Administering Windows Server 2012 Exam 411

This exam is part two, of a series of three exams, which validate the skills and knowledge necessary to administer a Windows Server 2012 Infrastructure in an enterprise environment. This exam will validate the administration tasks necessary to maintain a Windows Server 2012 infrastructure, such as user and group management, network access and data security. This exam along with the other two exams will collectively validate the skills and knowledge necessary for implementing, managing, maintaining and provisioning services and infrastructure in a Windows Server 2012 environment.

Course Objectives

• Implementing a Group Policy Infrastructure
• Managing User and Service Accounts
• Maintaining Active Directory Domain Services
• Configure and Troubleshoot DNS
• Configure and Troubleshoot Remote Access
• Installing, Configuring, and Troubleshooting the Network Policy Server role
• Optimizing File Services
• Increasing File System Security
• Implementing Update Management

Prerequisites

Candidates for this exam are Information Technology (IT) Professionals who have Windows Server 2012 operating system knowledge and experience and want to validate the skills and knowledge necessary to administer a Windows Server 2012 infrastructure.

Course Track

Deploy, Manage, and Maintain Servers
Configure File and Print Services
Configure Network Services and Access
Configure a Network Policy Server Infrastructure
Configure and Manage Active Directory
Configure and Manage Group Policy
Course Benefits

This exam is part two, of a series of three exams, which validate the skills and knowledge necessary to administer a Windows Server 2012 Infrastructure in an enterprise environment. This exam will validate the administration tasks necessary to maintain a Windows Server 2012 infrastructure, such as user and group management, network access and data security. This exam along with the other two exams will collectively validate the skills and knowledge necessary for implementing, managing, maintaining and provisioning services and infrastructure in a Windows Server 2012 environment

Course Duration

6 weeks or 40 hours Lecture and Lab

Course Guide

Deploy, Manage, and Maintain Servers (17%)

• Deploy and manage server images.

• This objective may include but is not limited to: Install the Windows Deployment Services (WDS) role; configure and manage boot, install, and discover images; update images with patches, hotfixes, and drivers; install features for offline images

• Implement patch management.

• This objective may include but is not limited to: Install and configure the Windows Server Update Services (WSUS) role; configure group policies for updates; configure client-side targeting; configure WSUS synchronization; configure WSUS groups

• Monitor servers.

• This objective may include but is not limited to: Configure Data Collector Sets (DCS); configure alerts; monitor real-time performance; monitor virtual machines (VMs); monitor events; configure event subscriptions; configure network monitoring

Configure File and Print Services (15%)

• Configure Distributed File System (DFS).

• This objective may include but is not limited to: Install and configure DFS namespaces; configure DFS Replication Targets; configure Replication Scheduling; configure Remote Differential Compression settings; configure staging; configure fault tolerance

• Configure File Server Resource Manager (FSRM).

• This objective may include but is not limited to: Install the FSRM role; configure quotas; configure file screens; configure reports

• Configure file and disk encryption.

• This objective may include but is not limited to: Configure Bitlocker encryption; configure the Network Unlock feature; configure Bitlocker policies; configure the EFS recovery agent; manage EFS and Bitlocker certificates including backup and restore

• Configure advanced audit policies.

• This objective may include but is not limited to: Implement auditing using Group Policy and AuditPol.exe; create expression-based audit policies; create removable device audit policies

Configure Network Services and Access (17%)

• Configure DNS zones.

• This objective may include but is not limited to: Configure primary and secondary zones; configure stub zones; configure conditional forwards; configure zone and conditional forward storage in Active Directory; configure zone delegation; configure zone transfer settings; configure notify settings

• Configure DNS records.

• This objective may include but is not limited to: Create and configure DNS Resource Records (RR) including A, AAAA, PTR, SOA, NS, SRV, CNAME, and MX records; configure zone scavenging; configure record options including Time To Live (TTL) and weight; configure round robin; configure secure dynamic updates

• Configure VPN and routing.

• This objective may include but is not limited to: Install and configure the Remote Access role; implement Network Address Translation (NAT); configure VPN settings; configure remote dial-in settings for users; configure routing

• Configure DirectAccess.

• This objective may include but is not limited to: Implement server requirements; implement client configuration; configure DNS for Direct Access; configure certificates for Direct Access

Configure a Network Policy Server Infrastructure (14%)

• Configure Network Policy Server (NPS).

• This objective may include but is not limited to: Configure multiple RADIUS server infrastructures; configure RADIUS clients; manage RADIUS templates; configure RADIUS accounting; configure certificates

• Configure NPS policies.

• This objective may include but is not limited to: Configure connection request policies; configure network policies for VPN clients (multilink and bandwidth allocation, IP filters, encryption, IP addressing); manage NPS templates; import and export NPS policies

• Configure Network Access Protection (NAP).

• This objective may include but is not limited to: Configure System Health Validators (SHVs); configure health policies; configure NAP enforcement using DHCP and VPN; configure isolation and remediation of non-compliant computers using DHCP and VPN; configure NAP client settings

Configure and Manage Active Directory (19%)

• Configure service authentication.

• This objective may include but is not limited to: Create and configure Service Accounts; create and configure Group Managed Service Accounts; create and configure Managed Service Accounts; configure Kerberos delegation; manage Service Principal Names (SPNs)

• Configure Domain Controllers.

• This objective may include but is not limited to: Configure Universal Group Membership Caching (UGMC); transfer and seize operations masters; install and configure a read-only domain controller (RODC); configure Domain Controller cloning

•Maintain Active Directory.

• This objective may include but is not limited to: Back up Active Directory and SYSVOL; manage Active Directory offline; optimize an Active Directory database; clean up metadata; configure Active Directory snapshots; perform object- and container-level recovery; perform Active Directory restore

•Configure account policies.

• This objective may include but is not limited to: Configure domain user password policy; configure and apply Password Settings Objects (PSOs); delegate password settings management; configure local user password policy; configure account lockout settings

Configure and Manage Group Policy (18%)

• Configure Group Policy processing.

• This objective may include but is not limited to: Configure processing order and precedence; configure blocking of inheritance; configure enforced policies; configure security filtering and WMI filtering; configure loopback processing; configure and manage slow-link processing; configure client-side extension (CSE) behavior

• Configure Group Policy settings.

• This objective may include but is not limited to: Configure settings including software installation, folder redirection, scripts, and administrative template settings; import security templates; import custom administrative template file; convert administrative templates using ADMX Migrator; configure property filters for administrative templates

• Manage Group Policy objects (GPOs).

• This objective may include but is not limited to: Back up, import, copy, and restore GPOs; create and configure Migration Table; reset dfault GPOs; delegate Group Policy management

•Configure Group Policy preferences.

• This objective may include but is not limited to: Configure Group Policy Preferences (GPP) settings including printers, network drive mappings, power options, custom registry settings, Control Panel settings, Internet Explorer settings, file and folder deployment, and shortcut deployment; configure item-level targeting