MCSE CCNA Boot Camp Notes :

Exam 70-411: Administering Windows Server 2012

1: Implementing a Group Policy Infrastructure

  • Group Policy
  • Implementing and Administering Group Policy Objects (GPOs)
  • Managing Group Policy Scope
  • Group Policy Processing
  • Troubleshooting the Application of GPOs

2: Managing User Desktops with Group Policy

  • Implementing Administrative Templates
  • Configuring Folder Redirection and Scripts
  • Configuring Group Policy Preferences
  • Managing Software with Group Policy

MCSE 2016 Boot Camp : Azure Boot camp : CCNA / CCNAX Boot Camp:
 

3: Managing User and Service Accounts

  • Automating User Account Management
  • Configuring Password-Policy and User-Account Lockout
  • Configuring Managed Service Accounts

4: Maintaining Active Directory Domain Services

  • Implementing Virtualized Domain Controllers
  • Implementing Read-Only Domain Controllers
  • Administering AD DS
  • Managing the AD DS Database

5: Configuring and Troubleshooting Domain Name System (DNS)

  • Installing the DNS Server Role
  • Configuring the DNS Server Role
  • Configuring DNS Zones
  • Configuring DNS Zone Transfers
  • Managing and Troubleshooting DNS

6: Configuring and Troubleshooting Remote Access

  • Configuring Network Access
  • Configuring VPN Access
  • Network Policies
  • Troubleshooting Routing and Remote Access
  • Configuring DirectAccess
TABLE OF CONTENTS 
Introduction 
 
1. Installing and Deploying Windows Server 2003 
 
1.1 System Requirements 
 
1.2 Installing Windows Server 2003 from the CD-Rom 
 
1.3 Installing Windows Server 2003 from a Network Share 
 
1.4 Performing an Unattended Installation 
1.4.1 Using an Unattended Answer File 
1.4.2 Using the System Preparation Tool 
1.4.3 Using Remote Installation Services (RIS) 
 
1.5 Windows Server 2003 Licensing 
 
1.6 Deploying Software Applications 
1.6.1 Software Installation and Maintenance Technology 
1.6.1.1 Acquiring and Modifying Software Packages 
1.6.1.2 Deploying Software Packages 
1.6.1.3 Assigning Software Packages 
1.6.1.4 Publishing Software Packages 
1.6.1.5 Deploying .zap Files 
1.6.2 Upgrading Software 
1.6.2.1 Mandatory Upgrades 
1.6.2.2 Optional Upgrades 
1.6.2.3 Redeploying Software 
1.6.2.4 Removing or Disabling Software 
1.6.3 Deploying Service Packs and Hotfixes 
1.6.3.1 Installing Service Packs and Hotfixes 
1.6.3.2 Removing a Service Pack or Hotfix 
1.6.3.3 Slipstreaming Service Packs and Hotfixes 
1.6.3.4 Adding Service Packs and Hotfixes to a Network Installation Share 
1.6.3.5 Installing Multiple Hotfixes 
1.6.4 Microsoft Software Update Services 
1.6.4.1 Windows Update 
1.6.4.2 Windows Update Catalog 
1.6.4.3 Automatic Updates 
1.6.4.4 Software Update Services 
1.7 The Windows Server 2003 Boot Process 
1.7.1 Files Used in the Boot Process 
1.7.1.1 Preboot Sequence 
1.7.1.2 Boot Sequence 
1.7.1.3 Kernel Load 
1.7.1.4 Kernel Initialization 
1.7.1.5 The Session Manager 
1.7.2 The Boot.ini File 
1.7.2.1 Components of the Boot.ini File 
1.7.2.2 ARC Paths 
1.7.2.3 Boot.ini Switches 
1.7.3 Advanced Boot Options 
 
