MCSE: 70-297

MCSE 70-297:
Designing a Windows Server 2003 Active Directory and Network Infrastructure

Topic-Level Outline

Days: 5

Prerequisites: A+ certification, Network+ certification or equivalent experience

Unit 1 : Assessment stage I

Topic A: 0 Assessing the technical environment

A-1: Viewing organizational units

A-2: Creating an administrative OU

A-3: Delegating authority

A-4: Examining the current administrative model

A-5: Analyzing new administrative models

Topic B: 0 Service levels

B-1: Discussing SLAs

B-2: Examining existing service levels

Topic C: 0 Hardware and software deployments

C-1: Determining hardware compatibility

C-2: Discussing software inventories

C-3: Discussing hardware and software compatibility

Unit 2 : Assessment stage II

Topic A: 0 The current server infrastructure

A-1: Discussing AD interoperability requirements

A-2: Calculating the number of trust relationships

A-3: Designing Windows Server 2003 domains

A-4: Monitoring performance

Topic B: 0 Assessing DNS

B-1: Discussing namespaces

B-2: Examining the DNS server infrastructure

B-3: Discussing zone configurations and transfers

Topic C: 0 Assessing the physical network

C-1: Analyzing the topology

C-2: Discussing network maps

C-3: Discussing network performance

Topic D: 0 Assessing the impact of proposed designs

D-1: Analyzing the existing infrastructure

D-2: Discussing interoperability

D-3: Examining the physical network

Unit 3 : Designing the Active Directory infrastructure

Topic A: 0 Designing the administrative model

A-1: Assigning a data administrator

A-2: Assigning a service administrator

A-3: Designing for service autonomy

A-4: Designing for data isolation

Topic B: 0 Designing the forest

B-1: Discussing forest design factors

B-2: Designing a forest model

B-3: Discussing ownership, accountability, and change management

Topic C: 0 Designing the domain

C-1: Discussing domain design factors

C-2: Discussing names and hierarchies

C-3: Diagramming a dedicated root domain

C-4: Diagramming a non-dedicated root domain

C-5: Discussing regional and functional domains

C-6: Comparing trees with domains

C-7: Discussing ownership and responsibilities

Topic D: 0 Developing the OU model

D-1: Segregating service admins

D-2: Discussing OU design models and ownership

Topic E: 0 Developing the replication design

E-1: Determining the best path for inter-site replication

E-2: Discussing connection objects and KCC

E-3: Discussing ISTG, SYSVOL, and FRS

E-4: Diagramming the network topology

Unit 4 : Designing for network services

Topic A: 0 Developing DNS designs

A-1: Configuring client computers to use DDNS

A-2: Designing DNS zones

A-3: Planning DNS for faster queries

A-4: Designing for split brain DNS

A-5: Examining Active Directory Integrated zones

A-6: Examining application directory partitions

A-7: Discussing DNS design integration

Topic B: 0 Designing for WINS

B-1: Examining NetBIOS name resolution

B-2: Examining host name resolution

B-3: Installing WINS

B-4: Discussing WINS design features

Topic C: 0 Designing a DHCP approach

C-1: Discussing DHCP basics

C-2: Examining DHCP design principles

C-3: Configuring DDNS on a DHCP server

Topic D: 0 Developing a remote access strategy

D-1: Discussing RRAS design principles

D-2: Discussing RRAS integration

Unit 5 : Designing the logical components

Topic A: 0 Defining standards

A-1: Discussing standards and their scope

A-2: Examining naming standards

Topic B: 0 Defining the forest structure, hierarchy, and naming strategy

B-1: Examining hierarchies in Windows 2003 Server

B-2: Discussing the AD namespace and design

B-3: Discussing migration

Topic C: 0 Defining authentication mechanisms

C-1: Discussing authentication requirements

C-2: Diagramming a trust relationship

Topic D: 0 Designing the OU model

D-1: Delegating control using DDNS on the client

D-2: Planning delegation by function

