E-Book, Englisch, 800 Seiten, Web PDF
Piltzecker The Real MCTS/MCITP Exam 70-647 Prep Kit
1. Auflage 2011
ISBN: 978-0-08-087913-0
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
Independent and Complete Self-Paced Solutions
E-Book, Englisch, 800 Seiten, Web PDF
ISBN: 978-0-08-087913-0
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
This exam is designed to validate skills as a Windows Server 2008 Enterprise Administrator. This exam will fulfill the Windows Server 2008 IT Professional requirements of Exam 70-647.
The Microsoft Certified IT Professional(MCITP) on Windows Server 2008 credential is intended for information technology (IT) professionals who work in the complex computing environment of medium to large companies. The MCITP candidate should have at least one year of experience implementing and administering a network operating system in an environment that has the following characteristics: 250 to 5,000 or more users, three or more physical locations, and three or more domain controllers.
A MCITP Enterprise Administrator is responsible for the overall IT environment and architecture, and translates business goals into technology decisions and designs mid-range to long-term strategies. The enterprise administrator is also responsible for infrastructure design and global configuration changes.
* Targeted at MCSE/MCSA upgraders AND new MCITP certification seekers.
* Interactive FastTrack e-learning modules help simplify difficult exam topics
* Two full-function ExamDay practice exams guarantee double coverage of all exam objectives
* Free download of audio FastTracks for use with iPods or other MP3 players
* THE independent source of exam day tips, techniques, and warnings not available from Microsoft
* Comprehensive study guide guarantees 100% coverage of all Microsoft's exam objectives
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;The Real MCITP Exam 647 Windows Server 2008 Enterprise Administrator Prep Kit;4
3;Copyright Page;5
4;Technical Editor;6
5;Lead Author;7
6;Contributing Authors;8
7;Contents;12
8;Foreword;28
9;Chapter 1: Name Resolution and IP Addressing;38
9.1;Introduction;39
9.2;Windows 2008 Name Resolution Methods;39
9.2.1;Developing a Naming Strategy;39
9.2.1.1;Comparing Name Resolution Procedures;40
9.2.2;Internal Names;41
9.2.3;External Names;41
9.3;Domain Name System;42
9.3.1;Host Names;42
9.3.2;Domain Names;42
9.3.3;Fully Qualified Domain Name (FQDN);43
9.3.4;Is DNS Required?;45
9.3.4.1;DNS Queries;46
9.3.5;The DNS Query Process;47
9.3.5.1;Part 1: The Local Resolver;47
9.3.5.2;Part 2: Querying a DNS Server;48
9.3.6;Query Response Types;51
9.3.7;DNS Resource Records;52
9.3.8;DNS Zones;54
9.3.9;Non Active Directory-Integrated Zones;56
9.3.10;Zones Integrated with Active Directory;58
9.3.11;Secondary Zones, Stub Zones, and Condition Forwarding;60
9.3.12;The GlobalNames Zone;60
9.3.13;DNS Design Architecture;61
9.3.13.1;Split-Brain Design: Same Internal and External Names;61
9.3.13.2;Separate Name Design: Different External and Internal Names;63
9.4;DNS Server Implementation;64
9.4.1;DNS Dynamic Updates and Security;69
9.4.2;Creating Zones and Host Records;70
9.4.3;Setting Aging and Scavenging;72
9.4.4;Configuring DNS Client Settings;75
9.4.5;Setting Computer Names;76
9.4.6;NetBIOS Names Accommodation;77
9.4.6.1;Setting the Primary DNS Suffix;77
9.4.6.2;Setting Connection-Specific DNS Suffixes;77
9.4.7;The DNS Resolver Cache;80
9.4.7.1;Nslookup;81
9.5;Integration with WINS;81
9.5.1;The HOSTS File;83