1.8 The Recovery Console 
1.8.1 Installing and Starting the Recovery Console 
1.8.2 Using the Recovery Console 
 
2. Managing Windows Server 2003 
 
2.1 Installing New Hardware 
 
2.2 Using Driver Signing 
2.2.1 Configuring Driver Signing 
2.2.2 The File Signature Verification Utility 
 
2.3 Configuring Hard Disks 
2.3.1 Disk Storage Types 
2.3.2 Converting to Dynamic Disk Status 
2.3.3 Creating Simple Volumes 
2.3.4 Creating Spanned Volumes 
2.3.5 Creating Striped Volumes 
2.3.6 Creating Mirrored Volumes 
2.3.7 Creating Striped Volumes with Parity RAID-5 Volumes 
 
2.4 Configuring File Systems 
2.4.1 Encrypting File System (EFS) 
2.4.1.1 Encrypting Files Across the Network 
2.4.1.2 Encrypted File Recovery 
2.4.2 Volume Mounting 
2.4.3 File Compression 
2.4.3.1 Copying and Moving Compressed Files and Folders 
 
2.5 Defragmenting Volumes and Partitions 
 
2.6 Backing Up and Restoring Data 
2.6.1 Backup Types 
2.6.2 Backing Up System State Data 
2.6.3 Restoring Files and Folders 
2.6.4 Restoring Active Directory Directory Services 
2.6.4.1 Failed Domain Controllers 
2.6.4.2 Damaged Active Directory Databases 
2.6.4.3 Authoritative Restores 
 
2.7 Automated System Recovery 
 
2.8 Adding Hardware 
2.8.1 Adding Additional CPUs 
2.8.2 Adding Removable Media Drives 
 
3. Windows Server 2003 Networks 
 
3.1 Creating Network Connections 
 
3.2 Automatic IP Addressing 
3.2.1 Automatic Private IP Addressing 
3.2.2 DHCP Addressing 
 
3.3 Name Resolution 
3.3.1 NetBIOS Name Resolution 
3.3.2 Host Name Resolution 
3.3.3 Domain Name Space 
3.3.4 DNS Zones 
3.3.5 Zone Types 
 
3.4 Active Directory 
3.4.1 Active Directory Support for Client Computers 
3.4.2 Domains 
3.4.3 Domain Controllers 
3.4.4 Domain Functional Levels 
3.4.5 Controlling Access to Active Directory Objects 
3.4.6 Delegating Administrative Control 
3.4.7 Publishing Resources 
3.4.7.1 Setting Up and Managing Published Printers 
3.4.7.2 Installing Printer Drivers 
3.4.7.3 Setting Up and Managing Published Shared Folders 
3.4.8 Auditing Access to Active Directory Objects 
 
4. Microsoft Internet Information Services 6.0 (IIS) 
 
4.1 Installing IIS 
4.1.1 Using Configure Your Server Wizard and Add or Remove Programs 
4.1.2 Unattended Installation 
4.1.3 Defining Home Directories 
4.1.4 Virtual Directories 
4.1.5 Hosting Multiple Web Sites 
4.1.6 Enabling Web Service Extensions 
 
4.2 Managing IIS 6.0 
4.2.1 Process Accounting 
4.2.2 Backing Up and Restoring IIS 
4.2.3 Distributed File System 
 
4.3 Security 
4.3.1 Authentication 
4.3.2 Controlling Access 
4.3.3 Encryption 
 
4.4 Managing Websites 
4.4.1 Using Scripting to Manage Website Content 
4.4.2 Reroute Requests with Redirects 
4.4.3 Operators Group 
4.4.4 Administering Sites Remotely 
 
5. Terminal Services 
 
5.1 Terminal Services Components 
5.1.1 Remote Desktop for Administration 
5.1.2 Web-Based Administration 
5.1.3 Remote Assistance 
5.1.3.1 Requesting Assistance 
5.1.3.2 Using Windows Messenger to Request Assistance 
5.1.3.3 Using E-Mail to Request Assistance 
5.1.3.4 Using a Saved File to Request Assistance 
5.1.4 Terminal Server Role 
5.1.4.1 Installing the Terminal Services Role 
5.1.4.2 Installing Terminal Server Licensing 
5.1.4.3 Installing Applications for Terminal Services 
 
