glance vii Tables Table 1-1: Ethernet Variants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-21 Table 2-1: IP Address Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-26 Table 6-1: Magnetic Tape Drive Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-32 Table 7-1: NLB Configuration Advantages and Disadvantages . . . . . . . . . . . . . . . . . . . 7-18 Table 8-1: Windows Server 2003 Versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10 Table 8-2: Default Windows File System Permissions for System Drive. . . . . . . . . . . . 8-20 Table 9-1: Typical Member Server Service Assignments. . . . . . . . . . . . . . . . . . . . . . . . 9-11 Table 11-1: Sample Certificate Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11 Table 11-2: Advantages and Disadvantages of Internal and External CAs . . . . . . . . . 11-12 Table 12-1: Well-Known Port Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4 Table 12-2: Protocol Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-9 Troubleshooting Labs Chapter 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-53 Chapter 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-40 Chapter 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-65 Chapter 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-52 Chapter 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-45 Chapter 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-48 Chapter 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-40 Chapter 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-28 Chapter 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-30 Chapter 12 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-44 Chapter 13 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-32 Case Scenario Exercises Chapter 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-37 Chapter 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-50 Chapter 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-39 Chapter 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-63 Chapter 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-50 Chapter 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-44 Chapter 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-46 Chapter 8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34 Chapter 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-38 Chapter 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-27 Chapter 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-29 Chapter 12 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-43 Chapter 13 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-31
  6. 6. Contents About This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv About the CD-ROM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi Features of This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi Part 1: Learn at Your Own Pace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvii Part 2: Prepare for the Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvii Informational Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxviii Notational Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxviii Keyboard Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix Hardware Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxx Setup Instructions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxx The Microsoft Certified Professional Program . . . . . . . . . . . . . . . . . . . . . . . . . xxxiv Certifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiv Requirements for Becoming a Microsoft Certified Professional . . . . . . . . . . xxxv Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxvi Evaluation Edition Software Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxvi Part 1 Learn at Your Own Pace 1 Planning a Network Topology 1-3 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4 Lesson 1: Windows Server 2003 and the Network Infrastructure . . . . . . . . . . . 1-5 What Is a Network Infrastructure? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5 Planning a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8 Implementing a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9 Maintaining a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-11 Lesson 2: Selecting Data-Link Layer Protocols . . . . . . . . . . . . . . . . . . . . . . . . 1-12 Understanding the OSI Reference Model . . . . . . . . . . . . . . . . . . . . . . . . . . 1-12 Selecting a Data-Link Layer Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-14 Practice: Choosing an Ethernet Variant. . . . . . . . . . . . . . . . . . . . . . . . . . . 1-23 ix
  7. 7. x Contents Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-23 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-24 Lesson 3: Selecting Network/Transport Layer Protocols . . . . . . . . . . . . . . . . . 1-25 Using TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-25 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-29 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-29 Lesson 4: Locating Network Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-30 Determining Location Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-30 Locating Workstations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-30 Locating Peripherals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-31 Locating Cables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-32 Locating Connectivity Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-33 Locating Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-34 Practice: Blueprinting a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . 1-35 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-36 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-36 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-37 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-39 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-40 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-40 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-40 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-42 2 Planning a TCP/IP Network Infrastructure 2-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Lesson 1: Determining IP Addressing Requirements . . . . . . . . . . . . . . . . . . . . . 2-3 Using Public and Private Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 Accessing the Internet from a Private Network. . . . . . . . . . . . . . . . . . . . . . . 2-7 Planning IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11 Practice: Using Registered and Unregistered IP Addresses . . . . . . . . . . . . 2-12 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13 Lesson 2: Planning an IP Routing Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14 Understanding IP Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14 Creating LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-15 Creating WANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-17 Using Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-18 Using Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-19 Combining Routing and Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-20 Practice: Designing an Internetwork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-22
  8. 8. Contents xi� Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-23 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-24 Lesson 3: Planning an IP Addressing and Subnetting Strategy . . . . . . . . . . . . . 2-25 Obtaining Network Addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-25 Understanding IP Address Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-26 Understanding Subnetting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-27 Subnetting Between Bytes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-29 Practice: Subnetting IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-32 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-33 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-34 Lesson 4: Assigning IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-35 Manually Configuring TCP/IP Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-35 Installing a DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-36 Understanding DHCP Allocation Methods . . . . . . . . . . . . . . . . . . . . . . . . . 2-36 Planning a DHCP Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-37 Practice: Installing and Configuring the DHCP Service . . . . . . . . . . . . . . . . 2-38 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-40 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-41 Lesson 5: Troubleshooting TCP/IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . 2-42 Isolating TCP/IP Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-42 Troubleshooting Client Configuration Problems . . . . . . . . . . . . . . . . . . . . . 2-43 Troubleshooting DHCP Problems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-47 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-49 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-50 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-50 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-53 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-54 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-54 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-55 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-55 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-56 3 Planning Internet Connectivity 3-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Lesson 1: Planning an Internet Connectivity Infrastructure . . . . . . . . . . . . . . . . . 3-3 Determining Internet Connectivity Requirements . . . . . . . . . . . . . . . . . . . . . 3-3 Choosing an Internet Connection Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7 Practice: Understanding WAN Speeds . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-14