9.5.2;Configuring Information for WINS Clients;85
9.5.3;WINS Name Registration and Cache;88
9.5.4;Setting Up a WINS Server;89
9.5.5;Configuring WINS Server;90
9.5.6;Configuring Replication Partners;93
9.5.6.1;Specifying Designated Replication Partners;95
9.5.7;Maintaining WINS;97
9.5.7.1;Burst Handling;97
9.5.7.2;Scavenging Records;100
9.5.8;The LMHOSTS File;100
9.6;TCP/IP v4 and v6 Coexistence;102
9.6.1;Features and Differences from IPv4;103
9.7;Summary of Exam Objectives;105
9.8;Exam Objectives Fast Track;106
9.9;Exam Objectives Frequently Asked Questions;111
9.10;Self Test;113
9.11;Self Test Quick Answer Key;117
10;Chapter 2: Designing a Network Access Strategy;118
10.1;Introduction;119
10.2;Network Access Policies;119
10.2.1;Network Access Methods;120
10.2.1.1;Local Network Access;121
10.2.1.2;Remote Network Access;122
10.2.2;RADIUS Server;122
10.2.2.1;RADIUS Components;124
10.2.3;Network Policy and Access Services;126
10.2.4;NAP Client Components;129
10.2.5;Network Policy Server;131
10.2.5.1;Designing a Network for NAP;140
10.2.6;RADIUS Proxy Server;141
10.3;Remote Access Strategies;142
10.3.1;Terminal Services for Server 2008;142
10.3.1.1;New Roles;150
10.3.1.2;Developing a Terminal Services Remote Access Strategy;152
10.3.1.3;The Corporate Desktop;153
10.3.1.4;RemoteApp Programs;154
10.3.1.5;Terminal Services Licensing;159
10.3.2;Installing a Terminal Service Licensing Server;159
10.3.2.1;Installing the TS Licensing Role Service on an Existing Terminal Server;160
10.3.2.2;Installing the TS Licensing Role Service on a Separate Server;161
10.3.3;Activating a Terminal Service Licensing Server;162
10.3.3.1;Activating a Terminal Service Licensing Server Using the Automatic Connection Method;163
10.3.3.2;Activating a Terminal Service Licensing Server Using the Web Browser Method;166
10.3.3.3;Activating a Terminal Service Licensing Server Using the Telephone Method;167
10.3.3.4;Establishing Connectivity between Terminal Server and Terminal Services Licensing Server;168
10.3.3.4.1;Using the Terminal Services Configuration Tool to Specify a TS Licensing Server;170
10.3.3.4.2;Publishing a Terminal Services Licensing Server Using TS Licensing Manager;171
10.3.3.5;TS CAL Types;171
10.3.3.6;Locating Terminal Services Licensing Services;172
10.3.3.7;Launching and Using the Remote Desktop Connection Utility;175
10.3.3.8;Configuring the Remote Desktop Connection Utility;176
10.3.3.8.1;The General Tab;176
10.3.3.8.2;The Display Tab;177
10.3.3.8.3;The Local Resources Tab;177
10.3.3.8.4;The Programs Tab;180
10.3.3.8.5;The Experience Tab;180
10.3.3.8.6;The Advanced Tab;182
10.3.3.9;Terminal Services Troubleshooting;182
10.3.3.10;Routing and Remote Access;185
10.3.3.11;Virtual Private Networking;187
10.3.3.11.1;VPN Authentication Protocols;187
10.3.3.11.2;PPTP;189
10.3.3.11.2.1;Prerequisites;189
10.3.3.11.3;Pros;189
10.3.3.11.4;Cons;190
10.3.3.11.5;L2TP/IPSec;190
10.3.3.11.5.1;Prerequisites;190
10.3.3.11.6;Pros;190
10.3.3.11.7;Cons;191
10.3.3.11.8;SSTP;191
10.3.3.11.8.1;Prerequisites;191
10.3.3.11.9;Pros;192
10.3.3.11.10;Cons;192
10.3.3.12;Monitoring and Maintaining NPAS;196
10.4;Working with Perimeter Networks;197
10.4.1;Understanding Perimeter Networks;199
10.4.2;Developing a Perimeter Network Strategy;201
10.4.3;Benefits of Server Core;201
10.4.4;Using Windows Firewall with Advanced Security;203
10.4.4.1;Connection Security Rules;203
10.4.4.2;Firewall Rules;204
10.5;Server and Domain Isolation;206
10.5.1;Benefits of Server Isolation;207