5.2 Client Software and Installation 
 
5.3 Connecting to Terminal Services 
5.3.1 The Remote Desktop Connection Utility 
5.3.2 The Remote Desktops Snap-In 
 
5.4 Administering Terminal Services 
 
5.5 Troubleshooting Terminal Services 
5.5.1 Automatic Logon 
5.5.2 Initial Program Launching 
5.5.3 License Problems 
6. Creating and Managing User and Computer Accounts 
 
6.1 Types of User Accounts 
6.1.1 Local User Accounts 
6.1.2 Domain User Accounts 
6.1.3 Built-In User Accounts 
6.1.3.1 Administrator 
6.1.3.2 Guest 
6.1.3.3 HelpAssistant 
6.1.3.4 Support_388945a0 
 
6.2 Computer Accounts 
6.2.1 Creating Computer Accounts 
 
6.3 Creating User Accounts 
6.3.1 Creating Local User Accounts 
6.3.2 Creating Domain User Accounts 
6.3.3 Copying Domain User Accounts 
6.3.4 Modifying User Accounts and Computer Accounts 
 
6.4 Group Accounts 
6.4.1 Group Scope 
6.4.2 Group Nesting 
6.4.3 Creating Groups 
6.4.4 Adding a User to a Group 
 
6.5 Configuring Account Policies 
6.5.1 Configuring Password Policy 
6.5.2 Configuring Account Lockout Policy 
 
6.6 Managing User Data 
6.6.1 Using User Profiles 
6.6.1.1 Roaming User Profiles 
6.6.1.2 Mandatory User Profiles 
 
6.7 Group Policy Objects 
6.7.1 Group Policy Settings for Computers and Users 
6.7.2 Linking Group Policy Objects 
6.7.3 Group Policy Inheritance 
6.7.4 Order of Application 
6.7.5 Controlling the Processing of Group Policy 
6.7.6 Refreshing Group Policy at Established Intervals 
6.7.7 Resolving Conflicts Between Group Policy Settings 
 
6.8 Managing user environment 
6.8.1 Administrative Templates 
6.8.2 Desktop Security Settings 
6.8.3 Group Policy Script Settings 
6.8.4 Folder Redirection 
 
6.9 Software Deployment 
 
7. Controlling Access to Network Resources 
 
7.1 Access Control List 
 
7.2 NTFS Permissions 
7.2.1 NTFS Folder Permissions 
7.2.2 NTFS File Permissions 
7.2.3 Multiple NTFS Permissions 
7.2.4 Cumulative Permissions 
7.2.5 The Deny Permission 
7.2.6 NTFS Permissions Inheritance 
7.2.7 Assigning Special Access Permissions 
7.2.7.1 Changing Permissions 
7.2.7.2 Taking Ownership 
7.2.8 Copying and Moving Files and Folders 
7.2.9 Troubleshooting NTFS Permission Problems 
 
7.3 Shared Folder Permissions 
 
7.4 Combining Shared Folder Permissions and NTFS Permissions 
 
8. Monitoring Network Resources 
 
8.1 Monitoring Access to Shared Folders 
8.1.1 Monitoring Shared Folders 
8.1.2 Modifying Shared Folder Properties 
8.1.3 Monitoring Open Files 
8.1.4 Disconnecting Users from Open Files 
8.1.5 Monitoring Network Users 
8.1.6 Monitoring User Sessions 
8.1.7 Disconnecting Users 
 
8.2 Auditing 
8.2.1 Using an Audit Policy 
8.2.2 Using Event Viewer to View Security Logs 
8.2.3 Setting Up Auditing 
8.2.4 Auditing Object Access 
8.2.4.1 Auditing Access to Files and Folders 
8.2.4.2 Auditing Access to Printers 
 
8.3 Using Event Viewer 
8.3.1 Viewing Security Logs 
8.3.2 Locating Events 
8.3.3 Managing Audit Logs 
 
8.4 Using Group Policy 
 
8.5 The Shutdown Event Tracker 
 
9. Monitoring System Performance 
 
9.1 The System Monitor 
9.1.1 Adding Performance Counters 
9.1.2 Performance Logs and Alerts 
9.1.3 Counter Logs and Tracer Logs 
9.1.4 Alerts 
 
