O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The Real MCTS/MCITP Exam 70-649 Prep Kit

Book Description

This exam is designed to validate Windows Server 2003 Microsoft Certified Systems Administrators (MCSEs) AD, Network Infrastructure, and Application Platform Technical Specialists skills. The object of this exam is to validate only the skills that are are different from the existing MCSE skills. This exam will fulfill the Windows Server 2008 Technology Specialist requirements of Exams 70-640, 70-642, and 70-643.

The Microsoft Certified Technology Specialist (MCTS) on Windows Server 2008 credential is intended for information technology (IT) professionals who work in the complex computing environment of medium to large companies. The MCTS candidate should have at least one year of experience implementing and administering a network operating system in an environment that has the following characteristics: 250 to 5,000 or more users; three or more physical locations; and three or more domain controllers.

MCTS candidates will manage network services and resources such as messaging, a database, file and print, a proxy server, a firewall, the Internet, an intranet, remote access, and client computer management.

In addition MCTS candidates must understant connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet.

* THE independent source of exam day tips, techniques, and warnings not available from Microsoft
* Comprehensive study guide guarantees 100% coverage of all Microsoft's exam objectives
* Interactive FastTrack e-learning modules help simplify difficult exam topics
* Two full-function ExamDay practice exams guarantee double coverage of all exam objectives
* Free download of audio FastTracks for use with iPods or other MP3 players
* 1000 page "DRILL DOWN" reference for comprehensive topic review


Table of Contents

