Installing
& Configuring Windows XP Professional (70-270)
Installing
Windows XP Professional
Perform
and troubleshoot an attended installation of Windows XP Professional.
Perform and troubleshoot an unattended installation
of Windows XP Professional. Install Windows
XP Professional by using Remote Installation Services (RIS). Install
Windows XP Professional by using the System Preparation Tool.
Create unattended answer files by using Setup Manager to automate
the installation of Windows XP Professional.
Upgrade from a previous version of Windows to Windows
XP Professional. Prepare a computer to meet upgrade requirements.
Migrate existing user environments to a new
installation. Perform post-installation updates and product activation.
Troubleshoot failed installations.
Configuring and Troubleshooting the Desktop Environment
Configure
and manage user profiles and desktop settings. Create users and
configure user environment by user profiles.
Configure users for various roles. Configure
and manage groups. Configure support for multiple languages or multiple
locations. Enable multiple-language support. Configure multiple-language
support for users. Configure local settings.
Configure Windows XP Professional for multiple
locations. Manage applications by using Windows Installer packages.
Configure Internet and Remote Access and
VPN connectivity.
Implementing and Conducting Administration of Resources
Monitor,
manage, and troubleshoot access to files and folders. Configure,
manage, and troubleshoot file compression. Control
access to files and folders by using permissions.
Optimize access to files and folders. Manage and troubleshoot
access to shared folders. Create and remove
shared folders. Control access to shared folders
by using permissions. Manage and troubleshoot Web server resources.
Connect to local and network print devices. Manage printers and
print jobs. Control access to printers by using
permissions. Connect to an Internet printer.
Connect to a local print device. Configure and manage file systems.
Convert from one file system to another file
system. Configure NTFS, FAT32, or FAT file systems.
Manage and troubleshoot access to and synchronization of offline
files.
Implementing, Managing, Monitoring, and Troubleshooting Hardware
Devices and Drivers
Implement,
manage, and troubleshoot disk devices. Install, configure, and
manage DVD and CD-ROM devices. Monitor and configure
disks. Monitor, configure, and troubleshoot
volumes. Monitor and configure removable media, such
as tape devices. Implement, manage, and troubleshoot display devices.
Configure multiple-display support. Install,
configure, and troubleshoot a video adapter.
Configure Advanced Configuration Power Interface (ACPI). Implement,
manage, and troubleshoot input and output (I/O)
devices. Monitor, configure, and troubleshoot
I/O devices, such as printers, scanners, multimedia devices, mouse,
keyboard, and smart card reader. Monitor, configure,
and troubleshoot multimedia hardware, such as
cameras. Install, configure, and manage modems. Install, configure,
and manage Infrared Data Association (IrDA) devices. Install,
configure, and manage wireless devices. Install,
configure, and manage USB devices. Install,
configure, and manage hand held devices. Install, configure, and
manage network adapters. Manage and troubleshoot
drivers and driver signing. Monitor and configure
multiprocessor computers.
Monitoring and Optimizing System Performance and Reliability
Monitor,
optimize, and troubleshoot performance of the Windows XP Professional
desktop. Optimize and troubleshoot memory performance.
Optimize and troubleshoot processor utilization.
Optimize and troubleshoot disk performance. Optimize
and troubleshoot application performance.
Configure,
manage, and troubleshoot Scheduled Tasks. Manage, monitor, and
optimize system performance for mobile users.
Restore and back up the operating system, System
State data, and user data. Recover System State data and user
data by using Windows Backup. Troubleshoot system
restoration by starting in safe mode. Recover
System State data and user data by using the Recovery console.
Implementing, Managing, and Troubleshooting Network Protocol Services
Configure
and troubleshoot the TCP/IP protocol. Connect to computers by
using dial-up networking. Connect to computers
by using a virtual private network (VPN) connection.
Create a dial-up connection to connect to a remote access server.
Connect to the Internet by using dial-up networking. Configure
and troubleshoot Internet Connection Sharing
(ICS). Connect to resources by using Internet
Explorer. Configure, manage, and implement Internet Information
Services (IIS). Configure, manage, and troubleshoot
Remote Desktop and Remote Assistance. Configure,
manage, and troubleshoot an Internet Connection Firewall (ICF).