  9. 9. xii Contents Lesson 2: Selecting Routers and ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15 Choosing A Router Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15 Choosing An ISP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-17 Practice: Configuring a Windows Server 2003 Router . . . . . . . . . . . . . . . . 3-21 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23 Lesson 3: Securing and Regulating Internet Access . . . . . . . . . . . . . . . . . . . 3-24 Determining Internet Security Requirements . . . . . . . . . . . . . . . . . . . . . . . 3-24 Using NAT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26 Using a Proxy Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-29 Selecting an Internet Access Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30 Practice: Configuring a NAT Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-31 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-33 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-33 Lesson 4: Troubleshooting Internet Connectivity . . . . . . . . . . . . . . . . . . . . . . . 3-34 Determining the Scope of the Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-34 Diagnosing Client Configuration Problems . . . . . . . . . . . . . . . . . . . . . . . . . 3-35 Diagnosing NAT and Proxy Server Problems . . . . . . . . . . . . . . . . . . . . . . . . 3-36 Diagnosing Internet Connection Problems . . . . . . . . . . . . . . . . . . . . . . . . . 3-37 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-38 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-38 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-39 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-40 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-41 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-43 4 Planning a Name Resolution Strategy 4-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Lesson 1: Determining Name Resolution Requirements . . . . . . . . . . . . . . . . . . 4-3 What Is Name Resolution?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 What Types of Names Need to Be Resolved?. . . . . . . . . . . . . . . . . . . . . . . . 4-4 Using the DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5 Determining DNS Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11 Using NetBIOS Names. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13 Using Local Host Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16
  10. 10. Contents xiii� Practice: Specifying Name Resolution Requirements . . . . . . . . . . . . . . . . . 4-16 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-17 Lesson 2: Designing a DNS Namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-18 Using an Existing Namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-18 Creating Internet Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-19 Creating Internal Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-20 Combining Internal and External Domains . . . . . . . . . . . . . . . . . . . . . . . . . 4-22 Creating an Internal Root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-23 Creating Host Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-23 Practice: Designing a DNS Namespace . . . . . . . . . . . . . . . . . . . . . . . . . . 4-24 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26 Lesson 3: Implementing a DNS Name Resolution Strategy . . . . . . . . . . . . . . . 4-28 How Many DNS Servers? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-28 Understanding DNS Server Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-29 Creating Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-33 Practice: Understanding DNS Server Functions . . . . . . . . . . . . . . . . . . . . . 4-35 Practice: Creating a Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-37 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-39 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-40 Lesson 4: Implementing a NetBIOS Name Resolution Strategy. . . . . . . . . . . . . 4-41 Practice: Installing a WINS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-47 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-48 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-49 Lesson 5: Planning DNS Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-50 Determining DNS Security Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-50 Securing DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-51 Practice: Understanding DNS Security Techniques. . . . . . . . . . . . . . . . . . . 4-56 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-56 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-57 Lesson 6: Troubleshooting Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . 4-58 Troubleshooting Client Configuration Problems . . . . . . . . . . . . . . . . . . . . . 4-58 Troubleshooting DNS Server Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-59 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-62 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-63 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-63 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-65
  11. 11. xiv Contents Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-66 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-67 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-67 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-67 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-69 5 Using Routing and Remote Access 5-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 Lesson 1: Planning a Routing and Remote Access Strategy . . . . . . . . . . . . . . . . 5-3 Choosing a WAN Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3 Selecting a WAN Technology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11 Lesson 2: Static and Dynamic Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12 Selecting Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12 Using Static Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12 Using Dynamic Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15 Routing IP Multicast Traffic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20 Practice: Installing RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24 Lesson 3: Securing Remote Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25 Determining Security Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25 Controlling Access Using Dial-In Properties . . . . . . . . . . . . . . . . . . . . . . . . 5-26 Planning Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-27 Using Remote Access Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-31 Practice: Installing a Routing and Remote Access Server . . . . . . . . . . . . . . 5-35 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-38 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-38 Lesson 4: Troubleshooting TCP/IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-40 Isolating Router Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-40 Troubleshooting the Routing and Remote Access Configuration. . . . . . . . . . 5-44 Troubleshooting the Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-45 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-49 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-50 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-50 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-52 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-52
  12. 12. Contents xv� Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-53 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-53 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-54 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-55 6 Maintaining Server Availability 6-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1 Lesson 1: Monitoring Network Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2 Using the Performance Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2 Analyzing Network Traffic with Network Monitor . . . . . . . . . . . . . . . . . . . . . . 6-7 Practice: Using Network Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15 Lesson 2: Monitoring Network Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-16 Monitoring Network Server Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-16 Locating System Bottlenecks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-25 Practice: Establishing a Performance Baseline . . . . . . . . . . . . . . . . . . . . . 6-28 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-30 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-30 Lesson 3: Planning a Backup Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-31 Understanding Network Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-31 Creating a Backup Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-35 Performing Restores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-39 Using Volume Shadow Copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-40 Practice: Using Windows Server 2003 Backup . . . . . . . . . . . . . . . . . . . . . 6-42 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-43 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-44 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-44 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-45 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-46 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-47 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-47 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-48 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-49 7 Clustering Servers 7-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1