  1. Copyright
  2. Visit us at www.syngress.com
    1. Solutions Web Site
    2. Ultimate CDs
    3. Downloadable E-Books
    4. Syngress Outlet
    5. Site Licensing
    6. Custom Publishing
  3. Technical Editor
  4. Contributing Authors
  5. Foreword
    1. What Is MCTS Exam 70-649?
    2. Path to MCTS/MCITP/MS Certified Architect
      1. Upgrading Your MCSE Certification
      2. Prerequisites and Preparation
    3. Exam Day Experience
      1. Exam Format
      2. Test-Taking Tips
    4. Pedagogical Elements
    5. Additional Resources
  6. 1. Deploying Servers
    1. Introduction
    2. Installing Windows Server 2008
      1. Changes in Functionality from Windows Server 2003 with SP1 to Windows Server 2008
      2. Installing Windows Server 2008 Enterprise Edition
      3. What Is New in the AD DS Installation?
      4. Installing from Media
      5. Installing Server Core
    3. The Windows Deployment Service
      1. What Is WDS?
      2. Configuring WDS
      3. Capturing WDS Images
      4. Deploying WDS Images
    4. Configuring Storage
      1. RAID Types
      2. Network Attached Storage
      3. Storage Area Networks
      4. Fibre Channel
      5. iSCSI
        1. iSCSI Initiators and Targets
      6. Mount Points
    5. Configuring High Availability
      1. Failover Clusters
        1. Installing and Validating a Failover Cluster
        2. Managing the Failover Cluster
      2. Network Load Balancing
    6. Configuring Windows Activation
      1. Using Multiple Activation Keys
      2. Using Key Management Service Keys
      3. License States
      4. Reporting
      5. Installing a KMS
      6. Creating a DNS SRV Record
      7. Enabling Clients to Use KMS
        1. Activating the System
    7. Summary of Exam Objectives
    8. Exam Objectives Fast Track
      1. Installing Windows Server 2008
      2. The Windows Deployment Service
      3. Configuring Storage
      4. Configuring High Availability
      5. Configuring Windows Activation
    9. Exam Objectives Frequently Asked Questions
    10. Self Test
    11. Self Test Quick Answer Key
  7. 2. Configuring Server Roles in Windows 2008
    1. Introduction
    2. New Roles in 2008
      1. Using Server Manager to Implement Roles
      2. Using Server Core and Active Directory
        1. What Is Server Core?
    3. Read-Only Domain Controllers (RODCs)
      1. Introduction to RODC
        1. Its Purpose in Life
        2. Its Features
      2. Configuring RODC
      3. Removing an RODC
    4. Active Directory Lightweight Directory Service (LDS)
      1. When to Use AD LDS
      2. Changes from Active Directory Application Mode (ADAM)
      3. Configuring AD LDS
        1. Working with AD LDS
    5. Active Directory Rights Management Service (RMS)
      1. What’s New in RMS
      2. RMS vs. DRMS in Vista
      3. Configuring RMS
    6. Active Directory Federation Services (ADFS)
      1. What Is Federation?
        1. Why and When to Use Federation
      2. Configuring ADFS
    7. Summary of Exam Objectives
    8. Exam Objectives Fast Track
      1. New Roles in 2008
      2. Read-Only Domain Controllers
      3. Active Directory Lightweight Directory Service
      4. Active Directory Rights Management Services
      5. Active Directory Federation Services
    9. Exam Objectives Frequently Asked Questions
    10. Self Test
    11. Self Test Quick Answer Key
  8. 3. Configuring Certificate Services and PKI
    1. Introduction
    2. What Is PKI?
      1. The Function of the PKI
      2. Components of PKI
      3. How PKI Works
        1. PKCS Standards
      4. How Certificates Work
      5. Public Key Functionality
        1. Digital Signatures
        2. Authentication
        3. Secret Key Agreement via Public Key
        4. Bulk Data Encryption without Prior Shared Secrets
        5. User Certificates
        6. Machine Certificates
        7. Application Certificates
    3. Analyzing Certificate Needs within the Organization
    4. Working with Certificate Services
      1. Configuring a Certificate Authority
        1. Certificate Authorities
          1. Standard vs. Enterprise
          2. Root vs. Subordinate Certificate Authorities
          3. Certificate Requests
          4. Certificate Practice Statement
      2. Key Recovery
        1. Backup and Restore
        2. Assigning Roles
        3. Enrollments
        4. Revocation
    5. Working with Templates
      1. General Properties
      2. Request Handling
      3. Cryptography
      4. Subject Name
      5. Issuance Requirements
      6. Security
      7. Types of Templates
        1. User Certificate Types
        2. Computer Certificate Types
        3. Other Certificate Types
        4. Custom Certificate Templates
      8. Securing Permissions