D-3: Planning delegation by object

D-4: Planning delegation by location

D-5: Discussing ownership and Group Policy

Topic E: 0 Defining the Group Policy object approach

E-1: Installing Group Policy Common Scenarios

E-2: Delegating a GPO to a security group

E-3: Discussing Group Policy delegation

E-4: Setting password policies for a domain

E-5: Examining a GPO for a user

E-6: Examining a GPO for a computer

E-7: Discussing groups and roles

Topic F: 0 Defining replication topology

F-1: Discussing Active Directory replication features

F-2: Collating network data

F-3: Discussing replication topology and diagrams

Unit 6 : Name resolution

Topic A: 0 DNS design

A-1: Discussing namespaces

A-2: Creating a Microsoft Management Console (MMC)

A-3: Creating a zone

A-4: Creating an alias and viewing default permissions

A-5: Viewing SOA properties

A-6: Creating a PTR record

A-7: Creating an MX record

A-8: Configuring root hints in DNS and adding a forwarder

A-9: Discussing zone storage

Topic B: 0 Delegation and security

B-1: Discussing DNS security guidelines

B-2: Discussing DNS security levels and DNS updates

B-3: Discussing DNSSEC

B-4: Configuring a DNS server to work with WINS

Topic C: 0 WINS design

C-1: Discussing WINS

C-2: Viewing WINS replication options

C-3: Discussing WINS optimization

Unit 7 : Remote access and address management

Topic A: 0 Remote access service servers

A-1: Discussing RAS strategies

A-2: Examining the Kerberos authentication process

A-3: Reviewing RIP routing

A-4: Reviewing OSPF routing

A-5: Creating a dialup remote access diagram

A-6: Creating a VPN remote access diagram

A-7: Creating a combined dialup/VPN remote access diagram

A-8: Discussing security policies

A-9: Examining the RADIUS authentication process

A-10: Discussing audit strategies

Topic B: 0 IP address management and DHCP

B-1: Discussing factors affecting DHCP network design

B-2: Reviewing the DHCP-IP negotiation process

B-3: Reviewing the DHCP-IP lease renewal process

B-4: Discussing address assignments

B-5: Creating a fault-tolerant DHCP configuration

B-6: Discussing DNS integration and operability

Unit 8 : Service sizing and placement

Topic A: 0 Planning phase I: Requirements

A-1: Locating a DC

A-2: Identifying ways of physically securing server hardware

A-3: Organizing sites by population

Topic B: 0 Planning phase II: Implementation plan

B-1: Discussing service placement

B-2: Creating a project plan

Topic C: 0 Sizing and availability

C-1: Determining the domain partition size

C-2: Using Active Directory Sizer to calculate users

C-3: Using Active Directory Sizer to calculate computers

C-4: Using Active Directory Sizer for administration

C-5: Discussing Active Directory database fragmentation

C-6: Discussing domain controller specifications

C-7: Identifying member server promotion options

C-8: Discussing DC planning

C-9: Calculating the disk space for a GC server

C-10: Discussing DNS server requirements

Topic D: 0 Flexible single master operations roles

D-1: Discussing FSMO functions and roles

D-2: Discussing FSMO server placement

D-3: Examining failover and recovery options for FSMO servers

D-4: Discussing FSMO roles

Unit 9 : The physical design

Topic A: 0 Networking and routing

A-1: Identifying methods used to connect to the Internet

A-2: Segmenting the intranet from the Internet

A-3: Discussing segmenting

A-4: Creating a network topology diagram

A-5: Determining network segmenting needs

A-6: Configuring a DHCP server with multiple scopes

A-7: Subnetting

A-8: Discussing network perimeter security

Topic B: 0 Designing remote access infrastructures

B-1: Discussing design requirements

B-2: Designing a VPN remote access solution

B-3: Discussing intranet authentication requirements

Topic C: 0 Determining remote access sizing and availability

C-1: Determining the placement of remote access servers

C-2: Examining networking and routing