  13. 13. xvi Contents Lesson 1: Understanding Clustering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 Clustering Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 Designing a Clustering Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-12 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-13 Lesson 2: Using Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-14 Understanding Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . 7-14 Planning a Network Load Balancing Deployment . . . . . . . . . . . . . . . . . . . . 7-15 Deploying a Network Load Balancing Cluster . . . . . . . . . . . . . . . . . . . . . . . 7-20 Monitoring Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-21 Practice: Creating a Network Load Balancing Cluster . . . . . . . . . . . . . . . . . 7-25 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-28 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-29 Lesson 3: Designing a Server Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-30 Designing a Server Cluster Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . 7-30 Planning a Server Cluster Hardware Configuration . . . . . . . . . . . . . . . . . . . 7-31 Creating an Application Deployment Plan . . . . . . . . . . . . . . . . . . . . . . . . . 7-35 Selecting a Quorum Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-38 Creating a Server Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-39 Configuring Failover Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-41 Practice: Creating a Single Node Cluster . . . . . . . . . . . . . . . . . . . . . . . . . 7-42 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-45 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-45 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-46 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-48 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-48 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-49 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-49 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-50 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-51 8 Planning a Secure Baseline Installation 8-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 Lesson 1: Selecting Computers and Operating Systems . . . . . . . . . . . . . . . . . . 8-3 Understanding Computer Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3 Creating Hardware Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5 Selecting Operating Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
  14. 14. Contents xvii� Lesson 2: Planning a Security Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13 High-Level Security Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13 Creating a Security Design Team . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13 Mapping Out a Security Life Cycle. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-17 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-18 Lesson 3: Identifying Client and Server Default Security Settings . . . . . . . . . . . 8-19 Evaluating Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-19 Practice: Modifying Default Security Settings . . . . . . . . . . . . . . . . . . . . . . 8-30 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-32 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-33 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-35 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-36 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-36 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-37 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-38 9 Hardening Servers 9-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1 Lesson 1: Creating a Baseline for Member Servers. . . . . . . . . . . . . . . . . . . . . . 9-2 Creating a Baseline Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 Setting Audit Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4 Setting Event Log Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8 Configuring Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-9 Configuring Security Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12 Practice: Creating a Group Policy Object . . . . . . . . . . . . . . . . . . . . . . . . . . 9-14 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-17 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-18 Lesson 2: Creating Role-Specific Server Configurations . . . . . . . . . . . . . . . . . . 9-19 Securing Domain Controllers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-19 Securing Infrastructure Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-23 Securing File and Print Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-26 Securing Application Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-27 Practice: Modifying the GPO for the Domain Controllers Container’s GPO . . 9-28 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-29 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-30
  15. 15. xviii Contents Lesson 3: Deploying Role-Specific GPOs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31 Combining GPO Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31 Practice: Deploying Multiple GPOs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-34 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-36 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-37 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-38 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-40 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-41 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-42 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-42 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-42 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-44 10 Deploying Security Configurations 10-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1 Lesson 1: Creating a Testing and Deployment Plan . . . . . . . . . . . . . . . . . . . . . 10-2 Creating a Testing Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2 Creating a Pilot Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6 Creating a Pilot Deployment Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-9 Lesson 2: Introducing Security Templates. . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10 Understanding Security Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10 Using the Security Templates Console . . . . . . . . . . . . . . . . . . . . . . . . . . 10-11 Using the Supplied Security Templates . . . . . . . . . . . . . . . . . . . . . . . . . . 10-13 Practice: Using the Security Templates Snap-in . . . . . . . . . . . . . . . . . . . . 10-15 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-16 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-17 Lesson 3: Deploying Security Templates. . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-18 Using Group Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-18 Using the Security Configuration And Analysis Tool. . . . . . . . . . . . . . . . . . 10-20 Using Secedit.exe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-23 Practice: Using the Security Configuration And Analysis Snap-in . . . . . . . . 10-23 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-26 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-26 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-27 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-28 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-29