      9. Versioning
      10. Key Recovery Agent
    6. Summary of Exam Objectives
    7. Exam Objectives Fast Track
      1. Planning a Windows Server 2008 Certificate-Based PKI
      2. Implementing Certification Authorities
      3. Planning Enrollment and Distribution of Certificates
    8. Exam Objectives Frequently Asked Questions
    9. Self Test
    10. Self Test Quick Answer Key
  9. 4. Maintaining an Active Directory Environment
    1. Introduction
    2. Backup and Recovery
      1. Using Windows Server Backup
        1. Scheduling a Backup
        2. Backing Up to Removable Media
        3. Backing Up System State Data
        4. Backing Up Key Files
        5. Backing Up Critical Volumes
        6. Recovering System State Data
        7. Recovering Key Files
      2. Directory Services Restore Mode
      3. Performing Authoritative and Nonauthoritative Restores
        1. Authoritative Restore
        2. Nonauthoritative Restore
      4. Linked Value Replication
      5. Backing Up and Restoring GPOs
    3. Offline Maintenance
      1. Restartable Active Directory
      2. Offline Defrag and Compaction
      3. Active Directory Storage Allocation
    4. Monitoring Active Directory
      1. The Network Monitor
      2. The Task Manager
        1. The Applications Tab
        2. The Processes Tab
        3. The Services Tab
        4. The Performance Tab
        5. The Networking Tab
        6. The Users Tab
      3. The Event Viewer
        1. Custom Views
        2. Windows Logs
        3. Applications and Services Logs
        4. Subscriptions
      4. Replmon
        1. Using Replmon
      5. RepAdmin
      6. Windows System Resource Manager
      7. The Windows Reliability and Performance Monitor
        1. Resource Overview
        2. The Performance Monitor
        3. The Reliability Monitor
        4. Data Collector Sets
        5. Reports
    5. Summary of Exam Objectives
    6. Exam Objectives Fast Track
      1. Backup and Recovery
      2. Offline Maintenance
      3. Monitoring Active Directory
    7. Exam Objectives Frequently Asked Questions
    8. Self Test
    9. Self Test Quick Answer Key
  10. 5. Configuring the Active Directory Infrastructure
    1. Introduction
    2. Working with Forests and Domains
      1. Understanding Forests
      2. Understanding Domains
      3. Forest and Domain Functional Levels
        1. Using Domain Functional Levels
          1. Using the Windows 2000 Domain Functional Level
          2. Windows Server 2003 Domain Functional Level
          3. Windows Server 2008 Domain Functional Level
        2. Configuring Forest Functional Levels
          1. Windows 2000 Forest Functional Level (default)
          2. Windows Server 2003 Forest Functional Level
          3. Windows Server 2008 Forest Functional Level
        3. Raising Forest and Domain Functional Levels
          1. Raising the Domain Functional Level
      4. Understanding the Global Catalog
        1. UPN Authentication
        2. Directory Information Search
        3. Universal Group Membership Information
      5. Understanding GC Replication
        1. Universal Group Membership
        2. Attributes in the Global Catalog
      6. Placing GC Servers within Sites
        1. Bandwidth and Network Traffic Considerations
        2. Universal Group Membership Caching
      7. Working with Flexible Single Master Operation (FSMO) Roles
        1. Placing, Transferring, and Seizing FSMO Role Holders
          1. Locating and Transferring the Schema Master Role
          2. Locating and Transferring the Domain Naming Master Role
          3. Locating and Transferring the Infrastructure, RID, and PDC Operations Master Roles
          4. Placing the FSMO Roles within an Active Directory Environment
    3. Working with Sites
      1. Understanding Sites
        1. Subnets
      2. Site Planning
        1. Criteria for Establishing Separate Sites
        2. Creating a Site
        3. Renaming a Site
      3. Creating Subnets
        1. Associating Subnets with Sites
      4. Creating Site Links
        1. Configuring Site Link Cost
      5. Understanding Replication
        1. Intrasite Replication
        2. Intersite Replication
        3. Bridgehead Servers
        4. Site Link Bridges
        5. Scheduling
        6. Forcing Replication
        7. Replication Protocols
      6. Planning, Creating, and Managing the Replication Topology
        1. Planning Replication Topology
        2. Creating Replication Topology
      7. Configuring Replication between Sites
      8. Troubleshooting Replication Failure
        1. Troubleshooting Replication
        2. Using Event Viewer
    4. Working with Trusts
      1. Default Trusts
      2. Forest Trusts