10.5.2;Benefits of Domain Isolation;208
10.5.3;Developing an Isolation Strategy;209
10.6;Summary of Exam Objectives;211
10.7;Exam Objectives Fast Track;212
10.8;Exam Objectives Frequently Asked Questions;215
10.9;Self Test;218
10.10;Self Test Quick Answer Key;221
11;Chapter 3: Active Directory Forests and Domains;222
11.1;Introduction;223
11.1.1;New in Windows Server 2008 Active Directory Domain Services;223
11.2;Designing Active Directory Forests and Domains;230
11.2.1;Factors to Consider When Creating Forest Design Plans;230
11.2.1.1;Business Units;230
11.2.1.2;Schema;231
11.2.1.3;Legal;231
11.2.1.4;Security;231
11.2.1.5;Namespaces;231
11.2.1.6;Timelines;232
11.2.1.7;Administrative Overhead;232
11.2.1.8;Testing Environments;233
11.2.2;Creating a Design Plan;233
11.2.3;The Forest Structure;236
11.2.3.1;The Active Directory Domain Services (AD DS) Logical Design Structure;236
11.2.3.2;Active Directory Forest;237
11.2.3.3;Active Directory Tree;238
11.2.3.4;Active Directory Domain;238
11.2.3.5;Organizational Units (OU);239
11.2.4;The Active Directory Domain Services (AD DS) Physical Design Structure;241
11.2.4.1;Domain Controllers;241
11.2.4.2;Sites and Site Links;241
11.2.4.3;Subnets;242
11.2.5;Creating the Forest Root Domain;243
11.2.6;Forest and Domain Function Levels;246
11.2.7;Upgrading Your Forest;250
11.2.7.1;Windows 2000 Native Mode Active Directory to Windows Server 2008 AD DS;250
11.2.7.2;Windows Server 2003 Forest to Windows Server 2008;251
11.2.7.3;New Forest;252
11.2.8;Intra-Organizational Authorization and Authentication;252
11.2.9;Schema Modifications;255
11.3;Designing an Active Directory Topology;257
11.3.1;Server Placement;259
11.3.1.1;Determining the Placement of the Forest Root Domain Controllers;259
11.3.1.2;Determining the Placement of the Regional Domain Controllers;259
11.3.1.3;Determining the Placement of the Operations Masters;261
11.3.1.4;Placement of the PDC Emulator;262
11.3.1.5;Placement of the Infrastructure Master;262
11.3.1.6;Planning for Networks with Limited Connectivity;263
11.3.1.7;Determining the Placement of Global Catalog Servers;265
11.3.1.8;Creating the Site Link Objects;268
11.3.1.9;Site Link Bridge Design;270
11.3.1.10;Creating the Site Objects;271
11.3.1.11;Creating the Subnet Objects;272
11.3.2;Printer and Location Policies;272
11.4;Designing an Active Directory Administrative Model;276
11.4.1;Delegation;277
11.4.2;Group Strategy;278
11.4.3;Compliance Auditing;282
11.4.3.1;Global Audit Policy;284
11.4.3.2;SACL;284
11.4.3.3;Schema;285
11.5;Summary of Exam Objectives;286
11.6;Exam Objectives Fast Track;287
11.7;Exam Objectives Frequently Asked Questions;290
11.8;Self Test;291
11.9;Self Test Quick Answer Key;297
12;Chapter 4: Designing an Enterprise-Level Group Policy Strategy;298
12.1;Introduction;299
12.2;Understanding Group Policy Preferences;299
12.2.1;ADMX/ADML Files;302
12.2.2;Understanding Group Policy Objects;305
12.2.3;Deciding Which Domain Controller Will Process GPOs;307
12.2.4;Group Policy Processing over Slow Links;310
12.2.5;Group Policy Processing over Remote Access Connections;312
12.2.6;Group Policy Background Refresh Interval;312
12.2.7;Backing Up and Restoring GPOs;313
12.2.8;User Policies;316
12.2.9;Software Installation;317
12.2.10;Security Settings;318
12.2.11;Folder Redirection Settings;319
12.2.12;Logon and Logoff Scripts;321
12.2.13;Administrative Templates;323
12.2.14;Computer Policies;324
12.2.15;Software Installation;325
12.2.16;Restricted Groups;326