  16. 16. Contents xix� Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-30 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-30 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-31 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-32 11 Creating and Managing Digital Certificates 11-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1 Lesson 1: Introducing Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 Introducing the Public Key Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 Understanding PKI Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6 Practice: Viewing a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8 Lesson 2: Designing a Public Key Infrastructure . . . . . . . . . . . . . . . . . . . . . . . 11-9 Defining Certificate Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-9 Creating a CA Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11 Configuring Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-16 Practice: Installing a Windows Server 2003 Certification Authority . . . . . . 11-16 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-17 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-18 Lesson 3: Managing Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-19 Understanding Certificate Enrollment and Renewal . . . . . . . . . . . . . . . . . 11-19 Manually Requesting Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-21 Revoking Certificates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-24 Practice: Requesting a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-25 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-28 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-29 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-29 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-30 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-31 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-32 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-32 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-32 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-33 12 Securing Network Communications Using IPSec 12-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2
  17. 17. xx Contents Lesson 1: Securing Internetwork Communications . . . . . . . . . . . . . . . . . . . . . 12-3 Introducing Packet Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3 Packet Filtering Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5 Windows Server 2003 Packet Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-8 Practice: Creating Packet Filters in Routing and Remote Access Service . . . 12-9 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-11 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-13 Lesson 2: Planning an IPSec Implementation . . . . . . . . . . . . . . . . . . . . . . . . 12-14 Evaluating Threats. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-14 Introducing IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-16 IPSec Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-18 Transport Mode and Tunnel Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-22 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-23 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-24 Lesson 3: Deploying IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-25 IPSec Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-25 Planning an IPSec Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-26 Working with IPSec Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-26 Practice: Creating an IPSec Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-30 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-33 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-34 Lesson 4: Troubleshooting Data Transmission Security . . . . . . . . . . . . . . . . . 12-35 Troubleshooting Policy Mismatches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-35 Examining IPSec Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-38 Practice: Using Resultant Set of Policy . . . . . . . . . . . . . . . . . . . . . . . . . . 12-39 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-42 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-42 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-43 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-44 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-44 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-45 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-45 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-46 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-47 13 Designing a Security Infrastructure 13-1 Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1
  18. 18. Contents xxi� Lesson 1: Planning a Security Update Infrastructure . . . . . . . . . . . . . . . . . . . . 13-2 Understanding Software Update Practices . . . . . . . . . . . . . . . . . . . . . . . . . 13-2 Using Windows Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3 Updating a Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-4 Practice: Using Microsoft Baseline Security Analyzer . . . . . . . . . . . . . . . . . 13-8 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-10 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-11 Lesson 2: Securing a Wireless Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-12 Understanding Wireless Networking Standards . . . . . . . . . . . . . . . . . . . . 13-12 Wireless Networking Topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-13 Understanding Wireless Network Security . . . . . . . . . . . . . . . . . . . . . . . . 13-15 Controlling Wireless Access Using Group Policies . . . . . . . . . . . . . . . . . . 13-15 Authenticating Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-17 Encrypting Wireless Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-19 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-19 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-20 Lesson 3: Providing Secure Network Administration . . . . . . . . . . . . . . . . . . . 13-21 Using Remote Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-21 Using Remote Desktop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-25 Practice: Configuring Remote Assistance . . . . . . . . . . . . . . . . . . . . . . . 13-27 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-29 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-30 Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-31 Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-32 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-32 Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-33 Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-33 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-34 Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-35 Part 2 14 Prepare for the Exam � Planning and Implementing Server Roles and Server Security (1.0) 14-3 Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-3 Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-4 Configure Security for Servers That Are Assigned Specific Roles . . . . . . . . . . . . 14-6 Objective 1.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-7 Objective 1.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-8
  19. 19. xxii Contents Plan a Secure Baseline Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10 Objective 1.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-12 Objective 1.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-14 Plan Security for Servers That Are Assigned Specific Roles. . . . . . . . . . . . . . . 14-16 Objective 1.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-18 Objective 1.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-20 Evaluate and Select the Operating System to Install on Computers in an Enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-22 Objective 1.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-23 Objective 1.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-25 15 Planning, Implementing, and Maintaining a Network Infrastructure (2.0) 15-1 Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1 Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-4 Plan a TCP/IP Network Infrastructure Strategy. . . . . . . . . . . . . . . . . . . . . . . . . 15-6 Objective 2.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-8 Objective 2.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-10 Plan and Modify a Network Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-12 Objective 2.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-15 Objective 2.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-16 Plan an Internet Connectivity Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-17 Objective 2.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-20 Objective 2.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-22 Plan Network Traffic Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-24 Objective 2.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-26 Objective 2.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-28 Troubleshoot Connectivity to the Internet. . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-30 Objective 2.5 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-32 Objective 2.5 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-34 Troubleshoot TCP/IP Addressing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-36 Objective 2.6 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-38 Objective 2.6 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-39 Plan a Host Name Resolution Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-41 Objective 2.7 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-43 Objective 2.7 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-45 Plan a NetBIOS Name Resolution Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . 15-47 Objective 2.8 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-49 Objective 2.8 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-51 Troubleshoot Host Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-53 Objective 2.9 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-55 Objective 2.9 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-56
