Configuring Windows Server 2008 Network Infrastructure

advertisement
Lesson Plans
Configuring Windows Server 2008
Network Infrastructure
(Exam 70-642)
Table of Contents
Course Overview .................................................................................................. 3
Section 0.1: Introduction ....................................................................................... 5
Section 0.2: Server Management.......................................................................... 6
Section 0.3: Remote Management........................................................................ 8
Section 0.4: Mathematical Foundations ................................................................ 9
Section 1.1: IPv4 Addressing .............................................................................. 10
Section 1.2: IPv4 Subnetting ............................................................................... 11
Section 1.3: IPv4 Host Configuration .................................................................. 13
Section 2.1: IPv6 ................................................................................................. 15
Section 2.2: IPv6 Addressing .............................................................................. 16
Section 2.3: IPv6 Configuration........................................................................... 18
Section 2.4: IPv6 Implementation ....................................................................... 20
Section 3.1: DHCP Configuration........................................................................ 21
Section 3.2: DHCP Options ................................................................................ 23
Section 3.3: Advanced DHCPv4 Settings ........................................................... 25
Section 3.4: Server Placement ........................................................................... 27
Section 3.5: Superscopes and Split Scopes ....................................................... 29
Section 3.6: DHCPv6 .......................................................................................... 30
Section 4.1: DNS Concepts ................................................................................ 32
Section 4.2: Name Resolution ............................................................................ 34
Section 4.3: Zone Configuration ......................................................................... 35
Section 4.4: Active Directory-integrated Zones ................................................... 37
Section 4.5: Resource Records .......................................................................... 39
Section 4.6: Client Configuration......................................................................... 40
Section 4.7: Dynamic DNS ................................................................................. 41
Section 4.8: Stub Zones and Forwarding ............................................................ 43
Section 4.9: Root Hints and Root Zone ............................................................... 45
Section 4.10: Zone Delegation ............................................................................ 46
Section 4.11: DNS Features ............................................................................... 47
Section 4.12: New DNS Features ....................................................................... 49
Section 4.13: Single-label Name Resolution ....................................................... 51
Section 4.14: DNS Design .................................................................................. 53
Section 5.1: Routing............................................................................................ 55
Section 5.2: RIP .................................................................................................. 57
Section 5.3: Demand-dial Routing ...................................................................... 59
Section 5.4: ICS and NAT ................................................................................... 61
Section 6.1: Remote Access Concepts ............................................................... 63
Section 6.2: Dial-up and VPN ............................................................................. 65
Section 6.3: SSTP............................................................................................... 67
Section 6.4: CMAK.............................................................................................. 69
Section 7.1: Network Location Profiles ............................................................... 70
Section 7.2: RADIUS .......................................................................................... 71
Section 7.3: Network Access Protection (NAP)................................................... 73
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
1
Section 7.4: Network Authentication ................................................................... 75
Section 7.5: Firewall............................................................................................ 77
Section 7.6: IPsec ............................................................................................... 79
Section 7.7: DirectAccess ................................................................................... 81
Section 8.1: File Services ................................................................................... 83
Section 8.2: File Shares ...................................................................................... 85
Section 8.3: Offline Files ..................................................................................... 87
Section 8.4: NTFS Permissions .......................................................................... 88
Section 8.5: Share and NTFS Permissions ......................................................... 90
Section 8.6: EFS ................................................................................................. 91
Section 8.7: BitLocker ......................................................................................... 93
Section 8.8: BranchCache .................................................................................. 95
Section 8.9: Distributed File System (DFS) ......................................................... 97
Section 8.10: Shadow Copy ................................................................................ 99
Section 8.11: Backup and Restore.................................................................... 101
Section 8.12: Disk Quotas ................................................................................ 103
Section 8.13: FSRM Features ........................................................................... 105
Section 8.14: Print Services .............................................................................. 107
Section 9.1: WSUS ........................................................................................... 110
Section 9.2: Client Configuration....................................................................... 112
Section 10.1: Reliability and Performance Monitor ........................................... 114
Section 10.2: Event Viewer ............................................................................... 116
Section 10.3: Network Monitor .......................................................................... 118
Section 10.4: SNMP.......................................................................................... 120
Practice Exams ................................................................................................. 122
Appendix A: Approximate Time for the Course ................................................. 123
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
2
Course Overview
This course prepares students for the 70-642 Technology Specialist exam:
Windows Server 2008 Network Infrastructure, Configuring. It focuses on the
details of configuring the infrastructure of a network.
Module 0 – Introduction
This module introduces Microsoft’s recommendations of the technical experience
a candidate should have before attempting the certification test. Students will
become familiar with server and remote management tools. This module
provides the mathematical calculations of how to convert numbers from binary to
decimal and hexadecimal. This mathematical foundation is necessary for
students to understand the IPv4 and IPv6 addresses they will be studying in the
course.
Module 1 – IPv4
This module discusses the details of configuring IPv4 addressing and subnetting.
This includes topics of converting IPv4 addresses from binary to decimal,
converting subnet masks to slant notation, identifying Ipv4 classes and ranges of
IP addresses, and determining local and non-local hosts. Students will learn how
to customize the number of subnets and hosts allowed on each subnet.
Module 2 – IPv6
In this module students will learn why it will become necessary to migrate to
IPv6. They will learn the basic format of IPv6 addresses, identifying IPv6 address
types, and configuring IPv6 addresses using the GUI and command line.
Interoperability strategies for implementing IPv4 and IPv6 are explored.
Module 3 – DHCP
This module covers DHCP configuration, customization options, and advanced
settings. Students will learn proper server placement to assure client
communication with the DHCP server, the rationale for creating superscopes and
split scopes, and DHCPv6 options.
Module 4 – DNS
In Module 4 students will learn the details of how DNS translates host names to
IP addresses and the process of DNS name resolution for both the client and
server. Topics will also include; creating zone and zone transfers, creating or
converting an Active Directory-integrated zone, creating and editing resource
records, configuring client registration, automatically updating DNS using
Dynamic DNS, resolving queries using stub zones and forwarding, using root
hints and a root zone, managing zones through zone delegation, creating WINSintegrated zones and GlobalNames zones support, and implementing strategies
and goals when designing a DNS solution.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
3
Module 5 – Routing
Module 5 teaches the students the basics of routing and how to manage routing
table entries. Students will become familiar with installing RRAS components,
and configuring RIP, demand-dial routing, and ICS and NAT solutions.
Module 6 – Remote Access
Module 6 discusses the details of configuring remote access and network
authentication. Topics include; configuring a Remote Access server to use Dialup and VPN connections, configuring client connections, configuring a VPN using
SSTP, and using CMAK to manage remote access.
Module 7 – Network Access and Security
In Module 7 students will learn several strategies for controlling network access
and enhancing network security. These will include: controlling network location
profiles, configuring a RADIUS client, server and proxy, configuring a DHCP
server as an enforcement point, enforcing network authentication using Kerberos
and NTLM, configuring a firewall, and configuring IPsec to protect IP packets
during transmission.
Module 8 – File and Print
This module discusses managing network files and printing. Topics include:
managing network file sharing and shared folders, controlling access using NTFS
and share permissions, encrypting files and folders, protecting integrity of data
through shadow copy, and backup and restore, restricting disk space using disk
quotas and FSRM, and managing print services.
Module 9 – WSUS
In this module students will learn how to configure a WSUS server and client to
manage the updating of software. They will also learn how to use MBSA to scan
for security compliance.
Module 10 – Performance and Reliability
This module covers tools that are used to collect and monitor network data for
performance and reliability. The Reliability and Performance Monitor provides
network performance statistics. Event Viewer is used to monitor event logs.
Network Monitor is used to gather information about network traffic. SNMP is
used to manage network-attached devices.
Practice Exams
In Practice Exams students will have the opportunity to test themselves and
verify that they understand the concepts and are ready to take the certification
test.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
4
Section 0.1: Introduction
Summary
This course prepares students for the 70-642 Technology Specialist exam:
Windows Server 2008 Network Infrastructure, Configuring.
Microsoft recommends at least one year experience in the following underlying
technologies:





IP addressing and services
Names resolution
File and print services
Network access and remote access
Monitoring network services
This section introduces the instructor and the concepts that will be covered in this
course.
Video/Demo
0.1.1 Course Introduction
Time
1:09
Total Time
About 5 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
5
Section 0.2: Server Management
Summary
This section discusses a new management console, Server Manager, used to
install and manage server components. Details include:



Server Manager elements:
o Role
o Role services
o Feature
Windows PowerShell cmdlets that support Server Manager in Windows
Server 2008 R2
The role of Server Core
o Limited GUI support
o Limited set of server roles
o Features available in Windows Server 2008 R2
o Other limitations:
 No windows Shell
 Limited managed code support
 Only MSI support for unattended mode installs
o Managing a server core system
Students will learn how to:


Configure and manage a server using the Server Manager.
Install roles on a Server Core server.
Configuring Server 2008 Network Infrastructure Objectives


102. Configure Dynamic Host Configuration Protocol (DHCP)
201. Configure a Domain Name System (DNS) server.
Lecture Focus Questions:




What are the differences among roles, role services, and features?
How are dependencies handled during role installation?
How does the server core installation differ from a standard server
installation?
What are the limitations of a server core installation? What are the
advantages?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
6
Video/Demo
Time
0.2.1 Using Server Manager
6:39
0.2.3 Server Core
1:37
0.2.4 Installing Roles on Server Core
6:05
Total
14:21
Total Time
About 20 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
7
Section 0.3: Remote Management
Summary
This section examines using the following remote management tools to manage
a server:





Remote Desktop
Remote Desktop Gateway
MMC snap-ins
Remote Server Administration Tools (RSAT)
Windows Remote Shell
Students will learn how to:



Enable Remote Desktop on a Server Core.
Enable remote management of the firewall.
Open firewall ports to allow remote use of MMC snap-ins.
Lecture Focus Questions:






How do firewall ports affect your ability to remotely manage a server?
What firewall port must be opened for Remote Desktop connections?
What advantage does using TS Gateway have over using Remote
Desktop?
What is the effect of enabling the Remote Administration exception in the
firewall?
What are the operating system requirements for RSAT?
Which remote administration tools could you use if the firewall had only
ports 80 and 443 open?
Video/Demo
Time
0.3.1 Remote Management
4:06
0.3.2 Managing Server Core
14:45
Total
18:51
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
8
Section 0.4: Mathematical Foundations
Summary
This section explains the mathematical calculations to convert the following
numbering systems:



Base 2 - Binary
Base 10 – Decimal
Base 16 - Hexadecimal
For students to understand IPv4 and IPv6 addresses they will need to know how
to convert from binary to decimal and hexadecimal.
Configuring Server 2008 Network Infrastructure Objectives

101. Configure IPv4 and IPv6 Addressing.
Lecture Focus Questions:





How does the decimal form of the binary number 10000000 differ from
01000000?
What formula can you use to find the decimal equivalent for the binary
number 00010000?
How can you determine the binary value of the decimal number 161?
What is the binary value for the hexadecimal value of E? What is E's
decimal value?
How many hexadecimal digits replace a full binary octet?
Video/Demo
0.4.1 TCP/IP Mathematics
Time
12:13
Total Time
About 15 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
9
Section 1.1: IPv4 Addressing
Summary
In this section the students will learn how to convert IPv4 addresses and subnet
masks from binary to decimal and how to convert subnet masks to slant notation.
Students will learn:


The five IPv4 classes of IP addresses with the range of IP addresses and
the default subnet mask for each class.
How to identify the Network ID, host ID, and the default gateway address
to determine local and non-local hosts.
Configuring Server 2008 Network Infrastructure Objectives

101. Configure IPv4 and IPv6 Addressing.
o Configure IP address options
Lecture Focus Questions:




What is the format of an IPv4 address?
What is the purpose of a subnet mask?
What is the relationship between slash notation and the subnet mask?
What is the default address class of the IP address 132.11.166.5?
Video/Demo
1.1.1 IPv4 Addressing
1.1.2 Classful IPv4 Subnetting
Total
Time
6:10
11:22
17:32
Total Time
About 20 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
10
Section 1.2: IPv4 Subnetting
Summary
This section discusses using IPv4 subnetting. Details include:


Using a Variable Length Subnet Mask to vary the number of bits in the
subnet mask to:
o Subnet a single network address into multiple smaller subnets.
o Create a supernet which combines multiple network addresses into
a single larger subnet.
Recommended subnetting tables for students to memorize:
o Exponent values for powers of 2
o Binary subnet mask values and decimal equivalent values
Students will learn how to:



Given a network address and a custom mask, identify valid subnet
addresses.
Given a scenario with the desired number of hosts, choose a subnet
address and mask.
Given a subnet address and the subnet mask, identify valid host
addresses on that subnet.
Configuring Server 2008 Network Infrastructure Objectives

101. Configure IPv4 and IPv6 Addressing.
o Subnetting
o Supernetting
Lecture Focus Questions:






How many hosts can you have if you use a subnet mask of
255.255.255.192?
How is a supernet different from a subnet?
How can a magic number help you identify the possible subnet addresses
when using a custom subnet mask?
What is the decimal mask value for a /27 mask?
How many approximate and actual hosts can you have when using a
mask value of /23?
What are the first and last addresses in a range used for?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
11
Video/Demo
1.2.1 Variable Length Subnet Mask (VLSM)
1.2.3 IPv4 Subnetting Cheat Sheet
Total
Time
17:19
4:38
21:57
Number of Exam Questions
4 questions
Total Time
About 30 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
12
Section 1.3: IPv4 Host Configuration
Summary
This section explores IPv4 host configuration. Details include:




Configuration values:
o IP address
o Subnet mask
o Default gateway
o Host name
o DNS server
o WINS server
o MAC address
Methods used to configure IPv4 configuration settings:
o Static (manual) assignment
o Dynamic Host Configuration Protocol (DHCP)
o Automatic Private IP Addressing (APIPA)
o Alternate IP configuration
Commands to configure Windows host with IPv4 configuration parameters
TCP Chimney offloading
Students will learn how to:



Configure static and automatic IPv4 addressing.
Specify an alternate IPv4 configuration.
Use the command line to configure IPv4 settings.
Configuring Server 2008 Network Infrastructure Objectives

101. Configure IPv4 and IPv6 Addressing.
o Configure IP address options
Lecture Focus Questions:





What is the purpose of an alternate IPv4 configuration?
When is a static configuration advantageous?
When does a Windows computer use APIPA? What are its limitations?
How can you tell when a computer has used APIPA to configure its IP
address?
What does the MAC address identify?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
13
Video/Demo
Time
1.3.1 IPv4 Configuration
4:35
1.3.3 Configuring IPv4 Client Addressing
2:33
1.3.7 Using Netsh
7:32
1.3.9 Allowing Ping through the Firewall
3:45
Total
18:25
Lab/Activity



Configure IP Settings
Configure Automatic and Alternate Addressing
Configure a Subnetted Address
Number of Exam Questions
10 questions
Total Time
About 50 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
14
Section 2.1: IPv6
Summary
This section discusses the need to migrate from IPv4 to IPv6. IPv4 was
developed in 1974 and due to the rapid Internet growth we are running out of
IPv4 addresses. Students will become familiar with the new features in IPv6 that
are designed for the long term health and security of networks.
Configuring Server 2008 Network Infrastructure Objectives

101. Configure IPv4 and IPv6 Addressing.
Lecture Focus Questions:




What are the reasons for the shift from IPv4 to IPv6?
How does IPv6 make route summarization more efficient?
How is IPsec treated differently in IPv6 than in IPv4?
Why is NAT not needed when using IPv6?
Video/Demo
2.1.1 IPv6 Concepts
Time
3:47
Total Time
About 5 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
15
Section 2.2: IPv6 Addressing
Summary
Students will learn the basic format of IPv6 addresses. IPv6 is a 128 bit address
in which the first 64 bits called the prefix identifies the network and subnet
address and the last 64-bits is the interface ID which identifies the network
connection. They will also learn how to obtain the EUI-64 interface ID from the
MAC address.



Features of an IPv6 address
Address types for IPv6:
o Reserved
o Multicast
o Unicast
 Global unicast
 Link-local
 Unique local
o Anycast
o Loopback
o Unspecified
Details of the IPv6 64-bit prefix
Configuring Server 2008 Network Infrastructure Objectives

101. Configure IPv4 and IPv6 Addressing.
o Configure IP address options
o Subnetting
o Supernetting
Lecture Focus Questions:









What is the format of an IPv6 address?
How can you represent leading zeroes and groups of zeroes in IPv6?
Which type of IPv6 address uses the FC00::/7 prefix?
How can you identify a link-local address?
What does IPv6 use instead of a broadcast address?
How can you easily identify IPv6 multicast addresses?
What does the address ::1 represent?
What is the purpose of the prefix length?
What are the steps for deriving the EUI-64 interface ID from the MAC
address?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
16
Video/Demo
Time
2.2.1 IPv6 Addressing
3:57
2.2.3 IPv6 Address Types
8:42
2.2.5 IPv6 Prefix and Subnetting
2.2.7 IPv6 Interface ID
Total
11:54
3:27
28:00
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
17
Section 2.3: IPv6 Configuration
Summary
This section examines the following details about IPv6 configuration:




Methods to configure IPv6 information on a host:
o Static full assignment
o Static partial assignment
o Stateless autoconfiguration
o DHCPv6
The process to configure the IPv6 address for an interface
States of an autoconfigured IPv6 address:
o Tentative
o Valid
 Preferred
 Deprecated
o Invalid
Commands to configure Windows hosts with IPv6 configuration
parameters
Students will learn how to:



Configure IPv6 addresses using the GUI and the command line.
Configure an advanced firewall rule to allow the ping command.
Specify the IPv6 address and scope ID when using ping for a link-local
address.
Configuring Server 2008 Network Infrastructure Objectives

101. Configure IPv4 and IPv6 Addressing.
o Configure IP address options
o Subnetting
Lecture Focus Questions:






How does a host get its IPv6 address when using stateless
autoconfiguration?
What information does the DHCP server provide when using stateless
DHCPv6?
What address does a host use to request an address from a DHCP
server?
What is the difference between the M and O flags?
What are the five states of an autoconfigured IPv6 address?
How is the interface ID determined in static partial assignment?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
18
Video/Demo
Time
2.3.1 IPv6 Configuration Facts
4:54
2.3.2 IPv6 Autoconfigured Address States
3:58
2.3.5 Configuring IPv6 Addresses
8:24
2.3.6 Using IPv6 Ping
8:09
Total
25:25
Number of Exam Questions
6 questions
Total Time
About 35 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
19
Section 2.4: IPv6 Implementation
Summary
In this section students will learn various strategies for implementing IPv4 and
IPv6 interoperability:



Dual stack
Tunneling
o Manually configured tunnel
o Intra-site Automatic Tunnel Addressing Protocol (ISATAP)
o 6-to4 tunneling
o Teredo tunneling
PortProxy
Configuring Server 2008 Network Infrastructure Objectives

101. Configure IPv4 and IPv6 Addressing.
o Interoperability between IPv4 and IPv6
Lecture Focus Questions:






How does IPv6 support differ on various Microsoft operating systems?
What limitations does ISATAP have for IPv6 implementation?
Which IPv6 tunneling methods work through NAT?
When should you implement Teredo?
When is 6to4 tunneling automatically configured in Windows Server 2008?
What technology allows an IPv4-only host to communicate with an IPv6only host?
Video/Demo
Time
2.4.1 IPv4 and IPv6 Interoperability
9:46
2.4.2 IPv6 Implementation in Server 2008
1:49
Total
11:35
Number of Exam Questions
3 questions
Total Time
About 20 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
20
Section 3.1: DHCP Configuration
Summary
This section discusses how to configure a DHCP server to deliver IP addresses
to clients. Details include:





Methods to obtain an address from a DHCP server:
o DHCP Discover (D)
o DHCP Offer (O)
o DHCP Request (R)
o DHCP ACK (A)
Authorizing a DHCP server
Objects to configure a DHCP server to deliver IP addresses:
o Scope
o Exclusion
o Reservation
The process to configure an existing server running server core for DHCP
Using link layer filter to control the issuance or denial of DHCP leases
based on MAC address for IPv4
Students will learn how to:



Install and authorize a DHCP server.
Create and activate scopes.
Configure exclusion ranges and reservations.
Configuring Server 2008 Network Infrastructure Objectives

102. Configure Dynamic Host Configuration Protocol (DHCP).
o DHCP options
o Exclusions
o Authorize server in Active Directory
o Scopes
Lecture Focus Questions:






What are the steps a client uses to acquire an address from DHCP?
When must you authorize a DHCP server? What permissions do you need
to authorize a DHCP server?
Why does a DHCP server shut down if its address is not found in Active
Directory? What does this protect against?
How are reservations different from exclusions?
How can you change the subnet on a scope?
What are the two ways to exclude IP addresses from a scope?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
21

What information is necessary to configure a reservation?
Video/Demo
Time
3.1.1 DHCP Concepts
5:16
3.1.3 Installing DHCP
3:25
3.1.5 Configuring DHCPv4 Scopes
4:28
3.1.9 Using DHCP MAC Address Filtering
4:11
Total
17:20
Lab/Activity




Authorize DHCP Servers
Create a Scope
Create Exclusion Ranges
Create Client Reservations
Number of Exam Questions
10 questions
Time
About 50 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
22
Section 3.2: DHCP Options
Summary
In this section students will learn about DHCP options to deliver a wide range of
TCP/IP configuration parameters. Details include:


Common option that can be used to configure DHCP:
o 003 Router
o 006 DNS Servers
o 015 DNS Domain Name
o 044 WINS/NBNS Servers
o 046 WINS/NBT Node Type
Levels that the DHCP options can be set at:
o Server
o Scope
o Reservation
Students will learn how to:


Configure server, scope, and user/vendor class options.
Design DHCP options to customize configuration and minimize
administration.
Configuring Server 2008 Network Infrastructure Objectives

102. Configure Dynamic Host Configuration Protocol (DHCP).
o DHCP options
Lecture Focus Questions:




What are the most common DHCP options?
Where can you configure DHCP options?
How can you determine which options take precedence?
How are DHCP options configured for IPv4 and IPv6?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
23
Video/Demo
Time
3.2.1 DHCPv4 Options
3:55
3.2.2 Create DHCP Options
6:43
Total
10:38
Lab/Activity




Configure Server Options
Configure Scope Options
Design Scope Options
Design DHCP Options
Number of Exam Questions
1 question
Total Time
About 30 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
24
Section 3.3: Advanced DHCPv4 Settings
Summary
This section examines using advanced DHCPv4 settings to optimize DCHP
server performance. Details include




Advanced DHCPv4 settings:
o Bindings
o Backup and Restore
o Dynamic DNS
o Conflict Detection
The role of Bootstrap Protocol (BOOTP)
Components required by BOOTP
o Client workstation
o DHCP server
o TFTP server
Steps to configure a DHCP server to support Bootstrap Protocol (BOOTP)
clients for diskless network boot
Students will learn how to:




Configure server bindings.
Backup or restore a DHCP server.
Configure proxy settings for dynamic DNS updates.
Set the number of conflict detection attempts.
Configuring Server 2008 Network Infrastructure Objectives

102. Configure Dynamic Host Configuration Protocol (DHCP).
o Creating new options
o PXE boot
Lecture Focus Questions:





How does conflict detection work? How can this affect system
performance?
How can you transfer the DHCP configuration from one server to another?
Why would you configure BOOTP?
Which options should you configure through the BOOTP table and not
DHCP options?
What should you do so that host names for computers running Windows
NT 4.0 are automatically registered using DDNS?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
25
Video/Demo
Time
3.3.1 Advanced DHCPv4 Settings
2:00
3.3.2 Configuring Advanced Settings
2:49
Total
4:49
Number of Exam Questions
6 questions
Total Time
About 15 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
26
Section 3.4: Server Placement
Summary
In this section students will learn how DHCP server placement affects the ability
of clients to communicate with the DHCP server. The following strategies to
provide DHCP for multiple subnets are presented:




DHCP server on each subnet
Multihomed DHCP server
BOOTP forwarding
DHCP relay agent
Students will learn how to:

Configure a DHCP relay agent.
Configuring Server 2008 Network Infrastructure Objectives


101 Configure IPv4 and IPv6 addressing.
o Multi-homed
102. Configure Dynamic Host Configuration Protocol (DHCP).
o DHCP relay agents
Lecture Focus Questions:





How can you provide DHCP services to clients on subnets that do not
have a DHCP server?
What is a multihomed server, and how is it used with DHCP?
How does a DHCP relay agent differ from a router that has BOOTP
forwarding enabled?
What are the advantages to having a DHCP server on every subnet?
How can BOOTP forwarding affect your network?
Video/Demo
Time
3.4.1 DHCP Server Placement
4:16
3.4.3 Configuring a DHCP Relay Agent
1:27
Total
5:43
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
27
Lab/Activity

Configure a DHCP Relay Agent
Number of Exam Questions
4 questions
Total Time
About 15 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
28
Section 3.5: Superscopes and Split Scopes
Summary
This section discusses how and when to use superscopes and split scopes.