      3. External Trusts
      4. Shortcut Trusts
      5. SID Filtering
    5. Summary of Exam Objectives
    6. Exam Objectives Fast Track
      1. Working with Forests and Domains
      2. Working with Sites
      3. Working with Trusts
    7. Exam Objectives Frequently Asked Questions
    8. Self Test
    9. Self Test Quick Answer Key
  11. 6. Configuring Web Application Services
    1. Introduction
    2. Installing and Configuring Internet Information Services
      1. Differences in Windows Editions
      2. Typical Deployment Scenarios
        1. Simple Web Server
        2. Small Web Farms
        3. Large Web Farms
      3. Installing Internet Information Services
      4. Provisioning Web Sites
        1. Adding a Virtual Directory
        2. Configuring the Default Document
        3. Enabling Directory Browsing
        4. Customizing Error Pages
        5. Redirecting Requests
        6. Adding Custom Response Headers
        7. Adding MIME Types
      5. Configuring Web Applications
        1. Application Pool Settings
        2. Application Development Settings
          1. Enabling Third-Party Runtime Environments
      6. Migrating from Previous Releases
    3. Securing Your Web Sites and Applications
      1. Transport Security
      2. Authentication
        1. Considerations When Using Client Certificates
      3. Authorization
        1. URL Authorization
        2. IP Authorization
        3. Request Filtering
      4. .NET Trust Levels
    4. Managing Internet Information Services
      1. Configuration and Delegation
        1. Remote Administration
      2. Health and Diagnostics
        1. Failed Request Tracing
        2. Logging
      3. Scaling Your Web Farm
        1. Output Caching
        2. Compression
        3. Network Load Balancing
          1. Shared Configuration
          2. TCP and HTTP Service Unavailable Responses
      4. Backing Up and Restoring Server Configuration
    5. Summary of Exam Objectives
    6. Exam Objectives Fast Track
      1. Installing and Configuring Internet Information Services
      2. Securing Your Web Sites and Applications
      3. Managing Internet Information Services
    7. Exam Objectives Frequently Asked Questions
    8. Self Test
    9. Self Test Quick Answer Key
  12. 7. Configuring Web Infrastructure Services
    1. Introduction
      1. Installing and Configuring FTP Publishing Services
      2. Installing the FTP Publishing Service
      3. Provisioning FTP Sites
        1. Directory Browsing
        2. Firewall Support
        3. Messages
        4. Virtual Directories
        5. Application Pools
      4. Securing Your FTP Site
        1. Transport Security
        2. Authentication
        3. Authorization
          1. URL Authorization
          2. IP Authorization
        4. User Isolation
    2. Installing and Configuring SMTP Services
      1. Installing SMTP Services
      2. Provisioning Virtual Servers
        1. Configuring a Virtual Server
          1. Server Bindings
          2. Logging
          3. Message Limits
          4. Delivery Options
          5. LDAP Routing
      3. Securing Your SMTP Virtual Server
        1. Transport Security
        2. Authentication
        3. Connection Control
        4. Relay Restrictions
    3. Summary of Exam Objectives
    4. Exam Objectives Fast Track
      1. Installing and Configuring FTP Publishing Service
      2. Installing and Configuring SMTP Services
    5. Exam Objectives Frequently Asked Questions
    6. Self Test
    7. Self Test Quick Answer Key
  13. 8. Deploying the Terminal Services
    1. Introduction
    2. Deploying the Terminal Server Role Service
      1. Specifying the License Mode after Installation
    3. Terminal Services Licensing
      1. Installing a Terminal Service Licensing Server
        1. Installing the TS Licensing Role Service on an Existing Terminal Server
        2. Installing the TS Licensing Role Service on a Separate Server
      2. Activating a Terminal Service Licensing Server
        1. Activating a Terminal Service Licensing Server Using the Automatic Connection Method
        2. Activating a Terminal Service Licensing Server Using the Web Browser Method
        3. Activating a Terminal Service Licensing Server Using the Telephone Method
        4. Establishing Connectivity between Terminal Server and Terminal Services Licensing Server
          1. Using the Terminal Services Configuration Tool to Specify a TS Licensing Server
          2. Publishing a Terminal Services Licensing Server Using TS Licensing Manager
          3. Publishing a Terminal Server Licensing Server Using ADSI Edit and Active Directory Sites and Services
      3. Installing and Managing Terminal Services Client Access Licenses (TS CALs)