12.2.17;Windows Firewall with Advanced Security;327
12.2.18;Policy-Based Quality of Service;328
12.2.19;Startup and Shutdown Scripts;330
12.2.20;Administrative Templates;331
12.2.21;GPO Templates;332
12.2.22;Starter GPOs;332
12.3;Linking GPOs to Active Directory Objects;333
12.3.1;Linking GPOs;333
12.3.2;GPO Conflicts;334
12.3.3;RSoP;337
12.3.4;Managing Group Policy with Windows PowerShell;340
12.3.5;OU Hierarchy;343
12.4;Understanding Group Policy Hierarchy and Scope Filtering;344
12.4.1;Understanding Group Policy Hierarchies;344
12.4.2;Understanding Scope Filtering;345
12.4.2.1;Scope Filtering: Permissions;345
12.4.3;Scope Filtering: WMI Filters;347
12.5;Controlling Device Installation;349
12.5.1;Controlling Device Installation by Computer;349
12.5.1.1;Allowing/Preventing Installation of Devices Using Drivers That Match These Device Setup Classes;350
12.5.1.2;Display a Custom Message When Installation Is Prevented by Policy (Balloon Text/Title);350
12.5.1.3;Allowing/Preventing Installation of Devices That Match Any of These Device IDs;350
12.5.1.4;Preventing Installation of Removable Devices;351
12.5.1.5;Preventing Installation of Devices Not Described by Any Other Policy Setting;351
12.5.2;Controlling Device Installation by User;351
12.6;Summary of Exam Objectives;352
12.7;Exam Objectives Fast Track;352
12.8;Exam Objectives Frequently Asked Questions;355
12.9;Self Test;357
12.10;Self Test Quick Answer Key;362
13;Chapter 5: Designing Identity and Access Management;364
13.1;Introduction;365
13.2;Planning for Migration, Upgrades, and Restructuring;366
13.2.1;Knowing When to Restructure;390
13.2.1.1;Intra-Forest Domain Restructure;391
13.2.1.2;Intra-Forest Upgrade and Restructure;394
13.2.2;Cross-Forest Authentication;396
13.2.3;Implementation Planning;397
13.3;Planning for Interoperability;397
13.3.1;Interorganizational Strategies;398
13.3.1.1;Active Directory Federation Services;398
13.3.2;What Is Federation?;399
13.3.2.1;Why and When to Use Federation;399
13.3.2.2;Prerequisites for ADFS;401
13.3.3;Configuring ADFS;401
13.3.4;Application Authorization Interoperability;413
13.3.4.1;Using Active Directory Lightweight Directory Services to Provide Authentication and Authorization to Extranet Users;413
13.3.4.2;When to Use AD LDS;414
13.3.5;Changes from Active Directory Application Mode (ADAM);414
13.3.6;Configuring AD LDS;415
13.3.6.1;Working with AD LDS;418
13.3.7;Cross-Platform Interoperability;420
13.3.7.1;File System Paths and Permissions on Unix Systems;420
13.3.7.2;Authentication on Unix Systems;421
13.3.7.2.1;Network Information System;421
13.3.7.2.2;NIS+;422
13.3.7.3;Network File System (NFS);425
13.4;Summary of Exam Objectives;432
13.5;Exam Objectives Fast Track;434
13.6;Exam Objectives Frequently Asked Questions;436
13.7;Self Test;438
13.8;Self Test Quick Answer Key;441
14;Chapter 6: Designing a Branch Office Deployment;442
14.1;Introduction;443
14.1.1;The Branch Office Challenge;443
14.1.1.1;Network Bandwidth;443
14.1.1.2;Security;443
14.1.1.3;Backup and Restore;444
14.1.1.4;Hub-and-Spoke Topology;445
14.2;Developing an Authentication Strategy;446
14.2.1;Centralized Account Administration;446
14.2.2;Single Sign-on;446
14.2.3;Kerberos Authentication;447
14.2.4;Password Policies;447
14.2.5;When to Place a Domain Controller in a Remote Office;448
14.2.5.1;Number of Group Policies;448
14.2.5.2;Logon Scripts;448
14.2.5.3;User Population;448
14.2.5.4;Domain Controller Physical Security;449
14.2.5.5;On-Site Technical Expertise Availability;449