9.2 Using Task Manager to Monitor Performance 
 
9.3 Command-Line Monitoring Tools 
9.3.1 The Logman Utility 
9.3.2 The relog Utility 
9.3.3 The typeperf Utility

 

MCSE Boot Camp
MCSE Bootcamp

MCSE CCNA Boot Camp

MCSE CCNA Certification boot camp
Testimonials
 Join MCSE Boot Camp & CCNA Boot Camp Back to Back Certification Today.
MCSE Boot Camp links  MCSE Boot Camp 270  MCSE Boot Camp  290  MCSE Boot Camp  291  MCSE Boot Camp 293  MCSE Boot Camp  294  MCSE Boot Camp 298  MCSE Boot Camp 299  MCSE Boot Camp Security  MCSE Boot Camp 640-801  MCSE Boot Camp routing MCSE Boot Camp 811  MCSE Boot Camp 821  MCSE Boot Camp 831  MCSE Boot Camp Resources MCSE Boot Camp MCSE + CCNA  MCSE Boot Camp Training  MCSE Boot Camp Card pay  MCSE Boot Camp Papal  MCSE Boot Camp MCSE Notes  MCSE Boot Camp CCNA Notes    MCSE Boot Camp index MCSE Boot Camp main  MCSE Boot Camp root MCSE Boot Camp link  MCSE Boot Camp resources MCSE Boot Camp home  
Medical Tourism
Ref1 Ref2
Microsoft MCSE Boot Camp
MCSE Boot Camp, MCSE Certification boot camp, MCSE Training boot camps, MCSE certification  boot camp training at California and Maryland USA. Also CCNA, CCNP, CISSP, Red Hat Linux Certification notes.

Vibrant boot camp offers MCSE, CCNA, CCNP Certification back to back.

Vibrant offers MCSE certification training boot camp for $5400 all inclusive, instructor led at California and Baltimore.
Ref1 : Ref2 : link : resources : Tcp/ip

Vibrant provides all inclusive, instructor led MCSE, CCNA, CCNP Certification Boot camp training, charging the most reasonable fees for your Certification Program. Vibrant offers bootcamp training at San Mateo, California and Baltimore, Maryland.

 

Best Practices for NPS

Updated: March 14, 2008

Applies To: Windows Server 2008, Windows Server 2008 R2

This topic provides best practices for implementing and configuring NPS and is based on recommendations from Microsoft Product Support Services.

Installation

Before installing NPS, do the following:
  • Install and test each of your network access servers by using local authentication methods before you make them RADIUS clients.

     
  • After you install and configure NPS, save the configuration by using the netsh nps export command. Use this command to save the NPS configuration to an XML file every time a configuration change is made.

     
  • If you install additional Extensible Authentication Protocol (EAP) types on your NPS server, ensure that you document the server configuration in case you need to rebuild the server or duplicate the configuration on other NPS servers.

     
  • If you install additional system health validators (SHVs) on your NPS server, ensure that you document the server configuration in case you need to rebuild the server or duplicate the configuration on other NPS servers.

     
  • Do not install Windows Server 2008 on the same partition with another version of Windows Server.

     
  • Do not configure a server running NPS or the Routing and Remote Access service as a member of a Windows NT Server 4.0 domain if your user accounts database is stored on a domain controller running Windows Server 2008 in another domain. Doing this will cause Lightweight Directory Access Protocol (LDAP) queries from the NPS server to the domain controller to fail.

    Instead, configure your server running NPS or Routing and Remote Access as a member of a Windows Server 2008 domain. An alternative is to configure a server running NPS as a RADIUS proxy server that forwards authentication and accounting requests from the Windows NT Server 4.0 domain to an NPS server in the Windows Server 2008 domain.

     

Client computer configuration

Following are the best practices for client computer configuration:
  • Automatically configure all of your domain member 802.1X client computers by using Group Policy.