Managing
Windows Server 2003 Server (70-290)
Managing and Maintaining Physical and Logical Devices
Tools
might include Device Manager, the Hardware Troubleshooting Wizard,
and appropriate Control Panel items.
Manage basic disks and dynamic disks.
Optimize
server disk performance.
Implement a RAID solution
De-fragment
volumes and partitions.
Monitor and Troubleshoot server hardware devices.
Install
and configure server hardware devices.
Configure driver-signing options.
Configure
device properties and resource settings for a device.
Diagnose
and resolve issues related to server hardware settings and hardware
device driver upgrades.
Managing
Users, Computers, and Groups
Manage
local, roaming, and mandatory user profiles.
Create and manage computer accounts in an Active Directory environment.
Create and manage groups. Identify and modify the scope of a group.
Find domain groups in which a user is a member. Manage group membership.
Create and modify groups by using the Active Directory Users and
Computers Microsoft Management Console (MMC)
snap-in.
Create and modify groups by using automation.
Create
and manage user accounts. Import user accounts.
Create and modify user accounts by using the Active Directory Users
and Computers
Managing and Maintaining Access to Resources
Troubleshoot user authentication issues.
Troubleshoot Terminal Services.
Diagnose and resolve issues related to Terminal Services security.
Diagnose and resolve issues related to client access to Terminal
Services.
Configure access to shared folders. Manage shared folder permissions.
Configure file system permissions.
Verify effective permissions when granting permissions.
Change ownership of files and folders.
Troubleshoot access to files and shared folders.
Troubleshoot print queues.
Manage a Web server. Manage Internet Information Services (IIS).
Manage security for IIS.
Managing and Maintaining a Server Environment
Monitor and analyze events. Tools might include Event Viewer and
System Monitor.
Manage software update infrastructure. Manage software site licensing.
Manage servers remotely. Manage a server by using Remote Assistance.
Manage a server by using Terminal Services remote administration
mode
Manage a server by using available support tools.
Monitor system performance.
Monitor file and print servers. Tools might include Task Manager,
Event Viewer, and System Monitor.
Monitor
disk quotas. Monitor print queues. Monitor server hardware for bottlenecks.
Monitor
and optimize a server environment for application performance.
Monitor
memory performance objects.
Monitor
network performance objects.
Monitor
process performance objects.
Managing
and Implementing Disaster Recovery
Perform
system recovery for a server.
Implement
Automated System Recovery (ASR).
Restore
data from shadow copy volumes.
Back
up files and System State data to media.
Configure
security for backup operations.
Manage
backup procedures.
Verify
the successful completion of backup jobs.
Manage
backup storage media.
Recover
from server hardware failure.
Restore
backup data. Schedule backup jobs
Planning
Windows 2003 Server Network Infrastructure (70-291)
Implementing,
Managing, and Maintaining IP Addressing
Configure
TCP/IP addressing on a server computer. Manage DHCP. Manage DHCP
clients and leases. Manage DHCP Relay Agent.
Manage DHCP databases. Manage DHCP scope options.
Manage reservations and reserved clients. Troubleshoot TCP/IP
addressing. Diagnose and resolve issues related to Automatic Private
IP Addressing (APIPA). Diagnose and resolve
issues related to incorrect TCP/IP configuration.
Troubleshoot DHCP. Diagnose and resolve issues related to DHCP
authorization. Verify DHCP reservation configuration.
Examine the system event log and DHCP server
audit log files to find related events. Diagnose and resolve issues
related to configuration of DHCP server and scope options. Verify
that the DHCP Relay Agent is working correctly.
Verify database integrity.
Implementing, Managing, and Maintaining Name Resolution
Install
and configure the DNS Server service. Configure DNS server options.
Configure DNS zone options. Configure DNS forwarding.
Configure DNS caching only.
Manage DNS. Manage DNS zone settings. Manage DNS record settings.
Manage DNS server options. Manage DNS zone options.