        1. Installing and Activating Terminal Services Client Access Licenses Using the Automatic Connection Method
        2. Installing and Activating Terminal Services Client Access Licenses Using the Web Browser Method
        3. Installing and Activating Terminal Services Client Access Licenses Using the Telephone Method
      4. Recovering a Terminal Service Licensing Server
    4. Establishing Client Connections to a Terminal Server
      1. Using the Remote Desktop Connection Utility
        1. Launching and Using the Remote Desktop Connection Utility
        2. Configuring the Remote Desktop Connection Utility
          1. The General tab
          2. The Display Tab
          3. The Local Resources Tab
          4. The Programs Tab
          5. The Experience tab
          6. The Advanced Tab
      2. Installing and Using the Remote Desktops Snap-in
        1. Adding a New Connection
        2. Configuring a Connection’s Properties
        3. Connecting and Disconnecting
    5. Summary of Exam Objectives
    6. Exam Objectives Fast Track
      1. Deploying the Terminal Server Role Service
      2. Terminal Services Licensing
      3. Establishing Client Connections to a Terminal Server
    7. Exam Objectives Frequently Asked Questions
    8. Self Test
    9. Self Test Quick Answer Key
  14. 9. Configuring and Managing the Terminal Services
    1. Introduction
    2. Configuring and Monitoring Terminal Service Resources
      1. Allocating Resources by Using Windows System Resource Manager
        1. Installing WSRM
      2. Configuring Application Logging
    3. Load Balancing
      1. Terminal Service Load-Balancing Techniques
      2. Configuring Load Balancing
        1. Adding Local Group on the TS Session Broker
        2. Installing NLB
      3. Terminal Service Session Broker Redirection Modes
      4. DNS Registration
      5. Configuring Load Balancing Through Group Policy
    4. The Terminal Services Gateway
      1. Certificate Configuration
      2. Terminal Service (TS) Gateway Manager
      3. Accessing Resources through the TS Gateway Using TS CAP
      4. Accessing Resources through the TS Gateway Using TS RAP
      5. Terminal Service Group Policy Settings
    5. Terminal Service RemoteApp
      1. Configuring TS RemoteApp
      2. Configuring TS Web Access
      3. Configuring TS Remote Desktop Web Connection
    6. Managing the Terminal Services
      1. RDP Permissions
      2. Connection Limits
      3. Session Time Limits
      4. Session Permissions
      5. Viewing Processes
      6. Monitoring Sessions
      7. Displaying Data Prioritization
      8. Logging Users Off
      9. Disconnecting Sessions
      10. Resetting the Terminal Services
    7. Summary of Exam Objectives
    8. Exam Objectives Fast Track
      1. Configuring and Monitoring Terminal Service Resources
      2. Load Balancing
      3. The Terminal Services Gateway
      4. Terminal Service RemoteApp
      5. Managing the Terminal Services
    9. Exam Objectives Frequently Asked Questions
    10. Self Test
    11. Self Test Quick Answer Key
  15. 10. IP Addressing and Services
    1. Introduction
    2. Configuring IPv4 and IPv6 Addressing
      1. IPv4 Quick Review
      2. Configuring Local IPv4 Settings
      3. Configuring IPv4 Options
      4. Subnetting
      5. Supernetting
      6. Alternative Configuration
      7. Internet Protocol Version 6 (IPv6)
        1. IPv6 Address Format
        2. IPv6 Address Types
        3. IPv6 Autoconfiguration Options
        4. IPv6 Transition Technologies
      8. Configuring IPv6 Settings
    3. Configuring Dynamic Host Configuration Protocol (DHCP)
      1. Adding the DHCP Server Role
      2. Configuring DHCP Scopes
        1. Configuring IPv4 Scopes and Options
        2. DHCP IPv4 Reservations
      3. Configuring DHCP Scope Options
        1. Server Options
        2. Scope Options
        3. Reservation Options
        4. Setting Scope Options
        5. Configuring IPv6 Scopes
        6. Configuring IPv6 Scope Options
        7. DHCP IPv6 Client Reservation Configuration
      4. Creating New Options
        1. New Options Using the Windows Interface
        2. New Options Using the Command Line
      5. Exclusions
      6. DHCP Relay Agents
      7. PXE Boot
      8. DHCP and Network Access Protection (NAP)
      9. DHCP Configuration via Server Core
    4. Configuring Network Authentication
      1. NTLMv2 and Kerberos Authentication
      2. WLAN Authentication Using 802.1x and 802.3
        1. Wireless and Wired Authentication Technologies
        2. Implementing Secure Network Access Authentication
      3. Routing and Remote Access Services (RRAS) Authentication
    5. Configuring IP Security (IPsec)