  20. 20. Contents 16 Planning, Implementing, and Maintaining Routing and Remote Access (3.0) xxiii� 16-1 Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1 Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2 Plan a Routing Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-4 Objective 3.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-6 Objective 3.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-8 Plan Security for Remote Access Users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-10 Objective 3.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-13 Objective 3.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-15 Implement Secure Access Between Private Networks. . . . . . . . . . . . . . . . . . . 16-17 Objective 3.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-19 Objective 3.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-21 Troubleshoot TCP/IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-23 Objective 3.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-25 Objective 3.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-27 17 Planning, Implementing, and Maintaining Server Availability (4.0) 17-1 Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-1 Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-3 Plan Services for High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-5 Objective 4.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-6 Objective 4.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-7 Identify System Bottlenecks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-9 Objective 4.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-11 Objective 4.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-13 Implement a Cluster Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-15 Objective 4.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-18 Objective 4.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-21 Manage Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-24 Objective 4.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-25 Objective 4.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-26 Plan a Backup and Recovery Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-27 Objective 4.5 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-29 Objective 4.5 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-31 18 Planning and Maintaining Network Security (5.0) 18-1 Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-1 Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-3
  21. 21. xxiv Contents Configure Network Protocol Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-5 Objective 5.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-7 Objective 5.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-9 Configure Security for Data Transmission . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-11 Objective 5.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-13 Objective 5.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-15 Plan for Network Protocol Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-17 Objective 5.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-19 Objective 5.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-21 Plan Secure Network Administration Methods . . . . . . . . . . . . . . . . . . . . . . . . 18-23 Objective 5.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-25 Objective 5.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-27 Plan Security for Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-29 Objective 5.5 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-31 Objective 5.5 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-33 Plan Security for Data Transmission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-35 Objective 5.6 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-36 Objective 5.6 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-38 Troubleshoot Security for Data Transmission . . . . . . . . . . . . . . . . . . . . . . . . . 18-40 Objective 5.7 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-42 Objective 5.7 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-43 19 Planning, Implementing, and Maintaining Security Infrastructure (6.0) 19-1 Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-1 Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-2 Configure Active Directory Directory Service for Certificate Publication. . . . . . . . 19-4 Objective 6.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-5 Objective 6.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-7 Plan a Public Key Infrastructure (PKI) That Uses Certificate Services . . . . . . . . . 19-9 Objective 6.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-11 Objective 6.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-13 Plan a Framework for Planning and Implementing Security . . . . . . . . . . . . . . . 19-15 Objective 6.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-17 Objective 6.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-18 Plan a Security Update Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-20 Objective 6.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-22 Objective 6.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-23 Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . G-1 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I-1
  22. 22. About This Book Welcome to MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure. In this book, you study some of the more advanced applications, protocols, and services included with Windows Server 2003 and learn how to use them to create a network that is both efficient and secure. For many of these applications, protocols, and services, implementing them on a network consists of a good deal more than just running an installation program or configuring a few parameters; many of them require careful planning and continual maintenance once you have completed the initial implementation. This book covers all these phases of the implementation process, so you learn all the relevant information about each service. Note For more information about becoming a Microsoft Certified Professional, see the sec­ tion titled “The Microsoft Certified Professional Program” later in this introduction. Intended Audience This book was developed for information technology (IT) professionals who plan to take the related Microsoft Certified Professional exam 70-293, Planning and Maintain­ ing a Microsoft Windows Server 2003 Network Infrastructure, as well as IT profession­ als who design, implement, and maintain networks based on Microsoft Windows Server 2003 and its related technologies. Note Exam skills are subject to change without prior notice and at the sole discretion of Microsoft. Prerequisites The MCSE 70-293 exam and this training kit do not have any official prerequisites, but students should have the following qualifications: ■ At least one year of experience implementing and administering a Microsoft Windows network with the following characteristics: 250 to 5,000 or more users, at least three physical locations, a minimum of three Active Directory domain controllers, and a variety of network services and resources, such as file and print servers, client/server applications, Internet access, and remote access ■ At least one year of experience, implementing and maintaining desktop operating systems ■ Experience planning and designing networks xxv
  23. 23. xxvi About This Book About the CD-ROM For your use, this book includes a Supplemental Materials CD-ROM. This CD-ROM contains a variety of informational aids to complement the book content: ■ The Microsoft Press Readiness Review Suite, powered by MeasureUp. This suite of practice tests and objective reviews contains questions of varying degrees of com­ plexity and offers multiple testing modes. You can assess your understanding of the concepts presented in this book and use the results to develop a learning plan that meets your needs. ■ An electronic version of this book (eBook). For information about using the eBook, see the section “The eBooks” later in this introduction. ■ An eBook of the Microsoft Encyclopedia of Networking, Second Edition, and of the Microsoft Encyclopedia of Security provide complete and up-to-date reference materials for networking and security. ■ Sample chapters from several Microsoft Press books give you additional informa­ tion about Windows Server 2003 and introduce you to other resources that are available from Microsoft Press. A second CD-ROM contains a 180-day evaluation edition of Microsoft Windows Server 2003, Enterprise Edition. Caution The 180-day Evaluation Edition provided with this training kit is not the full retail product and is provided only for the purposes of training and evaluation. Microsoft Technical Support does not support this evaluation edition. For additional support information regarding this book and the CD-ROM (including answers to commonly asked questions about installation and use), visit the Microsoft Press Technical Support Web site at http://www.microsoft.com/mspress/support/. You can also email tkinput@microsoft.com or send a letter to Microsoft Press, Attention: Microsoft Press Technical Support, One Microsoft Way, Redmond, WA 98052-6399. Features of This Book This book is divided into two parts. Use Part 1 to learn at your own pace and practice what you’ve learned with practical exercises. Part 2 contains questions and answers that you can use to test yourself on what you’ve learned.