Monitor
DNS. Tools might include System Monitor, Event Viewer, Replication
Monitor, and DNS debug logs
Implementing, Managing, and Maintaining Routing and Remote Access
Configure
Routing and Remote Access user authentication. Configure remote
access authentication protocols. Configure Internet
Authentication Service (IAS) to provide authentication
for Routing and Remote Access clients. Configure Routing
and Remote Access policies to permit or deny access. Manage remote
access. Manage packet filters. Manage Routing
and Remote Access routing interfaces. Manage
devices and ports. Manage routing protocols. Manage Routing and
Remote Access clients. Manage TCP/IP routing. Manage routing protocols.
Manage routing tables. Manage routing ports.
Implement secure access between private networks.
Troubleshoot user access to remote access services. Diagnose and
resolve issues related to remote access VPNs. Diagnose and resolve
issues related to establishing a remote access
connection. Diagnose and resolve user access
to resources beyond the remote access server. Troubleshoot Routing
and Remote Access routing. Troubleshoot demand-dial
routing. Troubleshoot router- to-router
VPNs.
Implementing, Managing, and Maintaining Network Infrastructure
and Security
Implement
secure network administration procedures. Implement security baseline
settings and audit security settings by using
security templates. Implement the principle
of least privilege. Install and configure software update infrastructure.
Install and configure software update services.
Install and configure automatic client update
settings. Configure software updates on earlier operating systems.
Monitor network protocol security. Tools might
include the IP Security Monitor Microsoft Management
Console (MMC) snap-in and Kerberos support tools. Troubleshoot
network protocol security. Tools might include the IP Security
Monitor MMC snap-in, Event Viewer, and Network
Monitor. Monitor network traffic. Tools might
include Network Monitor and System Monitor. Troubleshoot connectivity
to the Internet. Troubleshoot server services. Diagnose and resolve
issues related to service dependency. Use service
recovery options to diagnose and resolve service-related
issues
Planning
Windows 2003 Server Network Infrastructure (70-293)
Planning
and Implementing Server Roles and Server Security
Configure
security for servers that are assigned specific roles. Plan a
secure baseline installation. Plan a strategy
to enforce system default security settings on
new systems. Identify client operating system default security
settings. Identify all server operating system
default security settings. Plan security for servers
that are assigned specific roles. Roles might include domain controllers,
Web servers, database servers, and mail servers.
Deploy the security configuration for servers
that are assigned specific roles. Create custom security templates
based on server roles. Evaluate and select the operating system
to install on computers in an enterprise. Identify
the minimum configuration to satisfy security
requirements.
Planning, Implementing, and Maintaining a Network Infrastructure
Plan
a TCP/IP network infrastructure strategy. Analyze IP addressing
requirements. Plan an IP routing solution. Create
an IP subnet scheme. Plan and modify a network
topology. Plan the physical placement of network resources. Identify
network protocols to be used. Plan an Internet connectivity strategy.
Troubleshoot connectivity to the Internet. Troubleshoot
TCP/IP addressing. Diagnose and resolve issues
related to Network Address Translation (NAT). Diagnose
and resolve issues related to name resolution cache information
Diagnose
and resolve issues related to client configuration. Diagnose and
resolve issues related to client computer configuration.
Diagnose and resolve issues related to DHCP
server address assignment. Plan a host name resolution strategy.
Plan a DNS namespace design. Plan zone replication
requirements. Plan a forwarding configuration.
Plan for DNS security. Examine the interoperability of DNS
with third-party DNS solutions. Plan a NetBIOS name resolution
strategy. Plan a WINS replication strategy.
Plan NetBIOS name resolution by using the Lmhosts
file. Troubleshoot host name resolution. Diagnose and resolve
issues related to DNS services. Diagnose and
resolve issues related to client computer configuration
Planning,
Implementing, and Maintaining Routing and Remote Access
Plan
a routing strategy. Plan routing for IP multicast traffic. Identify
routing protocols to use in a specified environment.
Plan security for remote access users. Plan
remote access policies. Analyze protocol security requirements.
Plan authentication methods for remote access
clients. Implement secure access between private
networks. Create and implement an IPSec policy. Troubleshoot TCP/IP
routing. Tools might include the route, tracert, ping, pathping,
and netsh commands and Network Monitor.