      1. IPsec Authentication Header (AH)
      2. IPsec Encapsulating Security Payload (ESP)
      3. Configuring IPsec in Windows Server 2008
      4. Creating IPsec Policy
      5. IPsec Using the Command Line
      6. IPsec Isolation Policy
    6. Windows Firewall with Advanced Security in Windows Server 2008
      1. Network Perimeter Firewalls
      2. Host-based Firewalls
      3. New Features in Windows Firewall with Advanced Security
        1. IPsec Integration
        2. Support for IPv6
        3. Support for Active Directory User, Computer, and Groups
        4. Location-Aware Profiles
        5. Detailed Rules
        6. Expanded Authenticated Bypass
        7. Network Location-Aware Host Firewall
        8. Server and Domain Isolation
          1. Server Isolation
          2. Domain Isolation
      4. Configuring Windows Firewall with Advanced Security
      5. Incoming and Outgoing Traffic Filtering
        1. Firewall Rules
        2. Connection Security Rules
        3. Firewall Profiles
        4. IPsec Settings
        5. Monitoring
      6. Managing Windows Firewall with Advanced Security via Group Policy
      7. Identifying Ports and Protocols
      8. Command Line Tools for Windows Firewall with Advanced Security
    7. Summary of Exam Objectives
    8. Exam Objectives Fast Track
      1. Configuring IPv4 and IPv6 Addressing
      2. Configuring Dynamic Host Configuration Protocol (DHCP)
      3. Configuring Network Authentication
      4. Configuring IP Security (IPsec)
      5. Windows Firewall with Advanced Security in Windows Server 2008
    9. Exam Objectives Frequently Asked Questions
    10. Self Test
    11. Self Test Quick Answer Key
  16. 11. Configuring Network Access
    1. Introduction
      1. Windows Server 2008 and Routing
      2. Window Server 2008 and Remote Access
      3. Windows Server 2008 and Wireless Access
    2. Configuring Routing
      1. Routing Fundamentals
      2. Static Routing
      3. Routing Internet Protocol (RIP)
      4. Open Shortest Path First (OSPF)
    3. Configuring Remote Access
      1. Routing and Remote Access Services (RRAS)
        1. Network Policy Server and Network Access Protection
      2. Dial-Up
      3. Remote Access Policy
      4. Network Address Translation (NAT)
      5. Internet Connection Sharing (ICS)
      6. Remote Access Protocols
      7. Virtual Private Networks
      8. Installing and Configuring a SSL VPN Server
      9. Inbound/Outbound Filters
      10. Configuring Remote Authentication Dial-In User Service (RADIUS) Server
    4. Configuring Wireless Access
      1. Set Service Identifier (SSID)
      2. Wi-Fi Protected Access (WPA)
      3. Wi-Fi Protected Access 2 (WPA2)
      4. Ad Hoc vs. Infrastructure Mode
      5. Wireless Group Policy
    5. Summary of Exam Objectives
    6. Exam Objectives Fast Track
      1. Configuring Routing
      2. Configuring Remote Access
      3. Configuring Wireless Access
    7. Exam Objectives Frequently Asked Questions
    8. Self Test
    9. Self Test Quick Answer Key
  17. 12. Network Access Protection
    1. Introduction
    2. Working with NAP
      1. Network Layer Protection
        1. NAP Clients
        2. NAP Enforcement Points
        3. Active Directory Domain Services
        4. NAP Health Policy Server
        5. Health Requirement Server
        6. Restricted Network
        7. Software Policy Validation
      2. DHCP Enforcement
      3. VPN Enforcement
        1. Communication Process with VPN Client and NAP
      4. Configuring NAP Health Policies
        1. Connection Request Policies
        2. Network Policies
        3. Health Policies
        4. Network Access Protection Settings
      5. IPsec Enforcement
        1. Secure Network
        2. Boundary Network
        3. Restricted Network
        4. Flexible Host Isolation
      6. 802.1x Enforcement
    3. Summary of Exam Objectives
    4. Exam Objectives Fast Track
      1. Working with Network Access Protection
    5. Exam Objectives Frequently Asked Questions
    6. Self Test
    7. Self Test Quick Answer Key
  18. Self Test Appendix
    1. Chapter 1: Deploying Servers
    2. Chapter 2: Configuring Server Roles in Windows 2008
    3. Chapter 3: Configuring Certificate Services and PKI
    4. Chapter 4: Maintaining an Active Directory Environment
    5. Chapter 5: Configuring the Active Directory Infrastructure
    6. Chapter 6: Configuring Web Application Services
    7. Chapter 7: Configuring Web Infrastructure Services
    8. Chapter 8: Deploying the Terminal Services
    9. Chapter 9: Configuring and Managing the Terminal Services
    10. Chapter 10: IP Addressing and Services
    11. Chapter 11: Configuring Network Access
    12. Chapter 12: Network Access Protection