Ms 70 293

• 1. PUBLISHED BYMicrosoft PressA Division of Microsoft CorporationOne Microsoft WayRedmond, Washington 98052-6399Copyright 2004 by Microsoft CorporationAll rights reserved. No part of the contents of this book may be reproduced or transmitted in any form orby any means without the written permission of the publisher.Library of Congress Cataloging-in-Publication Data Zacker, Craig. MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure / Craig Zacker with Microsoft Corporation. p. cm. Includes index. ISBN 0-7356-1893-3 1. Electronic data processing personnel--Certification. 2. Microsoft software--Examinations--Study guides. 3. Computer networks--Examinations--Study guides. 4. Microsoft Windows server. I. Microsoft Corporation. II. Title. QA76.3.Z32 004.6--dc2120032003056205 Printed and bound in the United States of America. 1 2 3 4 5 6 7 8 9QWT8 7 6 5 4 3Distributed in Canada by H.B. Fenn and Company Ltd. A CIP catalogue record for this book is available from the British Library. Microsoft Press books are available through booksellers and distributors worldwide. For further informa tion about international editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329. Visit our Web site at www.microsoft.com/mspress. Send comments to [email protected]. Active Directory, Authenticode, Microsoft, Microsoft Press, NetMeeting, Windows, the Windows logo, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corpora tion in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any real company, organiza tion, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Acquisitions Editor: Kathy Harding Project Editor: Jean Trenary Technical Editor: Linda Zacker Body Part No. X09-16614

2. Craig Zacker Craig is a writer, editor, and networker whose computing experience began in the days of teletypes and paper tape. After making the move from minicomputers to PCs, he worked as an administrator of Novell NetWare networks and as a PC support techni cian while operating a freelance desktop publishing business. After earning a Masters Degree in English and American Literature from New York University, Craig worked extensively on the integration of Microsoft Windows NT into existing internetworks, supported fleets of Windows workstations, and was employed as a technical writer, content provider, and Webmaster for the online services group of a large software com pany. Since devoting himself to writing and editing full-time, Craig has authored or contributed to many books on networking topics, operating systems, and PC hardware, including MCSA/MCSE Self-Paced Training Kit: Microsoft Windows 2000 Network Infra structure Administration, Exam 70-216, Second Edition and MCSA Training Kit: Managing a Microsoft Windows 2000 Network Environment. He has also developed educational texts for college courses, online training courses for the Web, and has pub lished articles with top industry publications. For more information on Craigs books and other works, see http://www.zacker.com. 3. Contents at a Glance Part 11 2 3 4 5 6 7 8 9 10 11 12 13 Part 214 15 16 17 18 19Learn at Your Own Pace Planning a Network Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3 Planning a TCP/IP Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . 2-1 Planning Internet Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1 Planning a Name Resolution Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1 Using Routing and Remote Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1 Maintaining Server Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1 Clustering Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 Planning a Secure Baseline Installation . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1 Hardening Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1 Deploying Security Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1 Creating and Managing Digital Certificates . . . . . . . . . . . . . . . . . . . . . . 11-1 Securing Network Communications Using IPSec . . . . . . . . . . . . . . . . . . 12-1 Designing a Security Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1Prepare for the Exam Planning and Implementing Server Roles and Server Security (1.0). . . 14-3 Planning, Implementing, and Maintaining a Network Infrastructure (2.0) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1 Planning, Implementing, and Maintaining Routing and Remote Access (3.0) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1 Planning, Implementing, and Maintaining Server Availability (4.0) . . . . 17-1 Planning and Maintaining Network Security (5.0) . . . . . . . . . . . . . . . . . 18-1 Planning, Implementing, and Maintaining Security Infrastructure (6.0) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-1v 4. viContents at a GlancePractices Choosing an Ethernet Variant . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-23 Blueprinting a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-35 Using Registered and Unregistered IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-12 Designing an Internetwork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-22 Subnetting IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-32 Installing and Configuring the DHCP Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-38 Understanding WAN Speeds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-13 Configuring a Windows Server 2003 Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-21 Configuring a NAT Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-31 Specifying Name Resolution Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-16 Designing a DNS Namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-24 Understanding DNS Server Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-35 Creating a Zone. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-37 Installing a WINS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-47 Understanding DNS Security Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-56 Installing RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-21 Installing a Routing and Remote Access Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-35 Using Network Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-13 Establishing a Performance Baseline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-28 Using Windows Server 2003 Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-42 Creating a Network Load Balancing Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-25 Creating a Single Node Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-42 Modifying Default Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-30 Creating a Group Policy Object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-14 Modifying the GPO for the Domain Controllers Containers GPO . . . . . . . . . . . . . . . . . .9-28 Deploying Multiple GPOs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-34 Using the Security Templates Snap-in. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-15 Using the Security Configuration And Analysis Snap-in . . . . . . . . . . . . . . . . . . . . . . . 