Superscopes are used to combine multiple address ranges into a single
logical range.
Split scopes provide fault tolerance by two DHCP servers servicing a
portion of each range for each subnet.
Students will learn how to:

Use the 80/20 rule to create a split scope.
Configuring Server 2008 Network Infrastructure Objectives

102. Configure Dynamic Host Configuration Protocol (DHCP).
o Scopes
Lecture Focus Questions:




What are the reasons for deploying a superscope?
When using multiple DHCP servers for a single scope, how should you
configure the scope range for each server? Why do you configure an
exclusion for a part of the address range?
How should you configure the relay agent to ensure that the preferred
server responds before the backup server in a split scope deployment?
How does a clustered server provide fault tolerance?
Video/Demo
3.5.1 Superscopes and Split Scopes
Time
8:01
Lab/Activity

Add a DHCP Server on Another Subnet
Number of Exam Questions
3 questions
Total Time
About 15 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
29
Section 3.6: DHCPv6
Summary
This section examines configuring DHCPv6. Details include:


Methods to assign IPv6 addresses to clients:
o Stateless DCHPv6
o Stateful DHCPv6
Messages exchanged between the client and the DHCP when stateful
DHCPv6 is used:
o Solicit Packet (S)
o Advertise Packet (A)
o Request Packet (R)
o Reply Packet (R)
Students will learn how to:


Create and activate an IPv6 scope using the global unicast prefix.
Include address range exclusions as part of an IPv6 scope.
Configuring Server 2008 Network Infrastructure Objectives

102. Configure Dynamic Host Configuration Protocol (DHCP).
o DHCPv6
Lecture Focus Questions:




What configuration information is provided by IPv6 routers when using
IPv6 autoconfiguration? How does this differ from using APIPA with IPv4?
What are the messages used to configure clients in stateful DHCPv6?
Under what circumstances do you use stateful DHCPv6? What are the
flag settings?
What makes autoconfiguration of IPv6 hosts possible?
Video/Demo
Time
3.6.1 DHCPv6
4:01
3.6.2 Configuring DHCPv6
4:10
Total
8:11
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
30
Number of Exam Questions
2 questions
Total Time
About 10 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
31
Section 4.1: DNS Concepts
Summary
In this section students will learn concepts of how the Domain Name System
(DNS) translates host names to IP addresses.








DNS is a distributed database with multiple servers holding different
portions of the data.
Components of the DNS hierarchy
o .(dot) domain
o Top Level Domains (TLDs) (.com, .edu, .gov)
o Second-level and additional domains
o Hosts
Terms that relate to DNS:
o A fully qualified domain name (FQDN)
o Forward lookup
o Authoritative server
o Referral
o Recursion
Authoritative DNS zones:
o Primary
o Secondary
o Active Directory-integrated
Zone types:
o Forward lookup zone
o Reverse lookup zone
Common resource records:
o SOA (Start of Authority)
o NS (name server)
o A (host address)
o AAAA (quad-A)
o PTR (pointer)
o CNAME (canonical name)
o MX (Mail Exchanger)
o SRV (service locator)
o WINS and WINS-R resource records
The role of Dynamic DNS (DDNS)
Secure DDNS
Configuring Server 2008 Network Infrastructure Objectives


201. Configure a Domain Name System (DNS) server.
202. Configure DNS zones.
o Zone types
o Dynamic Domain Name System (DDNS)
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
32

o Secure DDNS
o Reverse lookup zones
203. Configure DNS records.
o Record types
Lecture Focus Questions:








What is the purpose of DNS?
How does an FQDN identify a host?
How is an Active Directory-integrated zone different from a primary zone?
How is secondary zone data changed?
What is the difference between a forward lookup zone and a reverse
lookup zone?
What is the purpose of PTR records?
How does DDNS simplify DNS management?
What type of zone would you create if you wanted to use secure dynamic
updates?
Video/Demo
Time
4.1.1 DNS Concepts
8:44
4.1.3 Authoritative Zones
8:28
4.1.5 Resource Records
4:52
4.1.7 Dynamic DNS
2:41
Total
24:45
Total Time
About 30 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
33
Section 4.2: Name Resolution
Summary
This section examines the process of DNS name resolution for both the client
and the server. Details include:




On the client side, there are three checks a client can go through to
resolve a DNS name to an IP address:
o Hosts file
o Local DNS cache
o DNS server
Command to view the local DNS cache (ipconfig /displaydns)
Command to clear the local DNS cache (ipconfig /flushdns)
The DNS name resolution process on the server:
Configuring Server 2008 Network Infrastructure Objectives

205. Configure name resolution for client computers.
Lecture Focus Questions:




How does the DNS resolution process on a client differ from the
resolution process on a server?
Why are there two different DNS cache locations on a DNS server?
How do entries in the HOSTS file affect name resolution?
What are root hints and how do they affect name resolution performed by
a DNS server?
Video/Demo
Time
4.2.1 DNS Client Name Resolution
9:41
4.2.2 DNS Server Name Resolution
3:54
4.2.3 Examining Name Resolution
7:26
Total
21:01
Number of Exam Questions
1 question
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
34
Section 4.3: Zone Configuration
Summary
In this section students will learn the basics of zone configuration.



Configuring the DNS server role
The role of A zone transfer
The role of a reverse lookup zone
Students will learn how to:



Add the DNS server role to a server.
Create primary, secondary, and reverse lookup zones.
Configure zone transfers between primary and secondary zones.
Configuring Server 2008 Network Infrastructure Objectives



201. Configure a Domain Name System (DNS) server.
o Cache-only
202. Configure DNS zones.
o Reverse lookup zones
204. Configure DNS replication.
o DNS secondary zones
o Securing zone transfer
o SOA refresh
Lecture Focus Questions:






How does a caching-only server reduce name resolution traffic?
How can a secondary zone provide security for a DNS domain?
What is the role of the SOA record during a zone transfer?
What are the advantages to changing zone data through the dnscmd
command rather than manually editing the zone file?
Why would you choose a secondary server over a caching-only server?
What type of name resolution is performed by reverse lookup zones?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
35
Video/Demo
Time
4.3.1 Creating a Primary Zone
7:17
4.3.3 Creating Secondary Zones
8:12
4.3.6 Reverse Lookup Zones
6:14
4.3.7 Creating Reverse Lookup Zones
4:15
Total
25:58
Lab/Activity



Create a Primary Zone
Create a Secondary Zone
Create a Reverse Lookup Zone
Number of Exam Questions
19 questions
Total Time
About 65 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
36
Section 4.4: Active Directory-integrated Zones
Summary
This section discusses how Active Directory-integrated zones can be used to
manage zone information.
Students will learn how to:


Create an Active Directory-integrated zone and configure the replication
scope.
Convert a primary zone to an Active Directory-integrated zone.
Configuring Server 2008 Network Infrastructure Objectives


202. Configure DNS zones.
o Active Directory integration
204. Configure DNS replication.
o Active Directory Integrated replication scopes
Lecture Focus Questions:





What are some of the benefits of Active Directory-integrated (AD-I) zones?
How is zone data for Active Directory-integrated zones replicated?
Under which circumstances could you disable zone transfers for an AD-I
zone? When would you need to continue using DNS zone transfers?
How do AD-I zones integrate with other zone types such as primary or
secondary?
What are the four replication scopes of an AD-I zone?
Video/Demo
4.4.1 DNS Integration with AD
4.4.2 Managing Active Directory-integrated Zones
Total
Time
8:06
10:31
18:37
Lab/Activity


Create an Active Directory-integrated Zone
Convert a Zone
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
37
Number of Exam Questions
10 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
38
Section 4.5: Resource Records
Summary
This section provides information about creating and managing resource records.
Students will learn how to:


Create common resource records.
Adding or deleting a DNS record.
Configuring Server 2008 Network Infrastructure Objectives

203. Configure DNS records.
Lecture Focus Questions:





What is the advantage to using DDNS to manage records?
What record type would you use to add alternate names for a DNS host?
What records are used to identify and locate domain controllers?
What happens if you create A and PTR records together if the reverse
lookup zone doesn't exist?
What happens when you create a CNAME record with a blank name?
Video/Demo
4.5.1 Creating Resource Records
Time
8:03
Lab/Activity




Create a Zone and Add Records
Create A and CNAME Records
Troubleshoot Name Resolution 1
Troubleshoot Name Resolution 2
Number of Exam Questions
11 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
39
Section 4.6: Client Configuration
Summary
In this section students will learn how to configure DNS client settings.
Students will learn how to:



Configure a connection-specific suffix using advanced TCP/IP properties.
Specify a suffix search order.
Manage DNS client registration.
Configuring Server 2008 Network Infrastructure Objectives

205. Configure name resolution for client computers.
o Suffix search order
Lecture Focus Questions:




What is the purpose of listing multiple DNS IP addresses on the client?
What are the differences between a primary suffix and a connectionspecific suffix?
What is a parent suffix? How are they used during name resolution?
How do custom search suffixes differ from the default suffix search order?
Video/Demo
4.6.1 DNS Client Settings
Time
4:33
Lab/Activity





Configure DNS Server Addresses
Configure Search Suffixes 1
Configure Search Suffixes 2
Configure DNS Client Registration
Configure DNS Group Policy Settings
Number of Exam Questions
4 questions
Total Time
About 35 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
40
Section 4.7: Dynamic DNS
Summary
This section covers using Dynamic DNS to automatically update DNS records.
Settings on the following components are used to configure Dynamic DNS:



Client
DHCP server
DNS server
Students will learn how to:


Enable dynamic updates on a DNS zone.
Configure DHCP server settings to support dynamic updates.
Configuring Server 2008 Network Infrastructure Objectives


202. Configure DNS zones.
o Secure DDNS
203. Configure DNS records.
Lecture Focus Questions:





What is the relationship between DNS and DHCP when using dynamic
updates?
What are the DDNS settings you can configure on the DHCP server?
Which operating systems support dynamic updates?
What are the restrictions on record creation when using secure dynamic
updates? Which zone types support secure dynamic updates?
How can DHCP be used to help the dynamic update process?
Lab/Activity




Enable Dynamic DNS Updates
Troubleshoot Dynamic DNS 1
Troubleshoot Dynamic DNS 2
Troubleshoot Dynamic DNS 3
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
41
Number of Exam Questions
4 questions
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
42
Section 4.8: Stub Zones and Forwarding
Summary
This section discusses using stub zones and forwarding to resolve queries.
Methods to control the server’s use of forwarders include:



Secondary zone
Stub zone
Conditional forwarder
Students will learn how to:


Create a stub zone.
Configure forwarders and conditional forwarding.
Configuring Server 2008 Network Infrastructure Objectives


201. Configure a Domain Name System (DNS) server.
o Conditional forwarding
204. Configure DNS replication.
o DNS secondary zones
o DNS stub zones
o Active Directory Integrated replication scopes
o Securing zone traffic
Lecture Focus Questions:





How does conditional forwarding differ from standard forwarding?
How does a stub zone differ from a secondary zone?
How do conditional forwarders differ from stub zones?
What records are copied to the zone when you create a stub zone?
Why isn't a stub zone authoritative for the zone?
Video/Demo
Time
4.8.1 Stub Zones and Conditional Forwarding
10:05
4.8.2 Configuring Forwarding and Stub Zones
11:16
Total
21:21
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
43
Lab/Activity


Configure a Stub Zone
Configure Conditional Forwarding
Number of Exam Questions
4 questions
Total Time
About 35 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
44
Section 4.9: Root Hints and Root Zone
Summary
This section provides an overview of root hints and the root zone.
Students will learn how to:


Configure or delete a root zone.
Configure other DNS servers to point to your server via root hints.
Configuring Server 2008 Network Infrastructure Objectives

201. Configure a Domain Name System (DNS) server.
o Root hints
Lecture Focus Questions:




Why would you want to create a zone named . (dot)?
What is the purpose of the root hints file?
Why would you delete the root hints?
What is the name and location(s) of the root hints file on a Windows 2008
server?
Video/Demo
4.9.1 Root Hints
Time
4:26
Lab/Activity