     
  • Automatically configure all of your domain member NAP-capable clients by importing NAP client configuration files into Group Policy.

     

Authentication

Following are the best practices for authentication:
  • Use authentication methods, such as Protected Extensible Authentication Protocol (PEAP) and Extensible Authentication Protocol (EAP), that provide authentication types, such as Transport Layer Security (EAP-TLS and PEAP-TLS) and Microsoft Challenge Handshake Authentication Protocol version two (PEAP-MS-CHAP v2), that support the use of certificates for strong authentication. Do not use password-based authentication methods because they are vulnerable to a variety of attacks and are not secure.

     
  • Use PEAP, which is required for all Network Access Protection (NAP) enforcement methods. Determine the PEAP authentication types that you want to use, such as PEAP-TLS and PEAP-MS-CHAP v2, and then plan and deploy your public key infrastructure (PKI) to ensure that all computers and users can enroll the certificates required by the authentication types.

     
  • Deploy a certification authority (CA) by using Active Directory® Certificate Services (AD CS) if you use strong certificate-based authentication methods that require the use of a server certificate on NPS servers. You can also use your CA to deploy computer certificates to domain member computers and user certificates to members of the Users group in Active Directory.

     

Security issues

Your NPS server provides authentication, authorization, and accounting for connection attempts to your organization network. You can protect your NPS server and RADIUS messages from unwanted internal and external intrusion.

When you are administering an NPS server remotely, do not send sensitive or confidential data (for example, shared secrets or passwords) over the network in plaintext. There are two recommended methods for remote administration of NPS servers:

  • Use Remote Desktop Connection to access the NPS server.

    When Remote Desktop Connection users log on, they can view only their individual client sessions, which are managed by the server and are independent of each other. In addition, Remote Desktop Connection provides 128-bit encryption between client and server.

     
  • Use Internet Protocol security (IPsec) to encrypt confidential data.

    If you manage one or more remote NPS servers from a local NPS server by using the NPS Microsoft Management Console (MMC) snap-in, you can use IPsec to encrypt communication between the local NPS server and the remote NPS server.

     

Accounting

There are two types of accounting, or logging, in NPS:
  • Event logging for NPS. You can use event logging to record NPS events in the system and security event logs. Recording NPS events to the security event log is a new feature in Windows Server 2008, and much more information is logged for NPS than in previous operating system versions for Internet Authentication Service (IAS). This information is used primarily for auditing and troubleshooting connection attempts.

     
  • Logging user authentication and accounting requests. You can log user authentication and accounting requests to log files in text format or database format, or you can log to a stored procedure in a SQL Server 2000, SQL Server 2005, or SQL Server 2008 database. Request logging is used primarily for connection analysis and billing purposes, and is also useful as a security investigation tool, providing you with a method of tracking down activity after an attack.

     

To make the most effective use of NPS logging:

  • Turn on logging (initially) for both authentication and accounting records. Modify these selections after you have determined what is appropriate for your environment.

     
  • Ensure that event logging is configured with a capacity that is sufficient to maintain your logs.

     
  • Back up all log files on a regular basis because they cannot be recreated after they are damaged or deleted.

     
  • For billing purposes, use the RADIUS Class attribute to both track usage and simplify the identification of which department or user to charge for usage. Although the automatically generated Class attribute is unique for each request, duplicate records might exist in cases when the reply to the access server is lost and the request is resent. You might need to delete duplicate requests from your logs to accurately track usage.

     
  • If you use SQL Server logging, ensure that you store credentials and other connection properties in a secure location. This information is not exported to file when you use the netsh nps export command.

     
  • To provide failover and redundancy with SQL Server logging, place two computers running SQL Server on different subnets. Use the SQL Server tools to set up database replication between the two servers. For more information, see SQL Server documentation.
     