  24. 24. About This Book xxvii Part 1: Learn at Your Own Pace Each chapter identifies the exam objectives that are covered in the chapter, provides an overview of why the topics matter by explaining how the information applies in the real world, and lists any prerequisites that must be met to complete the lessons pre­ sented in the chapter. The chapters contain a set of lessons. Lessons contain practices that include one or more hands-on exercises. These exercises give you an opportunity to use the skills being presented or explore the part of the application being described. Each lesson also has a set of review questions to test your knowledge of the material covered in that lesson. After the lessons, you are given an opportunity to apply what you’ve learned in a case scenario exercise. In this exercise, you work through a multistep solution for a realistic case scenario. You are also given an opportunity to work through a troubleshooting lab that explores difficulties you might encounter when applying what you’ve learned on the job. Each chapter ends with a summary of key concepts and a short section listing key top­ ics and terms that you need to know before taking the exam, summarizing the key learnings with a focus on the exam. Real World Helpful Real World Information You will find sidebars like this one, which contain related information you might find helpful. “Real World” sidebars contain specific information gained through the experience of IT professionals just like you. Part 2: Prepare for the Exam Part 2 helps to familiarize you with the types of questions that you will encounter on the MCP exam. By reviewing the objectives and the sample questions, you can focus on the specific skills that you need to improve before taking the exam. See Also For a complete list of MCP exams and their related objectives, go to http://www.microsoft.com/traincert/mcp. Part 2 is organized by the exam’s objectives. Each chapter covers one of the primary groups of objectives, called Objective Domains. Each chapter lists the tested skills you must master to answer the exam questions and includes a list of further readings to help you improve your ability to perform the tasks or use the skills specified by the objectives.
  25. 25. xxviii About This Book Within each Objective Domain, you will find the related objectives that are covered on the exam. Each objective provides you with several practice exam questions. The answers are accompanied by explanations of each correct and incorrect answer. Note These questions are also available on the companion CD as a practice test. Informational Notes Several types of reader aids appear throughout the training kit. ■ Tip contains methods of performing a task more quickly or in a not-so-obvious way. ■ Important contains information that is essential to completing a task. ■ Note contains supplemental information. ■ Caution contains valuable information about possible loss of data; be sure to read this information carefully. ■ Warning contains critical information about possible physical injury; be sure to read this information carefully. ■ See also contains references to other sources of information. ■ Planning contains hints and useful information that should help you plan the implementation. ■ Security Alert highlights information you need to know to maximize security in your work environment. ■ Exam Tip flags information you should know before taking the certification exam. ■ Off the Record contains practical advice about the real-world implications of information presented in the lesson. Notational Conventions The following conventions are used throughout this book. ■ Characters or commands that you type appear in bold type. ■ Italic in syntax statements indicates placeholders for variable information. Italic is also used for newly introduced terms and book titles. ■ Names of files and folders appear in Title caps, except when you are to type them directly. Unless otherwise indicated, you can use all lowercase letters when you type a file name in a dialog box or at a command prompt. ■ File name extensions appear in all lowercase. ■ Acronyms appear in all uppercase.
  26. 26. About This Book xxix ■ Monospace type represents code samples, examples of screen text, or entries that you might type at a command prompt or in initialization files. ■ Square brackets [ ] are used in syntax statements to enclose optional items. For example, [filename] in command syntax indicates that you can choose to type a file name with the command. Type only the information within the brackets, not the brackets themselves. ■ Braces { } are used in syntax statements to enclose required items. Type only the information within the braces, not the braces themselves. Keyboard Conventions ■ A plus sign (+) between two key names means that you must press those keys at the same time. For example, “Press ALT+TAB” means that you hold down ALT while you press TAB. ■ A comma ( , ) between two or more key names means that you must press each of the keys consecutively, not together. For example, “Press ALT, F, X” means that you press and release each key in sequence. “Press ALT+W, L” means that you first press ALT and W at the same time, and then release them and press L. Getting Started This training kit contains hands-on exercises to help you learn about the networking features of Windows Server 2003. Use this section to prepare your self-paced training environment. Most of the exercises require a computer running Windows Server 2003, and some of them require the Enterprise Edition. Caution Several exercises require you to make changes to the computer running Windows Server 2003, which can have undesirable results if the system is used for other purposes or is connected to a production network. It is strongly recommended that you create a new Windows Server 2003 installation on your computer using the 180-day Evaluation Edition of the operating system provided on the CD-ROM. If the computer is connected to a network, check with your network administrator before attempting these exercises. Hardware Requirements Each computer must have the following minimum hardware configuration. All hardware should be on the Microsoft Windows Server 2003 Windows Server Catalog, and should meet the requirements listed at http://www.microsoft.com/windowsserver2003/ evaluation/sysreqs/default.mspx.