Planning,
Implementing, and Maintaining Server Availability
Configure
Active Directory service for certificate publication. Plan a public
key infrastructure (PKI) that uses Certificate
Services. Identify the appropriate type of certificate
authority to support certificate issuance requirements. Plan the
enrollment and distribution of certificates.
Plan for the use of smart cards for authentication.
Plan a framework for planning and implementing security. Plan
for security monitoring. Plan a change and configuration
management framework for security. Plan a security
update infrastructure. Tools might include Microsoft Baseline
Security Analyzer and Microsoft Software Update Services. Plan
network traffic monitoring. Tools might include
Network Monitor and System Monitor.
Planning
& Implementing Active Directory Infrastructure (70-294)
Planning
and Implementing an Active Directory Infrastructure
Plan
a strategy for placing global catalog servers. Evaluate network
traffic considerations when placing global catalog
servers. Evaluate the need to enable universal
group caching. Plan flexible operations master role placement.
Plan for business continuity of operations master
roles. Identify operations master role dependencies.
Implement an Active Directory service forest and domain structure.
Create the forest root domain. Create a child domain. Create and
configure Application Data Partitions. Install
and configure an Active Directory domain controller.
Set an Active Directory forest and domain functional level based
on requirements. Establish trust relationships. Types of trust
relationships might include external trusts,
shortcut trusts, and cross-forest trusts. Implement an
Active Directory site topology. Configure site links. Configure
preferred bridgehead servers.
Managing and Maintaining an Active Directory Infrastructure
Manage
an Active Directory forest and domain structure. Manage trust
relationships. Manage schema modifications.
Add or remove a UPN suffix. Manage an Active
Directory site. Configure site boundaries. Configure replication
schedules. Configure site link costs.
Monitor
Active Directory replication failures. Tools might include Replication
Monitor, Event Viewer, and support tools. Monitor
Active Directory replication. Monitor File Replication
service (FRS) replication. Restore Active Directory services.
Perform an authoritative restore operation. Perform a non-authoritative
restore operation. Troubleshoot Active Directory.
Diagnose and resolve issues related to Active
Directory replication. Diagnose and resolve issues related to
operations master role failure. Diagnose and
resolve issues related to the Active Directory
database.
Planning
and Implementing User, Computer, and Group Strategies
Plan
Group Policy strategy. Plan a Group Policy strategy by using Resultant
Set of Policy (RSoP) Planning mode. Plan a strategy
for configuring the user environment by using
Group Policy. Plan a strategy for configuring the computer environment
by using Group Policy. Configure the user environment
by using Group Policy. Distribute software by
using Group Policy. Automatically enroll user certificates by
using Group Policy. Redirect folders by using
Group Policy. Configure user security settings
by using Group Policy. Deploy a computer environment by using
Group Policy. Distribute software by using Group
Policy. Automatically enroll computer certificates
by using Group Policy. Configure computer security settings by
using Group Policy. Managing and Maintaining
Group Policy Troubleshoot issues related to
Group Policy application deployment. Tools might include RSoP
and the gpresult command. Maintain installed
software by using Group Policy. Distribute updates to software
distributed by Group Policy. Configure automatic updates for network
clients by using Group Policy. Troubleshoot
the application of Group Policy security settings.
Tools might include RSoP and the gpresult command.
Designing
Active Directory & Network Infrastructure (70-297)
Creating
the Conceptual Design by Gathering and Analyzing Business and
Technical Requirements
Environment.
Analyze current network administration model. Analyze network
requirements. Analyze DNS for Active Directory
service implementation. Analyze the current
DNS infrastructure. Analyze the current namespace. Analyze existing
network operating system implementation. Identify
the existing domain model. Identify the number
and location of domain controllers on the network. Identify the
configuration details of all servers on the network
Analyze
security requirements for the Active Directory service. Analyze
current security policies, standards, and procedures.
Identify the impact of Active Directory on the
current security infrastructure. Identify the existing trust relationships.
Identify
constraints in the current network infrastructure. Interpret current
baseline performance requirements for each major
subsystem. Analyze the impact of the infrastructure
design on the existing technical
Design the Active Directory and Network Services infrastructure
to meet business and technical requirements
Create
the conceptual design of the Active Directory forest structure.