 

 

MCSE CCNA CCNP Boot Camp Schedule by Vibrant boot camps

MCSE Boot Camp Proven MCSE Boot camp Training for MCSE Certification Fast

MCSE CCNA CCNP Boot Camp Schedule by Vibrant boot camps

MCSE Boot Camp - Proven Boot camp for MCSE at Baltimore, Maryland

MCSE Boot Camp Payment Gateway to get MCSE Certification Fast!

CCNA 801 Boot Camp by Vibrant boot camps, join MCSE camps

CCNA Boot Camp by Vibrant boot camps, join MCSE camps

CCNP Boot Camp by Vibrant boot camps, join CCNP camps

MCSE Boot Camp compare Vibrant boot camps, join MCSE camps

Comptia Security+ Boot Camp by Vibrant boot camps, join MCSE camps

MCSE Boot Camp contact Vibrant boot camps, join MCSE camps

MCSE Boot Camp course fees Vibrant boot camps, join MCSE camps

MCSE Boot Camp FAQ by Vibrant boot camps, join MCSE camps

MCSE Boot Camp location by Vibrant boot camps, join MCSE camps

MCSE Boot Camp location by Vibrant boot camps, join MCSE camps

MCSE Boot Camp MCSE Certification also MCSE Training Boot Camp

MCSE Boot Camp by Vibrant boot camps, join MCSE camps, MCSE Cert

MCSE Boot Camp by Vibrant boot camps, join MCSE camps

MCSE Boot Camp by Vibrant boot camps, join MCSE camps

MCSE Boot Camp by Vibrant boot camps, join MCSE camps

MCSE Security Boot Camp MCSE 14days all_incl MCSE Certifiation boot camp

MCSE Security Boot Camp by Vibrant boot camps, join MCSE camps

MCSE Security Boot Camp by Vibrant boot camps, join MCSE camps

MCSE Security Boot Camp by Vibrant boot camps, join MCSE camps

MCSE Security Boot Camp by Vibrant boot camps, join MCSE camps

MCSE Boot Camp Payment Gateway to get MCSE Certification Fast!

MCSE Boot Camp Refunds

MCSE CCNA CCNP Boot Camp Register by Vibrant boot camps

MCSE Boot Camp Testimonials by Vibrant boot camps

MCSE Boot Camp Payment Gateway to get MCSE Certification Fast!

MCSE Boot Camp MCSE Certification also MCSE Training Boot Camp

Microsoft Vista Certification Boot Camp for Vista training boot camps

MCSE CCNA CCNP Boot Camp Register by Vibrant boot camps

MCSE Boot Camp all inclusive bootcamp Vibrant boot camps, join MCSE camps

MCSE CCNA CCNP Boot Camp Register by Vibrant boot camps

mumbai marathon, Mumbai Daud

bootcamp_schedule.php

cardpay.php

CCNA-boot-camp.php

certification-courses.php

certified-ethical-hacker-ceh-certified-EC-council.php

cisco-certification-courses.php

comptia_a+_bootcamp_course.php

comptia_a+_network+_boot_camp.php

comptia-certification-courses.php

compTia-network+.php

compTia-security+.php

contact_us.php

course_fees.php

course_template.php

faq_camp.php

guarantee.php

how-boot-camp-works.php

index.php

join-vibrant-as-trainer.php

locations.php

mcsa_server_2012_r2_boot_camp.php

mcsa-windows-server-2016-training-certification-boot-camp.php

mcse-cloud-platform-infrastructure-azure-track.php

mcse-cloud-platform-infrastructure-security-with-mcsa-windows-server-2016-training-certification-boot-camp.php

mcse-cloud-platform-infrastructure-with-mcsa-windows-server-2012-R2-training-certification-boot-camp.php

mcse-productivity-exchange-server-2016.php

microsoft-certification-courses.php

microsoft-mcse-messaging-certification-training-course.php

msca-windows-2016-upgrade.php

msce-windows-2008-to-2016-upgrade.php

msce-windows-2016-upgrade.php

mta-it-infrastructure-windows-server-training-certification.php

onsite-training.php

our-clients.php

photogallery.php

reason_to_join_vibrant_boot_camp.php

recaptchalib.php

refund.php

register.php