• No results found

MCTS: Active Directory (Server 2008)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "MCTS: Active Directory (Server 2008)"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

MCTS: Active Directory (Server 2008)

Course Description and Overview

Overview

Help meet the global demand for skilled IT professionals who can support Windows Server 2008—the latest Windows Server operating system. By earning a Microsoft Certification, you gain hands-on experience, in-depth knowledge, and industry-recognized validation, to help build employers' confidence in your skills.

You work—or plan to work—with Active Directory and Directory Services, Active Directory server roles, certificate management, and Group Policy.

Topics Covered

This exam measures your ability to accomplish the technical tasks listed below.The percentages indicate the relative weight of each major topic area on the exam.

1. Configuring Domain Name System (DNS) for Active Directory

Configure zones.

May include but is not limited to: Dynamic DNS (DDNS), Non-dynamic DNS (NDDNS), and Secure Dynamic DNS (SDDNS); Time to Live (TTL);

GlobalNames; Primary, Secondary, Active Directory Integrated, Stub; SOA; zone scavenging; forward lookup; reverse lookup

Configure DNS server settings.

May include but is not limited to: forwarding; root hints; configure zone delegation; round robin; disable recursion; debug logging; server

scavenging

Configure zone transfers and replication.

May include but is not limited to: configure replication scope

(forestDNSzone; domainDNSzone); incremental zone transfers; DNS Notify; secure zone transfers; configure name servers; application directory

partitions

Configuring the Active Directory infrastructure

Configure a forest or a domain.

May include but is not limited to: remove a domain; perform an unattended installation; Active Directory Migration Tool (ADMT) ; change forest and domain functional levels; interoperability with previous versions of Active Directory; multiple user principal name (UPN) suffixes; forestprep;

domainprep Configure trusts.

May include but is not limited to: forest trust; selective authentication vs. forest-wide authentication; transitive trust; external trust; shortcut trust; SID filtering

(2)

May include but is not limited to: create Active Directory subnets; configure site links; configure site link costing; configure sites infrastructure

Configure Active Directory replication.

May include but is not limited to: DFSR; one-way replication; Bridgehead server; replication scheduling; configure replication protocols; force intersite replication

Configure the global catalog.

May include but is not limited to: Universal Group Membership Caching (UGMC); partial attribute set; promote to global catalog

Configure operations masters.

May include but is not limited to: seize and transfer; backup operations master; operations master placement; Schema Master; extending the schema; time service

Configuring Active Directory Roles and Services

Configure Active Directory Lightweight Directory Service (AD LDS).

May include but is not limited to: migration to AD LDS; configure data within AD LDS; configure an authentication server; Server Core Installation Configure Active Directory Rights Management Service (AD RMS).

May include but is not limited to: certificate request and installation; self-enrollments; delegation; create RMS templates; RMS administrative roles; RM Add-on for IE

Configure the read-only domain controller (RODC).

May include but is not limited to: replication; Administrator role separation; read-only DNS; BitLocker; credential caching; password replication; syskey; read-only SYSVOL; staged install

Configure Active Directory Federation Services (AD FSv2).

May include but is not limited to: install AD FS server role; exchange certificate with AD FS agents; configure trust policies; configure user and group claim mapping; import and export trust policies

Creating and maintaining Active Directory objects

Automate creation of Active Directory accounts.

May include but is not limited to: bulk import; configure the UPN; create computer, user, and group accounts (scripts, import, migration); template accounts; contacts; distribution lists; offline domain join

Maintain Active Directory accounts.

May include but is not limited to: manage computer accounts; configure group membership; account resets; delegation; AGDLP/AGGUDLP; deny domain local group; local vs. domain; Protected Admin; disabling accounts vs. deleting accounts; deprovisioning; contacts; creating organizational units (OUs); delegation of control; protecting AD objects from deletion; managed service accounts

Create and apply Group Policy objects (GPOs).

May include but is not limited to: enforce, OU hierarchy, block inheritance, and enabling user objects; group policy processing priority; WMI; group policy filtering; group policy loopback; Group Policy Preferences (GPP) Configure GPO templates.

(3)

May include but is not limited to: user rights; ADMX Central Store;

administrative templates; security templates; restricted groups; security options; starter GPOs; shell access policies

Deploy and manage software by using GPOs.

May include but is not limited to: publishing to users; assigning software to users; assigning to computers; software removal; software restriction policies; AppLocker

Configure account policies.

May include but is not limited to: domain password policy; account lockout policy; fine-grain password policies

Configure audit policy by using GPOs.

May include but is not limited to: audit logon events; audit account logon events; audit policy change; audit access privilege use; audit directory service access; audit object access; advanced audit policies; global object access auditing; “Reason for Access” reporting

Maintaining the Active Directory environment

Configure backup and recovery.