  27. 27. xxx About This Book ■ Minimum CPU: 133 MHz for x86-based computers ■ Minimum RAM: 128 MB (256 MB is recommended) ■ Disk space for setup: 1.5 GB for x86-based computers ■ Display monitor capable of 800 x 600 resolution or higher ■ CD-ROM or DVD drive ■ Microsoft Mouse or compatible pointing device ■ Network interface adapter (optional) Software Requirements The following software is required to complete the procedures in this training kit: ■ Windows Server 2003, Enterprise Edition (A 180-day evaluation edition of Windows Server 2003, Enterprise Edition, is included on the CD-ROM.) Caution The 180-day Evaluation Edition provided with this training is not the full retail product and is provided only for the purposes of training and evaluation. Microsoft Technical Support does not support these evaluation editions. For additional support information regarding this book and the CD-ROMs (including answers to commonly asked questions about installation and use), visit the Microsoft Press Technical Support Web site at http://www.microsoft.com/mspress/support/. You can also e-mail tkinput@microsoft.com or send a letter to Microsoft Press, Attn: Microsoft Press Technical Support, One Microsoft Way, Redmond, WA 98502-6399. Setup Instructions Set up your computer according to the manufacturer’s instructions. Then install Windows Server 2003, Enterprise Edition according to the instructions provided on the installation CD-ROM. Use the following table during installation to help you configure the Windows Setup parameters. Caution If your computers are connected to a larger network, you must verify with your network administrator that the computer names, domain name, and other information used in setting up your system as described in this section do not conflict with network operations. If they do conflict, ask your network administrator to provide alternative values and use those values throughout all the exercises in this book.
  28. 28. About This Book Windows Setup Wizard page Settings Regional And Language Options Default (English) Personalize Your Software Enter your name and organization. Your Product Key Enter the product key provided with the Windows Server 2003 CD-ROM. Licensing Modes Default Computer Name And Administrator Password Computer Name: Server01 Administrator Password: [enter a strong password of your choice] Modem Dialing Information Default Date And Time Settings Your date, time, and time zone. Networking Settings Custom Settings IP Address: 10.0.0.1 Subnet Mask: 255.0.0.0 Preferred DNS Server: 10.0.0.1 Workgroup Or Computer Domain xxxi Default (Workgroup named “WORKGROUP”) Setup for Practice Exercises After you complete the Windows Server 2003 installation, complete the following configuration steps to prepare your computer for the practice exercises in the lessons. 1. Create a folder called Windist on your computer’s system drive. Then, copy the contents of the I386 folder on the Windows Server 2003 CD-ROM to the Windist folder. 2. Use the Manage Your Server page (which appears by default after you log on to the computer for the first time) to add the domain controller role to the server. This installs the Active Directory, DHCP, and DNS services on the computer. The procedure is as follows: a. On the Manage Your Server page, click the Add Or Remove A Role hyperlink. The Preliminary Steps page appears. b. Click Next. The Configure Your Server Wizard analyzes the computer. When the analysis completes, the Configuration Options page appears. c. Click the Typical Configuration For A First Server option button, and then click Next. The Active Directory Domain Name page appears. d. In the Active Directory Domain Name text box, type contoso.com, and then click Next. The NetBIOS Name page appears.
  29. 29. xxxii About This Book e. Click Next to accept the default DNS and NetBIOS domain names. The Forwarding DNS Queries page appears. f. Click No, Do Not Forward Queries, and then click Next. The Summary Of Selections page appears. g. Click Next to accept your selections. A Configure Your Server Wizard mes­ sage box appears. h. Click OK to begin the installation process. After a few minutes, the computer restarts. i. Log on as Administrator. The Server Configuration Progress page appears to continue the installation process. j. When the installation is complete, click Next, and then click Finish in the This Server Is Now Configured page. k. Close the Manage Your Server window. 3. Install the Microsoft Loopback Adapter (a virtual network interface adapter) using the following procedure: a. From the Control Panel, display the Add Hardware Wizard. b. Click Next to begin the search for new hardware. The Is The Hardware Con­ nected? page appears. c. Click Yes, I Have Already Connected The Hardware, and then click Next. The Following Hardware Is Already Installed On Your Computer page appears. d. Scroll down in the Installed Hardware list, select Add A New Hardware Device, and then click Next. The Wizard Can Help You Install Other Hardware page appears. e. Select the Install The Hardware That I Manually Select From A List (Advanced) option button, and then click Next. The From The List Below, Select The Type Of Hardware You Are Installing page appears. f. Scroll down in the Common Hardware Types list, Select Network Adapters, and then click Next. The Select Network Adapter page appears. g. Select Microsoft in the Manufacturer list and Microsoft Loopback Adapter in the Network Adapter list, and then click Next. The Wizard Is Ready To Install Your Hardware page appears. h. Click Next again to install the adapter driver. i. When the Completing The Add Hardware Wizard page appears, click Finish to complete the installation.