10-23 Viewing a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-7 Installing a Windows Server 2003 Certification Authority . . . . . . . . . . . . . . . . . . . . . 11-16 Requesting a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-25 Creating Packet Filters in Routing and Remote Access Service . . . . . . . . . . . . . . . . . .12-9 Creating an IPSec Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-30 Using Resultant Set of Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-39 Using Microsoft Baseline Security Analyzer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-8 Configuring Remote Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-27 5. Contents at a GlanceviiTables Table 1-1: Ethernet Variants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-21 Table 2-1: IP Address Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-26 Table 6-1: Magnetic Tape Drive Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-32 Table 7-1: NLB Configuration Advantages and Disadvantages . . . . . . . . . . . . . . . . . . . 7-18 Table 8-1: Windows Server 2003 Versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10 Table 8-2: Default Windows File System Permissions for System Drive. . . . . . . . . . . . 8-20 Table 9-1: Typical Member Server Service Assignments. . . . . . . . . . . . . . . . . . . . . . . . 9-11 Table 11-1: Sample Certificate Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11 Table 11-2: Advantages and Disadvantages of Internal and External CAs . . . . . . . . . 11-12 Table 12-1: Well-Known Port Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4 Table 12-2: Protocol Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-9Troubleshooting Labs Chapter 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-53 Chapter 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-40 Chapter 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-65 Chapter 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-52 Chapter 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-45 Chapter 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-48 Chapter 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-40 Chapter 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-28 Chapter 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-30 Chapter 12 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-44 Chapter 13 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-32Case Scenario Exercises Chapter 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-37 Chapter 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-50 Chapter 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-39 Chapter 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-63 Chapter 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-50 Chapter 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-44 Chapter 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-46 Chapter 8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34 Chapter 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-38 Chapter 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-27 Chapter 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-29 Chapter 12 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-43 Chapter 13 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-31 6. Contents About This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv About the CD-ROM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi Features of This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi Part 1: Learn at Your Own Pace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvii Part 2: Prepare for the Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvii Informational Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxviii Notational Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxviii Keyboard Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix Hardware Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxx Setup Instructions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxx The Microsoft Certified Professional Program . . . . . . . . . . . . . . . . . . . . . . . . . xxxiv Certifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiv Requirements for Becoming a Microsoft Certified Professional . . . . . . . . . . xxxv Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxvi Evaluation Edition Software Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxvi Part 1Learn at Your Own Pace1Planning a Network Topology1-3Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3 Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4 Lesson 1: Windows Server 2003 and the Network Infrastructure . . . . . . . . . . . 1-5 What Is a Network Infrastructure? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5 Planning a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8 Implementing a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9 Maintaining a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9 Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10 Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-11 Lesson 2: Selecting Data-Link Layer Protocols . . . . . . . . . . . . . . . . . . . . . . . . 1-12 Understanding the OSI Reference Model . . . . . . . . . . . . . . . . . . . . . . . . . . 1-12 Selecting a Data-Link Layer Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-14 Practice: Choosing an Ethernet Variant. . . . . . . . . . . . . . . . . . . . . . . . . . . 1-23ix 7. xContentsLesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-23Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-24Lesson 3: Selecting Network/Transport Layer Protocols . . . . . . . . . . . . . . . . . 1-25Using TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-25Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-29Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-29Lesson 4: Locating Network Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-30Determining Location Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-30Locating Workstations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-30Locating Peripherals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-31Locating Cables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-32Locating Connectivity Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-33Locating Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-34Practice: Blueprinting a Network Infrastructure . . . . . . . . . . . . . . . . . . . . . 1-35Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-36Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-36Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-37Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-39Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-40Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-40Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-40Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-42 2Planning a TCP/IP Network Infrastructure2-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2Lesson 1: Determining IP Addressing Requirements . . . . . . . . . . . . . . . . . . . . . 