14.2.5.6;Authentication Availability;449
14.2.5.7;WAN Link Speed and Bandwidth Utilization;449
14.2.5.8;Bandwidth and Network Traffic Considerations;449
14.2.6;Placing a Global Catalog Server in a Remote Office;451
14.2.6.1;Universal Group Membership Caching;452
14.2.7;Full Domain Controller vs. Read-Only Domain Controller;453
14.3;Using BitLocker;454
14.3.1;Trusted Platform Modules;454
14.3.1.1;A Practical Example;455
14.3.2;Introduction to BitLocker;455
14.3.2.1;Full Volume Encryption;456
14.3.2.2;Startup Process Integrity Verification;456
14.3.2.3;Recovery Mechanisms;457
14.3.2.4;Remote Administration;458
14.3.2.5;Secure Decommissioning;458
14.3.2.6;BitLocker Architecture;459
14.3.2.7;Keys Used for Volume Encryption;460
14.3.2.8;Hardware Upgrades on BitLocker-Protected Systems;461
14.3.2.9;BitLocker Authentication Modes;461
14.3.2.9.1;TPM Only;462
14.3.2.9.2;TPM with PIN Authentication;462
14.3.2.9.3;TPM with Startup Key Authentication;462
14.3.2.9.4;Startup Key-Only;463
14.3.3;When to Use BitLocker on a Windows 2008 Server;463
14.3.3.1;Support for Multifactor Authentication on Windows Server 2008;463
14.3.3.1.1;PIN Authentication;464
14.3.3.1.2;Startup Key Authentication;464
14.3.4;Enabling BitLocker;464
14.3.4.1;Partitioning Disks for BitLocker Usage;464
14.3.4.2;Installing the BitLocker on Windows Server 2008;466
14.3.4.3;Turning on BitLocker;468
14.3.4.4;Enable BitLocker Support for TPM-less Operation;471
14.3.4.5;Turning on BitLocker on Systems without a TPM;472
14.3.4.6;Administration of BitLocker;474
14.3.4.7;Using Group Policy with BitLocker;474
14.3.4.8;Storing BitLocker and TPM Recovery Information in Active Directory;476
14.3.4.8.1;Storage of BitLocker Recovery Information in Active Directory;477
14.3.4.8.2;Storage of TPM Information in Active Directory;478
14.3.4.8.3;Prerequisites;478
14.3.4.8.4;Extending the Schema;479
14.3.4.8.5;Setting Required Permissions for Backing Up TPM Passwords;481
14.3.4.8.6;Configuring Group Policy to Enable BitLocker and TPM Backup to Active Directory;481
14.3.4.9;Recovering Data;482
14.3.4.10;Disabling BitLocker;484
14.4;Configuring Read-Only Domain Controllers;484
14.4.1;Purpose;485
14.4.2;Features;485
14.4.3;Credential Caching;486
14.4.3.1;Password Changes on an RODC?;487
14.4.4;RODCs and Kerberos Ticket Account;487
14.4.5;Read-Only Domain Name System;489
14.4.6;Installing an RODC;489
14.4.7;Installation of an RODC;491
14.4.7.1;Prestaging RODC Computer Accounts;494
14.4.7.2;Full Server Installation vs. Server Core Installation;497
14.4.8;Configuring an RODC;501
14.4.8.1;Examining Cached Credentials;505
14.4.8.1.1;To Export a List of Cached Accounts;506
14.4.8.2;Where Is a Password Replication Policy Stored?;506
14.4.8.3;Designing Password Replication Policies;507
14.4.8.3.1;No Account Caching;508
14.4.8.3.2;Full Account Caching;508
14.4.8.3.3;Branch-specific Caching;509
14.4.8.4;Role Separation;509
14.4.8.4.1;Configuring Role Separation;511
14.4.9;Remote Administration;511
14.4.9.1;Remote Desktop for Administration;512
14.4.9.2;Remote Server Administration Tools;512
14.4.9.3;Telnet;513
14.4.9.4;Windows Remote Management (WinRM);514
14.4.9.4.1;WinRM Listeners;514
14.4.9.4.2;Remote Management Using WinRM;515
14.4.9.5;Group Policy;516
14.5;Summary of Exam Objectives;517
14.6;Exam Objectives Fast Track;520
14.7;Exam Objectives Frequently Asked Questions;521
14.8;Self Test;523
14.9;Self Test Quick Answer Key;526
15;Chapter 7: Configuring Certificate Services and PKI;528
15.1;Introduction;529
15.2;What Is PKI?;530
