• No results found

Planning and Maintaining a Microsoft Windows Server Network Infrastructure

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Planning and Maintaining a Microsoft Windows Server Network Infrastructure"

Copied!
6
0
0

Loading.... (view fulltext now)

Download now ( 6 Page )

Full text

(1)

Unit 27: Planning and Maintaining a

Microsoft Windows Server

Network Infrastructure

Learning outcomes

A candidate following a programme of learning leading to this unit will be able to: • Configure security for servers that are assigned specific roles

• Plan a secure baseline installation

• Plan security for servers that are assigned specific roles. Roles might include domain controllers, web servers, database servers, and mail servers

• Evaluate and select the operating system to install on computers in an enterprise • plan a TCP/IP network infrastructure strategy

• Plan and modify a network topology • Plan an Internet connectivity strategy • Plan network traffic monitoring

• Troubleshoot connectivity to the Internet • Troubleshoot TCP/IP addressing

• Plan a host name resolution strategy • Plan a NetBIOS name resolution strategy • Troubleshoot host name resolution • Plan a routing strategy

• Plan security for remote access users

• Implement secure access between private networks • Troubleshoot TCP/IP routing

• Plan services for high availability

• Identify system bottlenecks, including memory, processor, disk, and network related bottlenecks

(2)

• Plan security for wireless networks • Plan security for data transmission

• Troubleshoot security for data transmission

• Configure Active Directory service for certificate publication

• Plan a public key infrastructure (PKI) that uses Certificate Services • Plan a framework for planning and implementing security

• Plan a security update infrastructure

(3)

Unit Content: Planning and Maintaining a Microsoft Windows Server Network

Infrastructure

Assessment Objectives Knowledge, Skills and Understanding

1 Configure security for servers that are assigned specific roles

a Plan a secure baseline installation To include:

• Plan a strategy to enforce system default security settings on new systems

• Identify client operating system default security settings

• Identify all server operating system default security settings

b Plan security for servers that are assigned specific roles. Roles might include domain controllers, Web servers, database servers, and mail servers

To include:

• Deploy the security configuration for servers that are assigned specific roles

• Create custom security templates based on server roles

c Evaluate and select the operating system to install on computers in an enterprise

To include:

• Identify the minimum configuration to satisfy security requirements

d Plan a TCP/IP network infrastructure strategy

To include:

• Analyse IP addressing requirements • Plan an IP routing solution

• Create an IP subnet scheme e Plan and modify a network topology To include:

• Plan the physical placement of network resources

• Identify network protocols to be used

2 Plan an Internet connectivity strategy

a Plan network traffic monitoring To include:

• Efficiently utilise tools including Network Monitor and System Monitor

b Troubleshoot connectivity to the Internet To include:

• Diagnose and resolve issues related to Network Address Translation (NAT) • Diagnose and resolve issues related to

name resolution cache information

• Diagnose and resolve issues related to client configuration

c Troubleshoot TCP/IP addressing To include:

• Diagnose and resolve issues related to client computer configuration

(4)

Assessment Objectives Knowledge, Skills and Understanding

d Plan a host name resolution strategy To include:

• Plan a DNS namespace design • Plan zone replication requirements • Plan a forwarding configuration • Plan for DNS security

• Examine the interoperability of DNS with third-party DNS solutions

e Plan a NetBIOS name resolution strategy To include:

• Plan a WINS replication strategy

• Plan NetBIOS name resolution by using the Lmhosts file

f Troubleshoot host name resolution To include:

• Diagnose and resolve issues related to DNS services

• Diagnose and resolve issues related to client computer configuration

g Plan a routing strategy To include:

• Identify routing protocols to use in a specified environment

• Plan routing for IP multicast traffic h Plan security for remote access users To include:

• Plan remote access policies

• Analyse protocol security requirements • Plan authentication methods for remote

access clients i Implement secure access between private

networks

To include:

• Create and implement an IPSec policy •

j Troubleshoot TCP/IP routing To include:

• Efficiently utilise tools including tracert, ping, pathping, and netsh commands and Network Monitor

k Plan services for high availability To include:

• Plan a high availability solution that uses clustering services

• plan a high availability solution that uses Network Load Balancing

l Identify system bottlenecks, including memory, processor, disk, and network related bottlenecks

To include:

• Identify system bottlenecks by using System Monitor

m Implement a cluster server Recover from cluster node failure

(5)

Assessment Objectives Knowledge, Skills and Understanding

o Plan a backup and recovery strategy To include:

• Identify appropriate backup types • Methods include full, incremental, and

differential

• Plan a backup strategy that uses volume shadow copy

• Plan system recovery that uses Automated System Recovery (ASR)

p Configure network protocol security To include:

• Configure protocol security in a

heterogeneous client computer environment • Configure protocol security by using IPSec

policies

• Configure IPSec policy settings. q Configure security for data transmission

r Plan for network protocol security To include:

• Specify the required ports and protocols for specified services

• Plan an IPSec policy for secure network communications

s Plan secure network administration methods To include:

• Create a plan to offer Remote Assistance to client computers

• Plan for remote administration by using Terminal Services

3 Plan security for wireless networks

a Plan security for data transmission To include:

• Secure data transmission between client computers to meet security requirements • Secure data transmission by using IPSec b Troubleshoot security for data transmission To include:

• Efficiently utilise tools including the IP Security Monitor MMC snap-in and the Resultant Set of Policy (RSoP) MMC snap-in

4 Configure Active Directory directory service for certificate publication

a Plan a public key infrastructure (PKI) that

uses Certificate Services To include: • Identify the appropriate type of certificate authority to support certificate issuance requirements

• Plan the enrolment and distribution of certificates

• Plan for the use of smart cards for authentication

b Plan a framework for planning and

(6)

Assessment Objectives Knowledge, Skills and Understanding

c Plan a security update infrastructure To include:

• Efficiently utilise tools including Microsoft Baseline Security Analyzer and Microsoft Software Update Services

Assessment

This unit will be assessed by an on-line Microsoft set examination for Planning and Maintaining a Microsoft Windows Server Network Infrastructure.

Notes for tutors

The knowledge and understanding within this unit is complementary to Unit 28 - Planning, Implementing and Maintaining a Microsoft Windows Server.

This unit may be delivered stand alone by using the Microsoft Official Curriculum. For students wishing to do all the Microsoft units this will complement Unit 28.

They may wish to complete both 27 and unit 28 before attempting the two Microsoft examinations as the knowledge required for both units is complementary and will improve chances of success in most cases.

References

Download now ( PDF - 6 Page - 30.59 KB )

Related documents

HP network adapter teaming: load balancing in ProLiant servers running Microsoft Windows operating systems

Using the HP Network Configuration Utility to configure SLB Transmit and Receive Load Balancing in a ProLiant

Course Syllabus. 6416: Updating your Network Infrastructure and Active Directory Technology Skills to Windows Server Key Data.

• Experience planning, implementing, managing, maintaining, and securing Microsoft Windows Server 2000 or 2003, including Active Directory and Network Infrastructure server roles..

Updating Your Network Infrastructure and Active Directory Technology Skills to Windows Server 2008

 Experience planning, implementing, managing, maintaining, and securing Microsoft Windows Server 2000 or 2003, including Active Directory and Network Infrastructure server roles. 

MCSE SYLLABUS. Exam : Managing and Maintaining a Microsoft Windows Server 2003:

Exam 70-291: Implementing, Managing and maintaining a Microsoft Windows Server 2003 Network Infrastructure:.. Implementing, Managing and Maintaining

6419: Configuring, Managing, and Maintaining Server 2008

Module 9: Configuring Server Security Compliance This module explains how to secure a windows infrastructure, configure an audit policy, manage WSUS and plan for a security

Configuring, Managing and Maintaining Windows Server 2008 Servers

Module 9: Configuring Server Security Compliance This module explains how to secure a windows infrastructure, configure an audit policy, manage WSUS and plan for a security

Installing and Configuring Windows B; 5 Days, Instructor-led

It describes Windows Firewall, IPsec connection security rules, and Windows Defender, and how to configure these tools to manage network

MCSA Objectives. Exam : TS:Exchange Server 2007, Configuring

Exam 70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure.. Implementing, Managing, and Maintaining