  30. 30. About This Book xxxiii 4. Rename the icons in the Network Connections window, using the following procedure: a. Right-click the Local Area Connection icon (corresponding to the network interface adapter in the computer), select Rename from the shortcut menu, and rename it to LAN Connection. b. Right-click the Local Area Connection 2 icon (corresponding to the Microsoft Loopback Adapter you just installed), select Rename from the shortcut menu, and rename it to WAN Connection. See Also If you do not have a network interface adapter installed in your computer, you can repeat the procedure in Step 3 twice to install two Microsoft Loopback Adapters, and then rename the two Local Area Connection icons as described here. The Readiness Review Suite The CD-ROM includes a practice test consisting of 300 sample exam questions and an objec­ tive review with an additional 125 questions. Use these tools to reinforce your learning and identify any areas where you need to gain more experience before taking the exam. � To install the practice test and objective review 1. Insert the Supplemental Materials CD-ROM into your CD-ROM drive. Note If AutoRun is disabled on your machine, refer to the Readme.txt file on the CD-ROM. 2. Click Readiness Review Suite on the user interface menu and follow the prompts. The eBooks The CD-ROM includes an electronic version of this training kit, as well as eBooks for both the Microsoft Encyclopedia of Security and the Microsoft Encyclopedia of Networking, Second Edition. The eBooks are in portable document format (PDF) and can be viewed using Adobe Acrobat Reader. � To use the eBooks 1. Insert the Supplemental Materials CD-ROM into your CD-ROM drive. Note If AutoRun is disabled on your machine, refer to the Readme.txt file on the CD-ROM. 2. Click Training Kit eBook on the user interface menu and follow the prompts. You can also review any of the other eBooks that are provided for your use.
  31. 31. xxxiv About This Book The Microsoft Certified Professional Program The Microsoft Certified Professional (MCP) program provides the best method for prov­ ing your command of current Microsoft products and technologies. The exams and corresponding certifications are developed to validate your mastery of critical compe­ tencies as you design and develop, or implement and support, solutions with Microsoft products and technologies. Computer professionals who become Microsoft certified are recognized as experts and are sought after industrywide. Certification brings a vari­ ety of benefits to the individual and to employers and organizations. See Also For a full list of MCP benefits, go to http://www.microsoft.com/traincert/start/ itpro.asp. Certifications The Microsoft Certified Professional program offers multiple certifications, based on specific areas of technical expertise: ■ Microsoft Certified Professional (MCP). Demonstrated in-depth knowledge of at least one Microsoft Windows operating system or architecturally significant platform. An MCP is qualified to implement a Microsoft product or technology as part of a business solution for an organization. ■ Microsoft Certified Solution Developer (MCSD). Professional developers qualified to analyze, design, and develop enterprise business solutions with Microsoft development tools and technologies including the Microsoft .NET Framework. ■ Microsoft Certified Application Developer (MCAD). Professional developers qualified to develop, test, deploy, and maintain powerful applications using Microsoft tools and technologies including Microsoft Visual Studio .NET and XML Web services. ■ Microsoft Certified Systems Engineer (MCSE). Qualified to effectively analyze the business requirements, and design and implement the infrastructure for business solutions based on the Microsoft Windows and Microsoft Windows Server 2003 operating system. ■ Microsoft Certified Systems Administrator (MCSA). Individuals with the skills to manage and troubleshoot existing network and system environments based on the Microsoft Windows and Microsoft Windows Server 2003 operating systems. ■ Microsoft Certified Database Administrator (MCDBA). Individuals who design, implement, and administer Microsoft SQL Server databases. ■ Microsoft Certified Trainer (MCT). Instructionally and technically qualified to deliver Microsoft Official Curriculum through a Microsoft Certified Technical Edu­ cation Center (CTEC).
  32. 32. About This Book xxxv Requirements for Becoming a Microsoft Certified Professional The certification requirements differ for each certification and are specific to the prod­ ucts and job functions addressed by the certification. To become a Microsoft Certified Professional, you must pass rigorous certification exams that provide a valid and reliable measure of technical proficiency and expertise. These exams are designed to test your expertise and ability to perform a role or task with a product, and are developed with the input of professionals in the industry. Questions in the exams reflect how Microsoft products are used in actual organiza­ tions, giving them “real-world” relevance. ■ Microsoft Certified Professional (MCPs) candidates are required to pass one current Microsoft certification exam. Candidates can pass additional Microsoft certifi­ cation exams to further qualify their skills with other Microsoft products, development tools, or desktop applications. ■ Microsoft Certified Solution Developers (MCSDs) are required to pass three core exams and one elective exam. (MCSD for Microsoft .NET candidates are required to pass four core exams and one elective.) ■ Microsoft Certified Application Developers (MCADs) are required to pass two core exams and one elective exam in an area of specialization. ■ Microsoft Certified Systems Engineers (MCSEs) are required to pass five core exams and two elective exams. ■ Microsoft Certified Systems Administrators (MCSAs) are required to pass three core exams and one elective exam that provide a valid and reliable measure of techni­ cal proficiency and expertise. ■ Microsoft Certified Database Administrators (MCDBAs) are required to pass three core exams and one elective exam that provide a valid and reliable measure of technical proficiency and expertise. ■ Microsoft Certified Trainers (MCTs) are required to meet instructional and techni­ cal requirements specific to each Microsoft Official Curriculum course they are cer­ tified to deliver. The MCT program requires on-going training to meet the requirements for the annual renewal of certification. For more information about becoming a Microsoft Certified Trainer, visit http://www.microsoft.com/traincert/ mcp/mct/ or contact a regional service center near you.

×