Design the Active Directory replication strategy.
Create the conceptual design of the organizational
unit (OU) structure. Create the conceptual design of the DNS infrastructure.
Create the conceptual design of the WINS infrastructure. Create
the conceptual design of the DHCP infrastructure.
Creating the Logical Design for an Active Directory
Infrastructure Design an OU structure. Identify the Group Policy
requirements for the OU structure. Design an OU structure for
the purpose of delegating authority. Design
a security group strategy. Define the scope of a security
group to meet requirements.
Define
user roles. Design a user and computer authentication strategy.
Identify common authentication requirements.
Select authentication mechanisms.
Design
a user and computer account strategy. Specify account policy requirements.
Specify account requirements for users, computers, administrators,
and services. Design an Active Directory naming
strategy.
Identify
NetBIOS naming requirements. Design migration paths to Active
Directory. Define whether the migration will
include an in-place upgrade, domain restructuring,
or migration to a new Active Directory environment.
Design
the administration of Group Policy objects (GPOs).
Creating
the Logical Design for a Network Services Infrastructure
Design
a DNS name resolution strategy. Create the namespace design. Identify
DNS interoperability with Active Directory,
WINS, and DHCP. Specify zone requirements. Specify
DNS security. Design a DNS strategy for interoperability with
UNIX Berkeley Internet Name Domain (BIND) to support Active Directory.
Design a NetBIOS name resolution strategy. Design
a WINS replication strategy
Design
security for remote access users.
Design
remote access policies. Specify logging and auditing settings.
Design a DNS service implementation. Design
a strategy for DNS zone storage. Specify the use
of DNS server options. Identify the registration requirements
of specific DNS records. Design a remote access
strategy. Specify the remote access method. Specify
the authentication method for remote access. Design an IP address
assignment strategy. Specify DHCP integration
with DNS infrastructure. Specify DHCP interoperability
with client types.
Creating
the Physical Design for an Active Directory and Network Infrastructure
Design
DNS service placement. Design an Active Directory implementation
plan. Design the placement of domain controllers
and global catalog servers. Plan the placement
of flexible operations master roles. Select the domain controller
creation process. Specify the server specifications
to meet system requirements. Design Internet
connectivity for a company. Design a network and routing topology
for a company. Design a TCP/IP addressing scheme through the use
of IP subnets. Specify the placement of routers.
Design IP address assignment by using DHCP.
Design a perimeter network. Design the remote access infrastructure.
Plan capacity. Ascertain network settings required
to access resources. Design for availability,
redundancy, and survivability.
Skills
measured by exam (70-298)
Creating
the Conceptual Design for Network Infrastructure Security by Gathering
and Analyzing Business and Technical Requirements
Analyze business requirements for designing security. Considerations
include existing policies and procedures, sensitivity of data, cost,
legal requirements, end-user impact, interoperability, maintainability,
scalability, and risk.
Analyze existing security policies and procedures.
Analyze the organizational requirements for securing data.
Analyze the security requirements of different types of data.
Analyze risks to security within the current IT administration structure
and security practices.
Design a framework for designing and implementing security. The
framework should include prevention, detection, isolation, and recovery.
Predict threats to your network from internal and external sources.
Design a process for responding to incidents.
Design segmented networks.
Design a process for recovering services.
Analyze technical constraints when designing security.
Identify capabilities of the existing infrastructure.
Identify technology limitations.
Analyze interoperability constraints.
Creating the Logical Design for Network Infrastructure Security
Design a public key infrastructure (PKI) that uses Certificate Services.
Design a certification authority (CA) hierarchy implementation.
Types include geographical, organizational, and trusted.
Design enrollment and distribution processes.
Establish renewal, revocation and auditing processes.
Design security for CA servers.
Design a logical authentication strategy.
Design certificate distribution.
Design forest and domain trust models.
Design security that meets interoperability requirements.
Establish account and password requirements for security.
Design security for network management.
Manage the risk of managing networks.