May include but is not limited to: using Windows Server Backup; back up files and system state data to media; backup and restore by using

removable media; perform an authoritative or non-authoritative restores; linked value replication; Directory Services Recovery Mode (DSRM); backup and restore GPOs; configure AD recycle bin

Perform offline maintenance.

May include but is not limited to: offline defragmentation and compaction; Restartable Active Directory; Active Directory database mounting tool Monitor Active Directory.

May include but is not limited to: event viewer subscriptions; data collector sets; real-time monitoring; analyzing logs; WMI queries; PowerShell

Configuring Active Directory Certificate Services

Install Active Directory Certificate Services.

May include but is not limited to: certificate authority (CA) types, including standalone, enterprise, root, and subordinate; role services; prepare for multiple-forest deployments

Configure CA server settings.

May include but is not limited to: key archival; certificate database backup and restore; assigning administration roles; high-volume CAs; auditing Manage certificate templates.

May include but is not limited to: certificate template types; securing template permissions; managing different certificate template versions; key recovery agent

Manage enrollments.

May include but is not limited to: network device enrollment service

(4)

May include but is not limited to: configure Online Responders; Certificate Revocation List (CRL); CRL Distribution Point (CDP); Authority Information Access (AIA)

Audience Profile

The Microsoft Certified Technology Specialist (MCTS) on Windows Server 2008 credentials are intended for information technology (IT) professionals who work in the complex computing environment of medium to large companies. The MCTS candidate should have at least one year of experience implementing and administering Windows Server 2008 R2 in an environment that has the following characteristics:

250 to 5,000 or more users

multiple physical locations, multiple domain controllers

network services and resources such as messaging, databases, file and print, firewalls, Internet access, an intranet, Public Key Infrastructure, remote access, remote desktop, virtualization, and client computer management

connectivity requirements such as connecting branch offices and individual users in remote locations to corporate resources, and connecting corporate networks

Required Exams

Windows Server 2008 Active Directory, Configuring - 70-640

About SecureNinja

SecureNinja Training is the DC’s Area’s #1 Expert IT Training Center . We are conveniently located in beautiful Historic Old Town Alexandria, VA enhancing your training experience and featuring:

Metro Accessibility - Short walk from Metro Blue/Yellow Line (leave the car behind) 4 minute Drive to Ronald Reagan Washington National Airport

Available Parking

World class restaurants and shops at your footsteps

Closest Expert IT & IT Security Training Center to Fort Belvoir, Boiling AFB, Fort Myer, Department of Homeland Security, US Department of Navy, US Coast Guard, Fort McNair, Washington Navy Yard and the Pentagon

Why Choose SecureNinja for your Washington DC Expert IT

Training?

Expert Instructors Highest Pass Rates

Choose from Day, Evening & Weekend Classes to meet your busy schedule Accelerated Boot Camps Save You Time And Money

Personal 1-1 Mentoring

Paid Internships & Job Referrals!

Meet Your DoD 8570-1 Certification Needs. Get Compliant!

SecureNinja is the ONLY Testing Center that offers ALL 5 industry standard test

(5)

vendors in the DC / Baltimore Metropolitan Area. (Prometric, VUE, Kryterion-Online, Certiport and Impact-Testing)

Lowest Prices! We are locally based keeping our overhead low so we can pass the savings along to you

References

Download now ( PDF - 5 Page - 402.62 KB )

Related documents

Microsoft AD CS and OCSP nshield HSM Integration Guide for Microsoft Windows Server

Install Microsoft Active Directory Certificate Services as described in Install and configure AD CS with Windows Server Enterprise , with the following settings:.. ◦ In the Private

Identity Server Guide Access Manager 4.0

You need to configure the Identity Server to use the Active Directory server as a user store, configure a Kerberos authentication class, method, and contract, create a

Comparative water pricing analysis: Duality formal-informal in a CGE model for Senegal

Finally the demand for drinking water via other modes of provisioning (no private connection), disaggregates in a request for drinking water via the public fountains (standposts) of

Transcending History’s Heavy Hand: The Future in Economic Action

Extending the micro-foundations of economic sociology and political economy with a sociological concept of expectations can help to specify how and when social structures

Enterprise Single Sign-On 8.0.3

On the Select Server Roles page, in the Roles list, select the Active Directory Lightweight Directory Services check box, and then click Next.. Finish adding the AD LDS server

Discovery Guide. Secret Server. Table of Contents

Active Directory Discovery allows Secret Server to scan for Active Directory (AD) machines, local Windows accounts and dependencies on an AD domain.. Secret Server will first

Citrix Presentation Server Administrator s Guide. Citrix Presentation Server TM 4.5 for Windows

Therefore, when you install Citrix Presentation Server on servers that belong to an Active Directory domain and configure the group policies above in Active Directory, those

A Multidimensional Model of Venture Growth

Competencies. Technical and industry-specific competencies should receive more research atten- tion in entrepreneurship settings because the do- main they reflect,