Configure Root Hints
Create a Root Zone
Number of Exam Questions
5 questions
Total Time
About 20 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
45
Section 4.10: Zone Delegation
Summary
This section explores using zone delegation to divide DNS namespace into
separate zones.
Students will learn how to:

Manage zones through delegation.
Configuring Server 2008 Network Infrastructure Objectives

202. Configure DNS zones.
o Zone delegation
Lecture Focus Questions:



Why might you decide to use zone delegation?
What does a delegation identify?
What records are created when you delegate a domain?
Video/Demo
Time
4.10.1 DNS Zone Delegation
5:12
4.10.2 Delegating a Domain
5:21
Total
10:33
Lab/Activity


Delegate Domains
Create a Delegated Zone
Number of Exam Questions
1 question
Total Time
About 20 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
46
Section 4.11: DNS Features
Summary
This section discusses the following DNS features:



Aging and Scavenging
Methods for performing load balancing through DNS:
o DNS Round Robin
o Netmask Ordering
o Record Weighting
o Network Load Balancing (NLB)
Windows Server 2008 R2 command-line tools
Students will learn how to:


Configure DNS Round Robin.
Manage DNS from the command line.
Configuring Server 2008 Network Infrastructure Objectives


202. Configure DNS zones.
o Zone scavenging
204. Configure DNS replication.
o Round robin
Lecture Focus Questions:





How do stale records affect DNS server performance?
How does the no-refresh interval affect scavenging?
When is a DNS record considered stale?
What is the difference between DNS Round Robin and Network Load
Balancing?
How does convergence make NLB a dynamic solution?
Video/Demo
Time
4.11.1 DNS Refresh and Scavenging
2:58
4.11.3 DNS Round Robin
3:23
4.11.6 DNS Command-line Tools
Total
12:21
18:42
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
47
Lab/Activity

Configure DNS Round Robin
Number of Exam Questions
9 questions
Total Time
About 35 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
48
Section 4.12: New DNS Features
Summary
This section discusses new features for Windows Server 2008 and Windows
2008 R2:













Link-Local Multicast Name Resolution (LLMNR)
Background zone loading
IPv6 DNS Support
Read-only Domain Controller (RODC)
GlobalNames Zone
Global Query block List
Conditional Forwarding
Domain controller search
DNSSEC
Devolution
Cache Locking
Socket Pool
Auditing
Students will learn how to:



Configure DNS Devolution.
Configure DNS Cache Locking.
Configure DNS Socket Pools.
Configuring Server 2008 Network Infrastructure Objectives



201. Configure a Domain Name System (DNS) server.
o Conditional forwarding
o Socket pooling
o Cache locking
202. Configure DNS zones.
o GlobalNames
o DNS Security Extensions (DNSSEC)
205. Configure name resolution for client computers.
o Link-Local Multicast Name Resolution (LLMNR)
o DNS devolution
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
49
Lecture Focus Questions:






How does background loading have a positive effect on name resolution?
How can you ensure that a DNS response is from a valid server?
How does DNS Devolution simplify name resolution?
How can you defend against cache poisoning attacks?
What is the effect of enabling cache locking on Dynamic DNS?
What advantage is to be gained by using a larger DNS socket pool?
Video/Demo
Time
4.12.1 New 2008 DNS Features
4:11
4.12.2 DNS Devolution
3:46
4.12.3 Configuring DNS Devolution
4:16
4.12.4 Cache Locking and Socket Pools
3:06
4.12.5 Configuring DNS Cache Locking
5:47
4.12.6 Configuring Socket Pool
3:12
4.12.7 DNS Security (DNSSec)
4:36
Total
28:54
Number of Exam Questions
10 questions
Total Time
About 45 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
50
Section 4.13: Single-label Name Resolution
Summary
In this section students will learn how to configure a GlobalNames zone. Details
include:


Strategies to provide single-label name resolution:
o GlobalNames zone
o Link-Local Multicast Name Resolution (LLMNR)
o HOSTS file
Managing the GlobalNames zone
Students will learn how to:


Enable GlobalNames zone support.
Create a GlobalNames zone and add CNAME records to support singlelabel name resolution.
Configuring Server 2008 Network Infrastructure Objectives


202. Configure DNS zones.
o GlobalNames
205. Configure name resolution for client computers
o Configuring HOSTS file
o Link-Local Multicast Name Resolution (LLMNR)
Lecture Focus Questions:





When would you use the GlobalNames zone?
What type of records do you create in the GlobalNames zone?
How can you extend the GlobalNames zone across multiple forests?
Which strategies can you use to provide single-label name resolution for
IPv6 hosts?
When will a Windows client use LLMNR? What limitations does relying on
LLMNR have?
Video/Demo
Time
4.13.1 GlobalNames Zones and LLMNR
2:06
4.13.2 Configuring the GlobalNames Zone
8:50
Total
10:56
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
51
Lab/Activity

Configure a GlobalNames Zone
Number of Exam Questions
8 questions
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
52
Section 4.14: DNS Design
Summary
In this section students will learn the strategies and goals for designing DNS
namespace. They will also learn a variety of configuration options to use and
security considerations when designing a DNS solution. Details include:





The goals of Namespace design:
o Allow internal users to access internal resources.
o Allow external users to access external resources.
o Allow internal users to access external public resources.
o Prevent external users from accessing internal resources.
Methods to accomplish these goals:
o Same internal and external domain name
o Different internal and external domain names
o External domain name with an internal subdomain
DNS configuration options:
o Primary zone
o Secondary zone
o Reverse lookup zone
o Active Directory-integrated zone
o Caching-only server
o Zone delegation
o Forwarders
o Conditional forwarding
o Stub zone
o Root zone
o Root hints
o Dynamic DNS
o WINS-integrated zone
o GlobalNames zone
o Link-Local Multicast Name Resolution (LLMNR)
o HOSTS file
Goals for designing security for DNS
Methods to improve DNS security
Configuring Server 2008 Network Infrastructure Objectives


201. Configure a Domain Name System (DNS) server.
o Conditional forwarding
o Root hints
o Cache-only
202. Configure DNS zones.
o Zone types
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
53


o Active Directory integration
o Dynamic Domain Name System (DDNS)
o GlobalNames
o Zone delegation
o Reverse lookup zones
204. Configure DNS replication.
o DNS stub zones
o Securing zone transfer
205. Configure name resolution for client computers
o Link-Local Multicast Name Resolution (LLMNR)
Lecture Focus Questions:







When using internal and external DNS, what are the three possible
scenarios for the DNS namespace?
What are the advantages and disadvantages of each of the three
methods?
What are the goals of any split namespace design?
When should you use conditional forwarding instead of a standard
forward?
When should you use a WINS server instead of configuring a
GlobalNames zone?
How do Active Directory-integrated zones improve security and fault
tolerance of DNS data?
What type of zones should you use on DNS servers exposed to the public
network?
Video/Demo
4.14.1 DNS Namespace Design
Time
7:40
Number of Exam Questions
2 questions
Total Time
About 20 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
54
Section 5.1: Routing
Summary
In this section students will become familiar with routing concepts and the
commands to manage routing table entries. Details include:




NPAS includes the following role services:
o Network Policy Server (NPS)
o Remote Access Service
o Routing
o Health Registration Authority (HRA)
o Host Credential Authorization Protocol (HCAP)
Routing terminology:
o Router
o Static Route
o Route metric
o Default route
o Persistent route
Commands to manage routing table entries
Multicast routing details
Students will learn how to:


Install the RRAS components of the Network Policy and Access services.
Add and modify IPv4 and IPv6 routes through the command line or GUI.
Configuring Server 2008 Network Infrastructure Objectives

103. Configure Routing.
o Static routing
o Choosing a default gateway
Lecture Focus Questions:





Which role do you install on a Windows Server 2008 server to get the
routing component?
What is the purpose of a default route?
Under what circumstances can you most effectively use static routes?
What is the route add switch that allows you to make a route permanent?
What routes are automatically added to the routing table when routing is
enabled?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
55
Video/Demo
5.1.2 Routing Concepts
5.1.3 Installing Routing and Remote Access
5.1.4 Configuring Static Routes
Total
Time
10:27
2:07
13:52
26:26
Lab/Activity


Enable LAN Routing
Add Static Routes
Number of Exam Questions
10 questions
Total Time
About 50 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
56
Section 5.2: RIP
Summary
This section provides an overview of RIP dynamic routing protocols. Details
include:

Key features of RIP that can be configured:
o Packet protocol
o Authentication
o Route Filters
o Neighbors
o Timers
o Clean-up updates
o VLSM support
Students will learn how to:


Configure RIP by adding the RIP protocol and adding interfaces to run
RIP.
Configure RIP sending and receiving protocols, filters, and neighbor lists.
Configuring Server 2008 Network Infrastructure Objectives

103. Configure Routing.
o Routing Internet protocol (RIP)
o Maintaining a routing table
Lecture Focus Questions:






What is the difference between static and dynamic routing?
What routing protocols does Windows Server 2008 support?
What is the difference between RIP version 2 and RIP? Why has RIP
version 2 become the standard?
What is Silent RIP and how does it affect learning and sharing routes?
What affect does configuring neighbors have on RIP broadcasts and
multicasts?
What is route summarization?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
57
Video/Demo
Time
5.2.1 Dynamic Routing
4:20
5.2.2 Configuring RIP
3:16
Total
7:36
Lab/Activity

Configure RIP Routing
Number of Exam Questions
9 questions
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
58
Section 5.3: Demand-dial Routing
Summary
This section discusses the processes to establish demand-dial routing to connect
two networks through a link that is available on demand. Details include:




The process to establish a demand-dial link
Details about using demand-dial connections
Features of demand-dial routing:
o Demand-dial filters
o Packet filters
o Auto-static routing
Configuring and enabling demand-dial routing
Students will learn how to:


Use the Routing and Remote Access wizard to configure demand-dial
routing.
Configure auto-static routing for RIP.
Configuring Server 2008 Network Infrastructure Objectives


103. Configure Routing.
o Demand-dial routing
301 Configure remote access.
o Packet filters
Lecture Focus Questions:





How is a demand-dial link established?
What is the difference between dial-in and dial-out credentials?
How do demand-dial filters differ from packet filters?
Which filter type would you configure to prevent a specific traffic type from
using a demand-dial link?
Why is auto-static routing important when using demand-dial routing?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
59
Video/Demo
Time
5.3.1 Demand-dial Routing
4:17
5.3.2 Configuring Demand-dial Routing
6:59
Total
11:16
Lab/Activity


Configure Demand Dial Routing
Configure Auto-static Routing
Number of Exam Questions
5 questions
Total Time
About 30 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
60
Section 5.4: ICS and NAT
Summary
In this section students will learn the basics of using Internet Connection Sharing
(ICS) and Network Address Translation (NAT) to share an Internet connection
with an internal private network.