Design the administration of servers by using common administration
tools. Tools include Microsoft Management Console (MMC), Terminal
Server, Remote Desktop for Administration, Remote Assistance, and
Telnet.
Design security for Emergency Management Services.
Design a security update infrastructure.
Design a Software Update Services (SUS) infrastructure.
Design Group Policy to deploy software updates.
Design a strategy for identifying computers that are not at the
current patch level.
Creating the Physical Design for Network Infrastructure Security
Design network infrastructure security.
Specify the required protocols for a firewall configuration.
Design IP filtering.
Design an IPSec policy.
Secure a DNS implementation.
Design security for data transmission.
Design security for wireless networks.
Design public and private wireless LANs.
Design 802.1x authentication for wireless networks.
Design user authentication for Internet Information Services (IIS).
Design user authentication for a Web site by using certificates.
Design user authentication for a Web site by using IIS authentication.
Design user authentication for a Web site by using RADIUS for IIS
authentication.
Design security for Internet Information Services (IIS).
Design security for Web sites that have different technical requirements
by enabling only the minimum required services.
Design a monitoring strategy for IIS.
Design an IIS baseline that is based on business requirements.
Design a content management strategy for updating an IIS server.
Design security for communication between networks.
Select protocols for VPN access.
Design VPN connectivity.
Design demand-dial routing between internal networks.
Design security for communication with external organizations.
Design an extranet infrastructure.
Design a strategy for cross-certification of Certificate Services.
Design security for servers that have specific roles. Roles include
domain controller, network infrastructure server, file server, IIS
server, terminal server, and POP3 mail server.
Define a baseline security template for all systems.
Create a plan to modify baseline security templates according to
role.
Designing an Access Control Strategy for Data
Design an access control strategy for directory services.
Create a delegation strategy.
Analyze auditing requirements.
Design the appropriate group strategy for accessing resources.
Design a permission structure for directory service objects.
Design an access control strategy for files and folders.
Design a strategy for the encryption and decryption of files and
folders.
Design a permission structure for files and folders.
Design security for a backup and recovery strategy.
Analyze auditing requirements.
Design an access control strategy for the registry.
Design a permission structure for registry objects.
Analyze auditing requirements.
Creating the Physical Design for Client Infrastructure Security
Design a client authentication strategy.
Analyze authentication requirements.
Establish account and password security requirements.
Design a security strategy for client remote access.
Design remote access policies.
Design access to internal resources.
Design an authentication provider and accounting strategy for remote
network access by using Internet Authentication Service (IAS).
Design a strategy for securing client computers. Considerations
include desktop and portable computers.
Design a strategy for hardening client operating systems.
Design a strategy for restricting user access to operating system
features.
Number
MCSE Exam Description
070-210
Installing,
Configuring, and Administering Microsoft Windows
2000 Professional
070-215
Installing,
Configuring, and Administering Microsoft Windows
2000 Server
070-216
Implementing
and Administering Microsoft Windows 2000 Network Infrastructure
070-217
Implementing
and Administering Microsoft Windows 2000 Directory Services Infrastructure
070-219
Designing
a Microsoft Windows 2000 Directory Services Infrastructure
070-220
Designing
Security for a Microsoft Windows 2000 Network
070-221
Designing
a Microsoft Windows 2000 Network Infrastructure
MCSE
Study material
MCSE
(MICROSOFT CERTIFIED SYSTEM ENGINEER)
4-IN-1 Study System
by Alan R. Carter
The
following topics are general guidelines for the content likely to
be included on
the CCNA exam. However, other related topics may also appear on any
specific
delivery of the exam.
Bridging/Switching
Name and describe
two switching methods
Distinguish between
cut-through and store-and-forward LAN switching.
Describe the operation
of the Spanning Tree Protocol and its benefits.
Describe the benefits
of virtual LANs.
OSI
Reference Model & Layered Communications
Describe
data link and network addresses and identify key differences
between them.
Define
and describe the function of the MAC address.
List
the key internetworking functions for the OSI Network layer.
Identify
at least three reasons why the industry uses a layered model.
Describe
the two parts of network addressing; then identify the parts
in specific protocol address examples.
Define
and explain the five conversion steps of data encapsulation.