15.2.1;The Function of the PKI;532
15.2.2;Components of PKI;533
15.2.3;How PKI Works;535
15.2.3.1;PKCS Standards;537
15.2.4;How Certificates Work;543
15.2.5;Public Key Functionality;546
15.2.5.1;Digital Signatures;547
15.2.5.2;Authentication;548
15.2.5.3;Secret Key Agreement via Public Key;549
15.2.5.4;Bulk Data Encryption without Prior Shared Secrets;549
15.2.5.5;User Certificates;562
15.2.5.6;Machine Certificates;563
15.2.5.7;Application Certificates;563
15.3;Analyzing Certificate Needs within the Organization;563
15.4;Working with Certificate Services;564
15.4.1;Configuring a Certificate Authority;564
15.4.1.1;Certificate Authorities;565
15.4.1.1.1;Standard vs. Enterprise;565
15.4.1.1.2;Root vs. Subordinate Certificate Authorities;566
15.4.1.1.3;Certificate Requests;567
15.4.1.1.4;Certificate Practice Statement;572
15.4.2;Key Recovery;572
15.4.2.1;Backup and Restore;572
15.4.2.2;Assigning Roles;579
15.4.2.3;Enrollments;579
15.4.2.4;Revocation;580
15.5;Working with Templates;584
15.5.1;General Properties;586
15.5.2;Request Handling;588
15.5.3;Cryptography;589
15.5.4;Subject Name;591
15.5.5;Issuance Requirements;592
15.5.6;Security;595
15.5.7;Types of Templates;596
15.5.7.1;User Certificate Types;596
15.5.7.2;Computer Certificate Types;597
15.5.7.3;Other Certificate Types;599
15.5.7.4;Custom Certificate Templates;599
15.5.8;Securing Permissions;602
15.5.9;Versioning;603
15.5.10;Key Recovery Agent;604
15.6;Summary of Exam Objectives;606
15.7;Exam Objectives Fast Track;607
15.8;Exam Objectives Frequently Asked Questions;609
15.9;Self Test;612
15.10;Self Test Quick Answer Key;615
16;Chapter 8: Planning for Server Virtualization;616
16.1;Introduction;617
16.2;Understanding Virtualization;617
16.2.1;Server Consolidation;620
16.2.2;Quality Assurance and Development Testing Environments;621
16.2.3;Disaster Recovery;624
16.2.4;Microkernelized vs. Monolithic Hypervisor;625
16.2.4.1;Monolithic Hypervisor;625
16.2.4.2;Microkernel Hypervisor;627
16.2.5;Detailed Architecture;628
16.2.5.1;Parent Partition;630
16.2.5.2;Child Partitions;632
16.2.5.3;Guest Operating Systems;632
16.2.5.3.1;Guest with Enlightened Operating System;632
16.2.5.3.2;Guest with Partially Enlightened Operating System;633
16.2.5.3.3;Legacy Guest;633
16.2.6;Application Compatibility;633
16.2.7;Microsoft Server Virtualization;634
16.2.8;Hyper-V;637
16.3;Configuration;638
16.3.1;Installing the Virtualization Role on Windows Server 2008;639
16.3.2;Configuring Virtual Servers with Hyper-V;651
16.3.3;Server Core;661
16.3.4;Competition Comparison;663
16.3.5;Server Placement;665
16.4;System Center Virtual Machine Manager 2007;667
16.4.1;Virtual Machine Manager Administrator Console;669
16.4.2;Windows PowerShell Command-Line Interface;671
16.4.3;System Center Virtual Machine Manager Self Service Web Portal;671
16.4.4;Virtual Machine Manager Library;672
16.4.5;Migration Support Functionality;673
16.4.6;Virtual Machine Creation Process Using SCVMM;674
16.4.7;Managing Servers;675
16.4.8;Stand-Alone Virtualization Management Console;676
16.4.9;Managing Applications;677
16.4.10;Managing VMWare;681
16.5;Summary of Exam Objectives;683
16.6;Exam Objectives Fast Track;684
16.7;Exam Objectives Frequently Asked Questions;688
16.8;Self Test;691
16.9;Self Test Quick Answer Key;694
17;Chapter 9: Planning for Business Continuity and High Availability;696
17.1;Introduction;697
17.2;Planning for Storage Requirements;698
17.2.1;Self Healing NTFS;699
17.2.2;Multipath I/O (MPIO);700
17.2.3;Data Management;701