NAT allows you to connect a private network to the Internet without
obtaining registered addresses for every host.
Configuring NAT
Students will learn how to:



Configure a server as a NAT router.
Configure a NAT router to provide DHCP and DNS proxy services.
Configure address and port mappings in NAT.
Configuring Server 2008 Network Infrastructure Objectives

301. Configure remote access.
o Network Address Translation (NAT)
Lecture Focus Questions:





What does a NAT router do?
What are the address ranges you can use when you deploy NAT?
How can NAT provide security for a private network?
What changes take place automatically to the TCP/IP settings when you
enable ICS on an interface?
What are the limitations of using ICS over NAT? When would ICS be a
good choice? When must you use NAT instead of ICS?
Video/Demo
Time
5.4.1 ICS and NAT
6:18
5.4.2 Configuring NAT
6:26
Total
12:44
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
61
Lab/Activity

Configure NAT
Number of Exam Questions
3 questions
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
62
Section 6.1: Remote Access Concepts
Summary
Students will learn concepts of the Remote Access process. Details include:




Remote access connections
o Point-to-point (PPP) for a dial-up connection
o Virtual Private Network (VPN) use a tunneling protocol that wraps
and protect packets in transit
o VPN protocols supported by Windows Server 2008 and Vista
 Point-to-Point Tunneling Protocol (PPTP)
 Layer Two Tunneling Protocol (L2TP)
 Secure Socket Tunneling Protocol (SSTP)
Authentication protocols:
o Password Authentication Protocol (PAP)
o Challenge Handshake Authentication Protocol (CHAP)
o Microsoft Challenge Handshake Authentication Protocol version 2
(MS-CHAP v2)
o Extensible Authentication Protocol-Transport Layer Security (EAPTLS)
The role of remote access authorization
Remote access is allowed or denied based on components of network
policies:
o Conditions
o Constraints
o Permissions
o Settings
Configuring Server 2008 Network Infrastructure Objectives

301. Configure remote access.
o Remote Access Policy
o VPN protocols such as Secure Socket Tunneling Protocol (SSTP)
and IKEv2
o RAS authentication by using MS-CHAP, MS-CHAPv2, EAP
Lecture Focus Questions:





Which VPN protocols does Windows Server 2008 support?
Which authentication protocols support smart card use?
What makes CHAP vulnerable to security breaches?
What is the difference between authorization and authentication?
What is the server's response to a connection that doesn't match the
conditions for a policy?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
63




What is the difference between constraints and conditions? How are they
similar?
What happens to a connection that matches the policy conditions but not
the policy constraints? How many other policies will be checked in this
scenario?
Where does the server find the permissions for a connection?
What must occur before settings are applied?
Video/Demo
Time
6.1.1 Remote Access Connections
3:35
6.1.3 Remote Access Authentication
4:39
6.1.5 Remote Access Authorization
2:59
Total
11:13
Number of Exam Questions
5 questions
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
64
Section 6.2: Dial-up and VPN
Summary
This section explores configuring a Remote Access server to use Dial-up and
VPN connections. Details include:


Configuration tasks on the server to allow a remote client to connect to a
remote access server:
o Enable remote access
o Configure ports
o Configure addressing
o Configure network policies
Comparison of configuration settings for dial-up and VPN client
connections:
o General tab
o Options tab
o Security tab
o Networking tab
o Sharing tab
Students will learn how to:





Enable remote access on a Windows Server 2008 server.
Configure VPN ports on a server.
Control remote access by configuring network access policies.
Create a client dial-up connection.
Configure a client VPN connection.
Configuring Server 2008 Network Infrastructure Objectives

301. Configure remote access.
o Dial-up
o VPN reconnect
Lecture Focus Questions:



Which setting must you configure in Routing and Remote Access to allow
remote clients to access the private network, and not just the resources on
the remote access server?
What object in Routing and Remote Access identifies a logical connection
to the remote access server?
What are the ways that you can configure a remote access client to get an
address for the remote access connection?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
65




What role do network policies play when you configure the remote access
server?
How do network policy constraints differ from conditions? When would you
use the same setting in a constraint instead of a condition?
Why does the policy application order affect whether or not clients can
connect to a remote access server?
When viewing the properties of a network connection, when will the
Sharing tab be visible?
Video/Demo
6.2.1 Configuring a Remote Access Server
6.2.9 Creating Client Connections
Total
Time
14:52
9:57
24:49
Lab/Activity






Configure a Remote Access Server
Reconfigure a Server for Remote Access
Configure a VPN Server
Configure VPN Ports
Create a Network Access Policy 1
Create a Network Access Policy 2
Number of Exam Questions
11 questions
Total Time
About 75 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
66
Section 6.3: SSTP
Summary
This section examines using Secure Socket Tunneling Protocol (SSTP) to
establish a VPN connection. Details include:



SSTP features
SSTP client requirements
SSTP server requirements
Students will learn how to:



Request a server certificate for SSTP.
Configure a remote access server to allow SSTP connections.
Configure a VPN connection on a client computer to use SSTP.
Configuring Server 2008 Network Infrastructure Objectives

301. Configure remote access.
o VPN protocols such as Secure Socket Tunneling protocol (SSTP)
and IKEv2
Lecture Focus Questions:




What advantages does using SSTP have over using either PPTP or L2TP
for a VPN connection?
What ports must you open in a firewall to allow SSTP?
How can you ensure that the SSTP client trusts the SSTP server
certificate?
What client and server operating systems support SSTP?
Video/Demo
Time
6.3.1 SSTP
1:56
6.3.2 Configuring SSTP
5:56
Total
7:52
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
67
Number of Exam Questions
2 questions
Total Time
About 10 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
68
Section 6.4: CMAK
Summary
This section provides an overview of how the Connection Manager
Administration Kit (CMAK) is used to manage remote access for larger
deployments. Connection Manager is used to configure client remote access
connections. Connection settings are stored in profiles for either VPN or dial-up
connections. Details include:

Components of the Connection Manager:
o Connection Manager Administration Kit (CMAK)
o Connection Point Services
Configuring Server 2008 Network Infrastructure Objectives

301. Configure remote access.
o Connection Manager
Lecture Focus Questions:




What permissions do you need to create a profile?
How do profiles facilitate remote access connection configuration
deployment?
What methods can you use to distribute profiles to clients?
What does a phone book tell clients?
Video/Demo
6.4.1 Connection Manager Administration Kit (CMAK)
Time
1:15
Number of Exam Questions
2 questions
Total Time
About 5 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
69
Section 7.1: Network Location Profiles
Summary
This section provides a summary of using network location profiles to identify
network connection types. Details include:



Network profile types:
o Domain
o Public
o Private
Configuring profile settings manually
Enforcing profile settings
Students will learn how to:


Change the location type on a client computer.
Configure Network List Manager Policies to control client network
connections profiles.
Configuring Server 2008 Network Infrastructure Objectives

104. Configure Windows Firewall with Advanced Security.
o Configure firewall by using Group Policy
o Network location profiles
Lecture Focus Questions:




What are the characteristics of a Public network? Why is network
discovery disabled for the Public profile?
What are the firewall and antivirus software recommendations for the
Private profile?
How are security settings controlled in the Domain profile?
What can you control through the All Networks policy?
Video/Demo
Time
7.1.1 Network Location Profiles
1:31
7.1.2 Configuring Network List Manager Policies
6:00
Total
7:31
Total Time
About 10 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
70
Section 7.2: RADIUS
Summary
This section discusses using Remote Authentication Dial-In User Service
(RADIUS) to consolidate network policies for multiple servers to authenticate
remote access clients. Details include:



Components of a RADIUS solution:
o Remote access clients
o RADIUS client
o RADIUS server
o RADIUS proxy
o Remote RADIUS server group
o Network policies
o Connection request policies
o RADIUS Accounting
o NPS templates
o User account databases
o RADIUS messages
Configuring the components to configure a RADIUS solution:
o RADIUS server
o RADIUS client
o Remote access client
o RDIUS proxy
o RADIUS accounting
Best practices for configuring NPS for RADIUS
Students will learn how to:



Configure a remote access server as a RADIUS client.
Configure a RADIUS server.
Configure a RADIUS proxy by configuring Remote RADIUS Server groups
and Connection Request policies.
Configuring Server 2008 Network Infrastructure Objectives


301. Configure remote access.
304. Configure Network Policy Server (NPS)
o RADIUS accounting
o Connection Request policies
o RADIUS proxy
o NPS templates
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
71
Lecture Focus Questions:






When using a RADIUS solution, where are network access policies
configured?
What is the difference between a RADIUS client and a remote access
client?
Why would you implement a RADIUS proxy?
What is the difference between a RADIUS client and a RADIUS proxy?
What is the difference between a connection request policy and a network
access policy?
How does the RADIUS proxy use the remote RADIUS server group when
processing authentication requests?
Video/Demo
Time
7.2.1 RADIUS
3:57
7.2.2 Installing the NPS Role
2:08
7.2.3 Configuring RADIUS
6:25
Total
12:30
Lab/Activity



Configure a RADIUS Server
Configure a RADIUS Client
Configure a RADIUS Proxy
Number of Exam Questions
9 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
72
Section 7.3: Network Access Protection (NAP)
Summary
This section examines how NAP can be used to regulate network access or
communication based on a computer’s compliance with health requirement
policies. Details include:



Features of NAP
o Health state validation
o Health policy compliance
o Limited access network
Components that comprise the NAP system:
o NAP Client
o NAP Server
o Enforcement Server (ES)
o Remediation Server
Configuring NAP requires:
o Configuring the NAP server
o Configuring the client computer
o Configuring the following enforcement points:
 DHCP
 VPN
 802.1x
 Remote Desktop Gateway
 IPsec
Students will learn how to:



Configure a DHCP server as an enforcement point.
Configure SHV settings, remediation server groups, health policies, and
network policies for NAP.
Enable NAP enforcement on a client computer.
Configuring Server 2008 Network Infrastructure Objectives

302. Configure Network Access Protection (NAP).
o DHCP enforcement
o VPN enforcement
o Configure NAP health policies
o IPsec enforcement
o Multi-configuration System Health Validator (SHV)
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
73
Lecture Focus Questions:







Why is a non-compliant computer not necessarily an immediate security
threat?
What happens to a computer that receives a limited access health state
validation?
What functions are performed by the System Health Validator (SHV)?
Which NAP component do you modify to identify the health checks that
should be performed?
How do remediation servers and auto-remediation help clients become
compliant?
Which enforcement method uses Connection Authorization Policies?
Which one uses Connection Request Policies? Which one uses a Health
Registration Authority (HRA)?
What type of communication occurs in the boundary network when using
IPsec enforcement?
Video/Demo
7.3.1 Network Access Protection (NAP)
Time
4:53
7.3.3 Configuring DHCP Enforcement
15:56
7.3.4 Configuring VPN Enforcement
13:03
7.3.5 NAP Enforcement Configuration
Total
8:16
42:08
Number of Exam Questions
17 questions
Total Time
About 65 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
74
Section 7.4: Network Authentication
Summary
In this section students will learn network authentication mechanisms for logging
on to the server or domain. Details include:





Kerberos authentication and authorization
NTLM authentication and authorization
Conditions of when to use different authentication methods:
o Kerberos
o NTLM v2
o NTLM or LM
Best practices regarding configuring domain authentication
Kerberos policy settings:
o Enforce user logon restrictions
o Maximum lifetime for service ticket
o Maximum lifetime for user ticket
o Maximum lifetime for user ticket renewal
o Maximum tolerance for computer clock synchronization
Students will learn how to:

Configure Group Policy to enforce the use of NTLMv2 for authentication.
Lecture Focus Questions:




What advantages does Kerberos have over NTLM? What disadvantages
does it have compared to NTLM?
What are the conditions for running NTLMv2?
When can you deploy Kerberos?
When should you use NTLM instead of NTLMv2?
Video/Demo
Time
7.4.1 LAN Authentication
1:49
7.4.2 Configuring LAN Authentication
2:41
Total
4:30
Lab/Activity

Enforce NTLM v2
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
75
Number of Exam Questions
1 question
Total Time
About 15 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
76
Section 7.5: Firewall
Summary
This section discusses the specifics of managing a firewall. Details include:








Tools you can use to manage the firewall:
o Windows Firewall (in Control Panel)
o Windows Firewall with Advanced Security
Features of Windows Firewall with Advanced Security:
o Profiles
o Firewall rules
o Connection security rules
o Monitoring
o Policies
Use Window Firewall with Advanced Security to create the following types
of inbound and outbound rules:
o Program rule
o Port rule
o Predefined rule
o Custom rule
Types of connection security rules:
o Isolation
o Authentication exemption
o Server-to-server
o Tunnel
o Custom
Action options that apply to the traffic which meet the rule’s conditions:
o Allow the connection
o Block the connection
o Allow the connection if it is secure
Options that can be configured for network profiles:
o Firewall state
o Inbound connections
o Outbound connections
Tips for managing firewall settings
Port numbers for common services
Students will learn how to:



Use the Basic Firewall to allow traffic based on port, protocol, or
application.
Use the Windows Firewall with Advanced Security to manage custom
firewall rules.
Use Group Policy to enforce firewall rules.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
77
Configuring Server 2008 Network Infrastructure Objectives

104. Configure Windows Firewall with Advanced Security.
o Inbound and outbound rules
o Custom rules
o Authorized users
o Authorized computers
o Configure firewall by using Group Policy
o Network location policies
o Isolation policy
o Connection security rules
Lecture Focus Questions:






When must you use the Advanced Firewall instead of the Basic Firewall?
When would you configure a custom exception?
What does the exception scope do?
What are the components of a policy?
Why should you allow traffic based on application instead of port when
possible?
How can a policy help you maintain security integrity in your network?
Video/Demo
7.5.1 Windows Firewall
7.5.3 Configuring Windows Firewall with Advanced Security
7.5.4 Configuring Firewall GPO Settings
Total
Time
4:04
14:07
2:39
20:50
Number of Exam Questions
11 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
78
Section 7.6: IPsec
Summary
This section provides the details of how Internet Protocol Security (IPsec)
protects IP packets during transmission. Details include:





IPsec protocols:
o Authentication Header (AH)
o Encapsulating Security Payload (ESP)
o Internet Key Exchange (IKE)
o Authenticated IP (AuthIP)
Phases to establish the IPsec connection:
o Phase 1 (Main Mode)
o Phase 2 (Quick Mode)
Protocols supported for configuring IPsec:
o Integrity:
 SHA1
 MD5
o Encryption:
 AES-256
 AES-192
 AES-128
 3DES (Triple-DES)
 DES
o Key exchange:
 Elliptic Curve Diffie-Hellman P-384
 Elliptic Curve Diffie-Hellman P-256
 Diffie-Hellman Group 14
 Diffie-Hellman Group 2
 Diffie-Hellman Group 1
Authentication:
o Kerberos
o NTLMv2
o Computer certificates, including health certificates
o Preshared key
Configuring IPsec through Windows Firewall with Advanced Security
console
Students will learn how to:


Configure connection security rules by determining the rule type,
requirements, authentication method, and profile(s) to which the rule
applies.
Monitor connection security rules and security associations.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
79
Configuring Server 2008 Network Infrastructure Objectives

104. Configure IPsec.
o IPsec group policy
Lecture Focus Questions:








Under which circumstances should you not use Authentication Header
(AH)?
What additional services does Encapsulating Security Payload (ESP)
provide over AH?
What is the difference between data integrity and data confidentiality?
What method is used to provide data integrity? What method provides
confidentiality?
What enhancements does AuthIP provide over IKE? What are the
requirements for using AuthIP?
What are the phases of an IPsec connection?
What does the key lifetime affect?
What function is performed by the Diffie-Hellman protocol?
Video/Demo
Time
7.6.1 IPsec
6:14
7.6.3 IPsec Connection Security Rules
3:13
7.6.4 Configuring IPsec
7:17
7.6.6 IPsec Improvements
3:16
Total
20:00
Number of Exam Questions
10 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
80
Section 7.7: DirectAccess
Summary
This section discusses using DirectAccess as an automatic connectivity solution.
Details include:






A comparison of a VPN solution to a DirectAccess solution
The support that DirectAccess provides
DirectAccess connection methods:
o Full enterprise network access (end-to-edge)
o Selected server access (modified end-to-edge)
o End-to-end
The process that the DirectAccess client uses to connect to intranet
resources
DirectAccess requirements for the:
o Infrastructure
o Server
o Client
Configuration details for DirectAccess components:
o Server
o Client side
Configuring Server 2008 Network Infrastructure Objectives

303. Configure DirectAccess.
o IPv6
o IPsec
o Server requirements
o Client requirements
Lecture Focus Questions:




What are the advantages of using DirectAccess to access corporate file
servers?
What is the difference between full enterprise network access and
selected server access?
What are the requirements for a DirectAccess server?
How does the client's IP address configuration affect how the client sends
traffic to the DirectAccess server?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
81
Video/Demo
7.7.1 DirectAccess
Time
9:00
Number of Exam Questions
13 questions
Time
About 30 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
82
Section 8.1: File Services
Summary
This section explores installing the File Services role to manage network file
sharing.


When installing the File Services role, the following role services are
available to choose from:
o File Server
o Distributed File System (DFS)
o File Server Resource Manager (FSRM)
o Services for Network File System (NFS)
o Windows Search Service
o Windows Server 2003 File Services
o BranchCache for network files
Managing file services on the server includes the following features and
options:
o NTFS permissions
o NTFS quotas
o Shadow copies
o Server Backup (added as a server feature)
o Storage Manager for SANs (added as a server feature)
Configuring Server 2008 Network Infrastructure Objectives

401. Configure a file server.
o File share publishing
o Branch Cache
o NTFS permissions
Lecture Focus Questions:




What features are provided by File Server Resource Manager (FSRM)?
What does file screening allow you to do?
When might you use Services for Network File System (NFS)?
What role service would you add to allow replication for DFS with nonWindows Server 2008 servers?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
83
Video/Demo
8.1.1 Installing the File Services Role
Time
3:01
Number of Exam Questions
1 question
Total Time
About 5 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
84
Section 8.2: File Shares
Summary
This section discusses creating and managing shared folders. Details include:



Tools to create or manage shared folders:
o Windows Explorer
o Shared Folder snap-in
o Share and Store Management snap-in
o Command line
A comparison of shared folder permissions and roles
Facts about shared folders
Students will learn how to:


Configure and manage shared folders and files.
Restrict share access through share permissions and user limits.
Configuring Server 2008 Network Infrastructure Objectives

401. Configure a file server.
o File share publishing
o Share permissions
o NTFS permissions
o Access-based Enumeration (ABE)
o Share and Storage Management console
Lecture Focus Questions:






What permissions do you need to share a folder or configure share
permissions?
What is the difference between the read permission and the change
permission?
How does using access-based enumeration on shared folders modify
what users can see?
What tools are available to you to create and manage shares?
What is the effect of appending $ to a share name?
What shared folder features can you manage in the Share and Storage
Management console vs. the Shared Folder snap-in?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
85
Video/Demo
8.2.1 File Share Concepts
8.2.2 Sharing Folders
8.2.3 Using Share and Storage Management Console
Total
Time
4:19
11:05
4:47
20:11
Lab/Activity


Share a Folder with a Second Name
Remove a Shared Folder
Number of Exam Questions
7 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
86
Section 8.3: Offline Files
Summary
This section provides information about using offline files to work with documents
in shared folders even when the user is not connected to the network.
Students will learn how to:



Configure caching options for offline files, including automatic caching of
files and caching of applications.
Configure offline availability on the client.
Manage synchronization settings through the Sync Center.
Configuring Server 2008 Network Infrastructure Objectives

401. Configure a file server.
o Offline Files
Lecture Focus Questions:





How does the offline files feature ease file management for mobile users?
What happens to NTFS permissions on cached copies of files?
How does synchronization affect files?
What steps can you take to reconcile synchronization conflicts?
What is the result of encrypting the offline files cache with the user key?
What security vulnerability does this resolve?
Video/Demo
8.3.1 Enabling Offline Files
Time
12:54
Lab/Activity


Enable Share Caching
Disable Share Caching
Number of Exam Questions
1 question
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
87
Section 8.4: NTFS Permissions
Summary
This section explores using NTFS permissions to control access to folders and
files on an NTFS partition. Details include:







Permissions for folders and files:
o Read
o Write
o List Folder Contents
o Read & Execute
o Modify
o Full Control
Special permissions
How file ownership affects access and assigning permissions
The effects of copying or moving files with NTFS permissions
Effective permissions are the sum of all permissions from the following
sources:
o Explicit assignment
o Group membership
o Inheritance
Examples of effective NTFS permissions
Suggestions for planning NTFS permissions
Students will learn how to:




Configure NTFS permissions.
Copy, remove, and modify inherited permissions.
Identify the effective permissions a user has to a file or folder.
Change file or folder ownership.
Configuring Server 2008 Network Infrastructure Objectives

401. Configure a file server.
o NTFS permissions
Lecture Focus Questions:



When do NTFS permissions apply?
What are the differences between the NTFS Full Control permission and
the Modify permission?
Which permission assignment overrides all other permission
assignments?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
88




What is the advantage of the Take Ownership right? When can you use
this right to the greatest effect?
What happens to permissions when a file with NTFS permissions is
moved to a non-NTFS partition?
How might a user end up with more NTFS permissions to a folder than
what appear on the access control list for that user?
How can you prevent a member of a group from getting the NTFS
permissions assigned to the group without removing the user from the
group?
Video/Demo
8.4.1 NTFS Permissions
8.4.2 Configuring NTFS Permissions
Total
Time
6:07
13:11
19:18
Lab/Activity


Configure NTFS Permissions
Remove Inherited Permissions
Number of Exam Questions
3 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
89
Section 8.5: Share and NTFS Permissions
Summary
In this section students will learn how share permissions and NTFS permissions
work together to control access.
Students will learn how to:

Configure combined NTFS and share permissions.
Configuring Server 2008 Network Infrastructure Objectives

401. Configure a file server.
o Share permissions
o NTFS permissions
Lecture Focus Questions:




What are the differences and similarities between NTFS permissions and
share permissions?
What strategy can you use to combine NTFS and share permissions?
Why should you assign permissions to groups rather than users?
How do logged on users get updated permissions?
Video/Demo
8.5.1 Share and NTFS Permissions
Time
4:51
Lab/Activity



Configure Share Permissions
Configure NTFS and Share Permissions 1
Configure NTFS and Share Permissions 2
Number of Exam Questions
5 questions
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
90
Section 8.6: EFS
Summary
This section discusses using Encrypting File System (EFS) to encrypt a file or
folder. Details include:









Operating systems in which EFS is available:
o Windows Server 2008
o Windows Vista Business
o Windows Vista Enterprise
o Windows Vista Ultimate
Requirements to encrypt a file or folder:
o Must have Write permissions to a file or folder
o Cannot encrypt System or Read-only files
o Cannot encrypt and compress a file or folder at the same time
Users who can open an encrypted file:
o The user who originally encrypted the file
o Additional users who have been designated as additional users
o Designated recovery agents (DRAs)
Implementing encryption
Recovering encrypted files
Moving or copying encrypted files
Enforcing encryption settings for offline files
Rules to determine the encrypted state of a file
Tips when saving encrypted files on a remote computer
Students will learn how to:




Encrypt or decrypt a file or folder.
Add authorized users to allow encrypted file access.
Designate DRAs for file recovery.
Configure EFS settings in Group Policy.
Configuring Server 2008 Network Infrastructure Objectives

401. Configure a file server.
o Encrypting file system (EFS)
Lecture Focus Questions:




What is the importance of the DRA in the encryption process?
Which users have access to encrypted files and folders?
What is the relationship between encryption and compression?
What is the significance of encrypting the pagefile?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
91

How does Rekeywiz affect your encryption deployment?
Video/Demo
8.6.1 EFS
8.6.2 Managing Encrypted Files
Total
Time
4:27
13:24
17:51
Lab/Activity

Encrypt a Folder
Number of Exam Questions
7 questions
Total Time
About 35 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
92
Section 8.7: BitLocker
Summary
This section examines using BitLocker to protect unauthorized data access on
lost or stole laptops or other compromised system. Details include:






The role of BitLocker
Components of BitLocker
o BitLocker partition
o Trusted Platform Module (TPM)
o USB device
o BIOS support
How BitLocker differs from the EFS
BitLocker configuration involves creating the following security
components:
o TPM owner password
o Recovery key
o PIN
o Startup key
o Data volume key
o Data Recovery Agent
BitLocker modes which determine the security level:
o TPM-only
o TPM with startup key
o TPM with PIN
o TPM with PIN and startup key
o Without a TPM
Configuring and managing BitLocker
Students will learn how to:



Generate recovery keys and create a BitLocker DRA.
Configure BitLocker to implement BitLocker without a TPM.
Configure BitLocker To Go to deny write access to unauthorized USB
flash devices.
Configuring Server 2008 Network Infrastructure Objectives

401. Configure a file server.
o BitLocker
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
93
Lecture Focus Questions:





What is the difference between suspending protection and decrypting the
drive?
When implementing BitLocker, why is it a good idea to run a system check
before encrypting the drive?
What is the difference in function between BitLocker and BitLocker To
Go?
When using BitLocker what are the requirements of the Trusted Platform
Module? How can you implement BitLocker without a TPM?
What will happen when BitLocker is enabled but then you lose the USB
flash device which holds the key?
Video/Demo
Time
8.7.1 BitLocker
4:54
8.7.3 BitLocker Configuration
4:27
8.7.4 Implementing BitLocker without a TPM
4:25
8.7.5 Configuring BitLocker Recovery Agents
4:08
Total
17:54
Number of Exam Questions
12 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
94
Section 8.8: BranchCache
Summary
This section discusses using BranchCache to store content in remote location so
that users in branch offices can access information more quickly. Details include:





The role of BranchCache
BranchCache operates in one of the following modes:
o Hosted Cache
o Distributed Cache
Configuration of BranchCache:
o Content server
o Hosted cache server
o Distributed cache mode
Configuring BranchCache clients
Tools to configure BranchCache on branch office client computers:
o Netsh
o Group Policy
o Windows Firewall with Advance Security
Students will learn how to:



Configure BranchCache clients.
Install and configure a BranchCache content server.
Install and configure a BranchCache hosted cache server.
Configuring Server 2008 Network Infrastructure Objectives

401. Configure a file server
o BranchCache
Lecture Focus Questions:






Under which circumstances should you enable distributed cache mode
versus hosted cache mode?
How does BranchCache treat traffic while in transit?
When would you choose to configure BranchCache using Group Policy
rather than netsh?
When BranchCache settings have been configured using both the netsh
command and Group Policy, which settings take precedence?
Why does a hosted cache server need an enrolled server certificate from
a trusted CA?
What is the difference between the BranchCache feature and the
BranchCache for network files role service?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
95
Video/Demo
Time
8.8.1 BranchCache
4:56
8.8.3 BranchCache Configuration
6:48
8.8.4 Configuring BranchCache
2:25
Total
14:09
Number of Exam Questions
11 questions
Total Time
About 35 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
96
Section 8.9: Distributed File System (DFS)
Summary
This section explores using DFS to logically organize shared folders on multiple
servers into a single logical folder hierarchy called a namespace. Details include:





DFS includes the following namespace components:
o Namespace
o Namespace server
o Namespace root
o Folder
Components to control replication
o Replication group
o Replicated folder
o Connection
DFS configuration
Types of namespace:
o Stand-alone
o Domain-based
Configuring a Replication Group
Students will learn how to:



Create stand-alone or domain-based DFS namespaces.
Add folders and folder targets to a namespace.
Configure DFS replication by creating replication groups and replicated
folders.
Configuring Server 2008 Network Infrastructure Objectives

402. Configure Distributed File System (DFS).
o DFS namespace
o DFS configuration and application
o Creating and configuring targets
o DFS replication
o Read-only replicated folder
o Failover cluster support
o Health reporting
Lecture Focus Questions:


What is the advantage of a domain-based namespace over a stand-alone
namespace?
What is the role of a namespace server?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
97





How can you achieve fault tolerance using DFS?
What role do connections play in DFS replication?
When can you add a failover cluster to a DFS replication group?
How can you prevent users from adding or change files in a replicated
folder?
How can hides files and folders that users do not have permission to
access?
Video/Demo
Time
8.9.1 DFS
7:23
8.9.2 New DFS Features
4:51
8.9.4 Enabling DFS
9:17
8.9.5 Configuring DFS Read-Only Replicated
Folders and Access Based Enumeration
3:49
Total
25:20
Lab/Activity

Create a DFS Structure
Number of Exam Questions
11 questions
Total Time
About 50 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
98
Section 8.10: Shadow Copy
Summary
This section covers using shadow copy to make copies of files at regular
intervals. This allows you to take a snapshot of files and shared folders which
can be used at a later date to recover previous versions of a file or recover a
deleted file. Details include:


Facts about using shadow copies
Recommendations for using shadow copies
Students will learn how to:




Enable shadow copies on a volume.
Configure shadow copy settings, including storage location, size, and
schedule.
Create snapshots.
Save, copy, or restore previous versions of files.
Configuring Server 2008 Network Infrastructure Objectives

403. Configure shadow copy services.
o Restoring data
o Shadow copy services
Lecture Focus Questions:






How much disk space do shadow copies take by default?
What is the maximum number of shadow copies the system stores? What
happens when the system reaches this limit?
What happens to NTFS permissions when you restore a file? When you
copy a file?
Why is it recommended that you place shadow copies on different
volumes?
How should client work patterns affect your shadow copies schedule?
What is the relationship between shadow copies and regular backups?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
99
Video/Demo
Time
8.10.1 Shadow Copy Services
3:09
8.10.2 Enabling Previous Versions
5:45
Total
8:54
Lab/Activity

Enable Shadow Copies
Number of Exam Questions
9 questions
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
100
Section 8.11: Backup and Restore
Summary
In this section students will become familiar with Windows Server Backup which
is used to provide backup and recovery for Windows Server 2008 and replaces
NTbackkup.exe. Details include:






Using Windows Server Backup
Windows Server Backup provides three ways to run backups:
o Windows Server Backup MMC snap-in
o Wbadmin from the command line
o PowerShell cmdlets for Windows Server Backup
Volume options you can select for Windows Server Backup:
o Full Server
o Critical volumes/Bare metal recovery
o System state
o Individual volumes
o Folders or file
Storage type for Windows Server Backup:
o Internal disk
o External disk
o Shared folder
o DVD, other optical, or removable media
Types of backups you can perform using Windows Server Backup:
o Automatic backup
o Manual backup
o Scheduled backup
o System state backup
Tools to perform a system recovery:
o Files and folders
o Volumes
o Applications
o Backup catalog
o Operating system or full server
o System state
Students will learn how to:




Install the Windows Server Backup features.
Configure a regular backup schedule.
Configure and run a Backup Once backup operation.
Restore a backup, restoring the full server, volume or selected folders and
files.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
101
Configuring Server 2008 Network Infrastructure Objectives

403. Configure backup and restore.
o Backup types
o Backup schedules
o Managing remotely
o Restoring data
o Volume snapshot services (VSS)
o Bare metal restore
Lecture Focus Questions:




Which backup storage device would you choose if you wanted to be able
to restore individual folders or files?
What storage types are available when using automatic backups?
What happens to a local disk when you designate it for use by Windows
Server Backup?
How can you create automatic backups with a frequency less than once a
day?
Video/Demo
Time
8.11.1 Server Backup
5:20
8.11.2 Using Windows Server Backup
7:22
8.11.3 Performing a Bare Metal Restore
5:42
Total
18:24
Lab/Activity

Back Up a Server
Number of Exam Questions
17 questions
Total Time
About 50 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
102
Section 8.12: Disk Quotas
Summary
This section examines using disk quotas to restrict the amount of disk space
user’s files can use on an NTFS volume. Disk quotas are set up per volume and
per user and cannot be configured using groups.
Students will learn how to:



Configure disk quotas and enforce quota limits.
Add quota entry exceptions for specific users.
Enable quota logging for warning levels.
Configuring Server 2008 Network Infrastructure Objectives

404. Manage file server resources.
o Quota by volume or quota by user
o Quota entries
Lecture Focus Questions:






Are disk quotas configured on disks, volumes, folders, or files?
What effect does compressing files have on the disk quota limit?
What actions can be taken when a user exceeds the disk quota limit?
How can you have a disk quota configured, but still allow users to exceed
the quota limits?
What conditions must be met before you can delete a disk quota entry?
Which user is exempt from disk quotas?
Video/Demo
8.12.1 Configuring Disk Quotas
Time
2:40
Lab/Activity



Enable Quota Restrictions
Create a Quota Entry
Modify Quota Limits
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
103
Number of Exam Questions
5 questions
Total Time
About 25 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
104
Section 8.13: FSRM Features
Summary
This section explores using the File Server Resource Manager (FSRM) snap-in
to manage folder and volume quotas. Details include:


FSRM features:
o Quotas
o Notifications
o File Screening
o Storage Reports
o File Classification
o File Management
Methods for configuring quotas:
o NTFS Disk Quotas
o Folder and Volume Quotas
Students will learn how to:







Configure volume and folder quotas
Create quota templates.
Configure file screens and file screen exceptions.
Create custom file groups.
Generate FSRM reports for both quotas and overall file system use.
Schedule FSRM reports.
Assign file classification information to files.
Create file management tasks.
Configuring Server 2008 Network Infrastructure Objectives

404. Manage file server resources.
o FSRM
o Quota entries
o Quota templates
o File classification
o File management tasks
o File screening
Lecture Focus Questions:



What are the primary differences between disk quotas and quotas
implemented through FSRM?
How does a soft quota differ from a hard quota?
How do quota templates facilitate quota management?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
105




What is the difference between a quota and a file screen?
How is an active file screen more restrictive than a passive file screen?
How can you automatically assign classification information to files?
What can you accomplish with the file expiration task?
Video/Demo
Time
8.13.1 FSRM Quotas and File Screening
5:46
8.13.2 FSRM File Classifications and Management
6:06
8.13.3 Configuring FSRM Quotas and File Screening
8:57
8.13.4 Configuring FSRM File Classifications and Management
8:40
Total
29:29
Number of Exam Questions
15 questions
Total Time
About 50 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
106
Section 8.14: Print Services
Summary
In this section students will learn how to manage print services on a Windows
Server 2008 system by installing the Print and Document Services role. Details
include:







Key definitions:
o Print server
o Printer
o Print device
o Print driver
o Print queue
o Printer port
Managing printing on a Windows Server 2008 R2
Services that the Print and Document Services role is composed of:
o Print server
o LPD Service
o Internet Printing
o Distributed Scan Server
Facts about Print and Document Services
The role of Print Management
Configuring printers
Features to be aware of when managing printing:
o Printer permissions
o Printer pooling
o Multiple printer objects
o List in Active Directory
o Deploy with Group Policy
o Export/import printer
o Manage print drivers
o Manage documents in the print queue
o Location-aware printing
o Print driver isolation
o Client-Side Rendering (CSR)
Students will learn how to:



Install the Print and Document Services role.
Create and share a printer.
Modify printer properties, including the following:
o Sharing
o Listing in Active Directory
o Adding ports
o Modifying security permissions
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
107


o Enabling pooling
o Scheduling availability
o Designating priority
Deploy printers using Group Policy.
Manage the default printer based on the location.
Configuring Server 2008 Network Infrastructure Objectives

405. Configure and monitor print services.
o Printer share
o Publish printers to Active Directory
o Printer permissions
o Deploy printer connections
o Install print drivers
o Export and import print queues an printer settings
o Print pooling
o Print priority
o Print driver isolation
o Location-aware printing
o Print management delegation
Lecture Focus Questions:








What is the difference between a print device and a printer?
When would you add the LPD service when configuring the Print Services
role?
For which physical printing configurations would you choose a local printer
when adding a printer? When would you choose a network printer?
Under which circumstances would you configure a printer to use multiple
print devices? When would you configure multiple printers for a single print
device?
How can you ensure important print jobs will automatically be printed
before any other print jobs?
How do clients obtain the correct driver for shared printers?
When would you choose to isolate a print driver?
What is the advantage of location-aware printing?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
108
Video/Demo
Time
8.14.1 Print Services
7:15
8.14.2 Installing the Print Services Role
1:49
8.14.4 Configuring Printing
14:03
8.14.5 Migrating Print Server and Configuring Print Driver Isolation
3:44
8.14.6 Delegating Printer Management
3:19
8.14.7 Configuring Location Aware Printing
2:23
Total
32:33
Lab/Activity



Create and Share a Printer
Configure Printer Pooling
Restrict Printer Access
Number of Exam Questions
26 questions
Total Time
About 80 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
109
Section 9.1: WSUS
Summary
This section discusses how Windows Server Update Services (WSUS) allows
you to configure a server on your intranet as a centralized point for updating
software. Details include:






The advantages of using WSUS
Components that WSUS uses:
o Microsoft Update
o Windows Server Update Services (WSUS) server
o Automatic Update
Deployment scenarios for WSUS:
o Single WSUS server
o Multiple independent servers
o Multiple synchronized servers
o Disconnected WSUS server
Microsoft Update and WSUS support updating many Microsoft products,
including:
o Window operating systems
o Exchange Server
o SQL Server
o Microsoft Office
Criteria for controlling updates:
o Product family
o Update classification
o Language
Configuring WSUS on the server:
o Installation
o Configure the server
o Approve updates
o Add downstream servers
Students will learn how to:




Install WSUS and configure a WSUS server to download updates from
Microsoft Update.
Synchronize and approve updates.
Configure a child server as a replica of an upstream server.
Run reports to view client and update information.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
110
Configuring Server 2008 Network Infrastructure Objectives

501. Configure Windows Server Update Services (WSUS) server settings.
o Update type selection
o Client settings
o Software updates
o Test and approval
o Disconnected networks
Lecture Focus Questions:





How do clients receive updates in the absence of WSUS? What are the
disadvantages that this method poses for your network?
When should you deploy multiple, independent WSUS servers? How is
this configuration similar to a single WSUS server?
How would you deploy WSUS when an Internet connection is not allowed
for an isolated network?
How does the Store updates locally setting affect where client computers
go to get update files?
What is the difference between synchronizing updates, downloading
updates, and approving updates?
Video/Demo
Time
9.1.1 WSUS
8:11
9.1.3 Installing the WSUS Role
6:27
9.1.4 Configuring WSUS Server Settings
7:01
9.1.5 Configuring a Downstream Server
3:06
9.1.6 Viewing WSUS Reports
4:22
Total
29:07
Number of Exam Questions
4 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
111
Section 9.2: Client Configuration
Summary
This section covers WSUS Client Configuration and Targeting. Each client
computer must have the Automatic Updates client software to use automatic
updates. Targeting allows you to manage deployment of updates to specific
computers through the use of groups. Details include:





Automatic Update policies:
o Configure Automatic Updates
o Specify intranet Microsoft Update service location
o Enable client-side targeting
o Reschedule Automatic Updates Scheduled Installations
o No auto-Restart For Scheduled Automatic Updates and
Installations
o Automatic updates detection frequency
o Allow automatic Updates immediate installation
o Delay restart of schedule installations
o Re-prompt for restart with scheduled installations
o Allow non-administrators to receive update notifications
o Do not display ‘Install Updates and Shut Down’ option in Shut
Down Windows dialog box
Download of updates options:
o Automatic
o Notification
Installation of updates options:
o Automatic (Scheduled)
o Notification
The role of targeting
Methods to assign client computers to a group:
o Server-side targeting
o Client-side targeting
Students will learn how to:




Control client update behavior through Group Policy.
Create computer groups for targeting, and manually modify group
membership.
Enable client-side targeting on the WSUS server.
Configure client-side targeting through Group Policy.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
112
Configuring Server 2008 Network Infrastructure Objectives

501. Configure Windows Server Update Services (WSUS) server settings.
o Client settings
o Group Policy Object (GPO)
o Client targeting
o Software updates
o Test and approval
Lecture Focus Questions:




By default, how often does the client check for updates? Which policy
allows you to have clients check more frequently?
Which policy do you edit to point clients to your WSUS server instead of
the Microsoft Update website?
How are updates installed if you enable the Do not display 'Install
Updates and Shut Down' option in Shut Down Windows dialog box
policy?
When using client-side targeting, how do you identify the computer group
for a specific computer? How does this differ from server-side targeting?
Video/Demo
9.2.1 Configuring Automatic Updates Client
9.2.3 Targeting
9.2.4 Configuring WSUS Targeting
Total
Time
10:59
1:59
11:26
24:24
Lab/Activity

Enforce WSUS Settings
Number of Exam Questions
5 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
113
Section 10.1: Reliability and Performance Monitor
Summary
This section examines using Reliability and Performance Monitor. Details
include:


Windows Reliability and Performance Monitor combines the functionality
of the following components:
o Resource Monitor
o Reliability Monitor
o Performance Monitor
o Data Collector Sets
Using the Reliability and Performance Monitor
Students will learn how to:




View system real-time statistical displays.
Add specific object counters to Performance Monitor for local or remote
machines.
Use the System Stability Chart to see historical system information.
Configure and run Data Collector Sets for system baselines and to
preserve performance statistics.
Configuring Server 2008 Network Infrastructure Objectives

502. Capture performance data.
o Data Collector Sets
o Performance Monitor
o Reliability Monitor
o Monitoring System Stability Index
o Analyze performance data
Lecture Focus Questions:





What is the relationship between a counter and an object?
What service must a remote computer run to allow you to connect to it
using Reliability and Performance Monitor?
What kind of data collector allows you to capture software process
events?
What action can you take if you want to know when the CPU in a system
runs over 80% more than 15% of the time?
How do data collector sets help you manage data collection and reports?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
114
Video/Demo
Time
10.1.1 Reliability and Performance Monitor
4:15
10.1.2 Using Performance Monitor
6:23
10.1.3 Using Data Collector Sets
10.1.4 Using Resource Monitor
Total
13:41
3:27
27:46
Number of Exam Questions
13 questions
Total Time
About 45 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
115
Section 10.2: Event Viewer
Summary
This section discusses how to access and manage event logs through Event
Viewer. Details include:








The role of Event Viewer
Common event logs include:
o Application
o Security
o System
o Setup
o ForwardedEvents
Features available with event logs:
o Log size
o Save events
o Filter events
o Custom views
o Attach a task
o Event Log Online Help
The role of event subscriptions
Services used by event subscriptions:
o Windows Remote Management (WinRM)
o Windows Event Collector (Wecsvc)
Subscription types:
o Collector initiated
o Source computer initiated
Delivery optimization options:
o Normal
o Minimize bandwidth
o Minimize latency
o Custom
Configuring event subscriptions
Students will learn how to:





View events to gather information, such as Event ID, Log Name, User,
and Computer.
Create event filters and custom log views.
Search and save logs.
Attach tasks to events or to logs.
Configure subscriptions to pull events from remote machines.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
116
Configuring Server 2008 Network Infrastructure Objectives

503. Monitor event logs.
o Custom views
o Application and services logs
o Subscriptions
o Attaching tasks to events to find and filter
Lecture Focus Questions:









Which log do you view to troubleshoot errors during a software
installation?
What options do you have for a log file that has reached its designated
capacity?
What happens to the data in a log that you save that has a filter on it?
How does a custom view differ from adding a filter to a log?
How can you combine events from multiple logs into a single report?
What tasks can you attach to an event or log?
What is the purpose of the Event Log Online Help link inside each event?
What two services are required to configure event subscriptions?
Where do you go to view events collected from remote computers
collected using event subscriptions?
Video/Demo
10.2.1 Event Viewer
10.2.2 Using Event Logs
10.2.4 Configuring Event Subscriptions
Total
Time
5:15
10:21
5:30
21:06
Number of Exam Questions
12 questions
Total Time
About 40 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
117
Section 10.3: Network Monitor
Summary
This section discusses the basics of using Network Monitor to monitor network
traffic. Details include:


The role of Network Monitor
Using Network Monitor
o Promiscuous mode
o Filters
 Display filter
 Capture filter
o Aliases
o Conversations
o Parsers
Students will learn how to:




Configure Network Monitor to capture packets.
Configure and remove capture and display filters.
Configure conversations to group data by type.
Save captured files for troubleshooting and analysis.
Configuring Server 2008 Network Infrastructure Objectives

504. Gather network data.
o Network Monitor
Lecture Focus Questions:





What are the differences between display filters and capture filters?
What should you do after you have modified a capture filter? Why is this
unnecessary when reconfiguring a display filter?
What is the difference between capturing in promiscuous mode and
capturing without promiscuous mode? When will using promiscuous mode
not result in significant differences in the data captured?
How can aliases make troubleshooting easier?
What permissions do you need to run Network Monitor?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
118
Video/Demo
Time
10.3.1 Network Monitor
3:17
10.3.2 Using Network Monitor
8:53
Total
12:10
Number of Exam Questions
5 questions
Total Time
About 20 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
119
Section 10.4: SNMP
Summary
This section discusses using Simple Network Management Protocol (SNMP) to
manage network-attached devices. Details include:




Components that make up an SNMP system:
o Managed devices
o SNMP agent
o SNMP manager
o Network Management Station (NMS)
o Management Information Base (MIB)
Methods that communication can occur between agents and managers:
o Polling
o Traps
Definition of a community name
Facts about using SNMP
Students will learn how to:


Add SNMP Agent support to workstations and servers.
Configure the SNMP Agent service properties.
Configuring Server 2008 Network Infrastructure Objectives

504. Gather network data.
o Simple Network Management Protocol (SNMP)
Lecture Focus Questions:



What is the difference between polling and traps?
Why is the default community name a security vulnerability?
What does each of the community rights allow the agent or device to do?
Why might READ WRITE and READ CREATE rights pose a security
threat?
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
120
Video/Demo
Time
10.4.1 SNMP
5:12
10.4.2 Configuring SNMP
5:48
Total
11:00
Number of Exam Questions
3 questions
Total Time
About 20 minutes
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
121
Practice Exams
Summary
This section provides information to help prepare students to take the exam and
to register for the exam.
Students will also have the opportunity of testing their mastery of the concepts
presented in this course to reaffirm that they are ready for the certification exam.
For example, all questions that apply to Objective 100. IP Addressing are
grouped together and presented in practice exam Objective 100: IP
Addressing, All Questions. Students will typically take about 60-90 minutes to
complete each of the following practice exams.
Objective 100: IP Addressing, All Questions (92 questions)
Objective 200: Name Resolution, All Questions (88 questions)
Objective 300: Network Access, All Questions (65 questions)
Objective 400: File and Print, All Questions (130 questions)
Objective 500: Monitoring and Managing, All Questions (42 questions)
The Certification Practice Exam consists of 50 questions that are randomly
selected from the above practice exams. Each time the Certification Practice
Exam is accessed different questions may be presented. The Certification
Practice Exam has a time limit of 135 minutes -- just like the real certification
exam. A passing score of 95% should verify that the student has mastered the
concepts and is ready to take the real certification test.
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
122
Appendix A: Approximate Time for the Course
The total time for the LabSim for Configuring Windows Server 2008 Network
Infrastructure Exam 70-642 course is approximately 41 hours and 17 minutes.
The time is calculated by adding the approximate time for each section which is
calculated using the following elements:




Video/demo times
Approximate time to read the text lesson (the length of each text lesson is
taken into consideration)
Simulations (5 minutes assigned per simulation)
Questions (1 minute per question)
The breakdown for this course is as follows:
Module
Sections
Time
Minute HR:MM
0.0 Introduction
0.1 Introduction
0.2 Server Management
0.3 Remote Management
0.4 Mathematical Foundations
5
20
25
15
65
1:05
1.1 IPv4 Addressing
1.2 IPv4 Subnetting
1.3 IPv4 Host Configuration
20
30
50
100
1:40
2.1 IPv6
2.2 IPv6 Addressing
2.3 IPv6 Configuration
2.4 IPv6 Implementation
5
40
35
20
100
1:40
3.1 DHCP Configuration
3.2 DHCP Options
3.3 Advanced DHCPv4 Settings
3.4 Server Placement
3.5 Superscopes and Split Scopes
3.6 DHCPv6
50
30
15
15
15
10
135
2:15
1.0 IPv4
2.0 IPv6
3.0
DHCP
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
123
4.0 DNS
4.1 DNS Concepts
4.2 Name Resolution
4.3 Zone Configuration
4.4 Active Directory-integrated Zones
4.5 Resource Records
4.6 Client Configuration
4.7 Dynamic DNS
4.8 Stub Zones and Forwarding
4.9 Root Hints and Root Zone
4.10 Zone Delegation
4.11 DNS Features
4.12 New DNS Features
4.13 Single-label Name Resolution
4.14 DNS Design
30
25
65
40
40
35
25
35
20
20
35
45
25
20
460
7:40
50
25
30
25
130
2:10
25
75
10
5
115
1:55
10
40
65
15
40
40
30
240
4:00
5.0 Routing
5.1 Routing
5.2 RIP
5.3 Demand-dial Routing
5.4 ICS and NAT
6.0 Remote Access
6.1 Remote Access Concepts
6.2 Dial-up and VPN
6.3 SSTP
6.4 CMAK
7.0 Network Access Security
7.1 Network Location Profiles
7.2 RADIUS
7.3 Network Access Protection (NAP)
7.4 Network Authentication
7.5 Firewall
7.6 IPsec
7.7 DirectAccess
8.0 File and Print
8.1 File Services
8.2 File Shares
8.3 Offline Files
8.4 NTFS Permissions
5
40
25
40
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
124
8.5 Share and NTFS Permissions
8.6 EFS
8.7 BitLocker
8.8 BranchCache
8.9 Distributed File System (DFS)
8.10 Shadow Copy
8.11 Backup and Restore
8.12 Disk Quotas
8.13 FSRM Features
8.14 Print Services
25
35
40
35
50
25
50
25
50
80
525
8:45
9.1 WSUS
9.2 Client Configuration
40
40
80
1:20
45
40
20
20
125
2:05
92
88
65
130
42
50
467
7:47
2477
41:17
9.0 WSUS
10.0 Performance and Reliability
10.1 Reliability and Performance Monitor
10.2 Event Viewer
10.3 Network Monitor
10.4 SNMP
Practice Exams
100: IP Addressing (92 questions)
200: Name Resolution (88 questions)
300: Network Access (65 questions)
400: File and Print (130 questions)
500: Monitoring and Managing (42 questions)
Certification Practice Exam (50 questions)
Total
Time
©2011 TestOut Corporation (Rev 8/11)
Configuring Windows Server 2008 Network Infrastructure (70-642)
125
Download