17.2.3.1;Share and Storage Management Console;701
17.2.3.2;Storage Explorer;702
17.2.3.3;Storage Manager for SANs Console;703
17.2.4;Data Security;704
17.2.4.1;Group Policy Control over Removable Media;704
17.2.4.2;BitLocker Drive Encryption;705
17.2.4.2.1;BitLocker Volume Recovery;707
17.2.4.2.2;BitLocker Management Options;707
17.2.4.2.3;Using BitLocker for the Safe Decommissioning of Hardware;708
17.3;Data Collaboration;709
17.4;Planning for High Availability;714
17.4.1;Failover Clustering;714
17.4.1.1;Architectural Details of Windows 2008 Failover Clustering;715
17.4.1.2;Multi-Site Clusters;731
17.4.2;Service Redundancy;732
17.4.3;Service Availability;734
17.4.4;Data Accessibility and Redundancy;734
17.4.4.1;Failover Clustering;735
17.4.4.1.1;Prerequisites;735
17.4.4.2;Distributed File System;736
17.4.5;Virtualization and High Availability;737
17.5;Planning for Backup and Recovery;738
17.5.1;Data Recovery Strategies;753
17.5.2;Server Recovery;754
17.5.2.1;WinRE Recovery Environment Bare Metal Restore;755
17.5.2.2;Command Line Bare Metal Restore;756
17.5.3;Recovering Directory Services;756
17.5.3.1;Backup Methods for Directory Services;756
17.5.3.2;Backup Types for Directory Services;757
17.5.3.3;Recovery Methods for Directory Services;757
17.5.3.3.1;Directory Services Restore Mode Recovery;757
17.5.3.3.2;Non-Authoritative Restore;758
17.5.3.3.3;Authoritative Restore;760
17.5.4;Object Level Recovery;760
17.6;Summary of Exam Objectives;768
17.7;Exam Objectives Fast Track;768
17.8;Exam Objectives Frequently Asked Questions;773
17.9;Self Test;776
17.10;Self Test Quick Answer Key ;779
18;Chapter 10: Software Updates and Compliance Management;780
18.1;Introduction;781
18.1.1;Value Proposition;782
18.1.2;The Compliance Picture;783
18.2;Patch Management;784
18.2.1;OS Level Patch Management;785
18.3;Windows Server Update Services;786
18.3.1;System Requirements;787
18.3.2;Types of Patches;788
18.3.3;Comparison to Microsoft Update;790
18.3.4;Implementing WSUS;791
18.3.5;Designing a WSUS Infrastructure;791
18.3.5.1;Small Enterprise (1-100 Workstations);791
18.3.5.2;Branch Office Deployment;792
18.3.5.3;Large Enterprises;793
18.3.5.4;Deploying to Client Computers;805
18.3.6;Application Patching;811
18.4;Security Baselines;811
18.4.1;What Is a Baseline?;812
18.5;Using the GPO Accelerator Tool;812
18.5.1;Requirements;814
18.5.2;Supported Security Baselines;814
18.6;Using the Baseline Security Analyzer;820
18.6.1;Comparison to Microsoft Update;820
18.6.2;Implementing MBSA;821
18.6.3;Analyzing MBSA Results;823
18.7;System Health Models;825
18.7.1;What Is a System Health Model?;825
18.7.2;Developing a Health Model;826
18.8;Summary of Exam Objectives;827
18.9;Exam Objectives Fast Track;827
18.10;Exam Objectives Frequently Asked Questions;831
18.11;Self Test;834
18.12;Self Test Quick Answer Key;839
19;Appendix: Self Test Appendix;840
19.1;Chapter 1: Name Resolution and IP Addressing;841
19.2;Chapter 2: Designing a Network Access Strategy;846
19.3;Chapter 3: Active Directory Forests and Domains;851
19.4;Chapter 4: Designing an Enterprise-Level Group Policy Strategy;859
19.5;Chapter 5: Designing Identity and Access Management;866
19.6;Chapter 6: Designing a Branch Office Deployment;871
19.7;Chapter 7: Developing a Public Key Infrastructure;876
19.8;Chapter 8: Planning for Server Virtualization;882
19.9;Chapter 9: Planning for Business Continuity and High Availability;887
19.10;Chapter 10: Software Updates and Compliance Management;893
20;Index;902