2-3Using Public and Private Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3Accessing the Internet from a Private Network. . . . . . . . . . . . . . . . . . . . . . . 2-7Planning IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11Practice: Using Registered and Unregistered IP Addresses . . . . . . . . . . . . 2-12Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13Lesson 2: Planning an IP Routing Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14Understanding IP Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14Creating LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-15Creating WANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-17Using Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-18Using Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-19Combining Routing and Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-20Practice: Designing an Internetwork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-22 8. ContentsxiLesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-23Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-24Lesson 3: Planning an IP Addressing and Subnetting Strategy . . . . . . . . . . . . . 2-25Obtaining Network Addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-25Understanding IP Address Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-26Understanding Subnetting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-27Subnetting Between Bytes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-29Practice: Subnetting IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-32Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-33Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-34Lesson 4: Assigning IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-35Manually Configuring TCP/IP Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-35Installing a DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-36Understanding DHCP Allocation Methods . . . . . . . . . . . . . . . . . . . . . . . . . 2-36Planning a DHCP Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-37Practice: Installing and Configuring the DHCP Service . . . . . . . . . . . . . . . . 2-38Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-40Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-41Lesson 5: Troubleshooting TCP/IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . 2-42Isolating TCP/IP Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-42Troubleshooting Client Configuration Problems . . . . . . . . . . . . . . . . . . . . . 2-43Troubleshooting DHCP Problems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-47Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-49Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-50Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-50Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-53Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-54Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-54Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-55Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-55Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-56 3Planning Internet Connectivity3-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2Lesson 1: Planning an Internet Connectivity Infrastructure . . . . . . . . . . . . . . . . . 3-3Determining Internet Connectivity Requirements . . . . . . . . . . . . . . . . . . . . . 3-3Choosing an Internet Connection Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7Practice: Understanding WAN Speeds . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-14 9. xiiContentsLesson 2: Selecting Routers and ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15Choosing A Router Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15Choosing An ISP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-17Practice: Configuring a Windows Server 2003 Router . . . . . . . . . . . . . . . . 3-21Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23Lesson 3: Securing and Regulating Internet Access . . . . . . . . . . . . . . . . . . . 3-24Determining Internet Security Requirements . . . . . . . . . . . . . . . . . . . . . . . 3-24Using NAT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26Using a Proxy Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-29Selecting an Internet Access Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30Practice: Configuring a NAT Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-31Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-33Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-33Lesson 4: Troubleshooting Internet Connectivity . . . . . . . . . . . . . . . . . . . . . . . 3-34Determining the Scope of the Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-34Diagnosing Client Configuration Problems . . . . . . . . . . . . . . . . . . . . . . . . . 3-35Diagnosing NAT and Proxy Server Problems . . . . . . . . . . . . . . . . . . . . . . . . 3-36Diagnosing Internet Connection Problems . . . . . . . . . . . . . . . . . . . . . . . . . 3-37Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-38Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-38Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-39Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-40Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-41Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-43 4Planning a Name Resolution Strategy4-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2Lesson 1: Determining Name Resolution Requirements . . . . . . . . . . . . . . . . . . 4-3What Is Name Resolution?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3What Types of Names Need to Be Resolved?. . . . . . . . . . . . . . . . . . . . . . . . 4-4Using the DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5Determining DNS Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11Using NetBIOS Names. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13Using Local Host Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16 10. ContentsxiiiPractice: Specifying Name Resolution Requirements . . . . . . . . . . . . . . . . . 4-16Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-17Lesson 2: Designing a DNS Namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-18Using an Existing Namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-18Creating Internet Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-19Creating Internal Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-20Combining Internal and External Domains . . . . . . . . . . . . . . . . . . . . . . . . . 4-22Creating an Internal Root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-23Creating Host Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-23Practice: Designing a DNS Namespace . . . . . . . . . . . . . . . . . . . . . . . . . . 4-24Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26Lesson 3: Implementing a DNS Name Resolution Strategy . . . . . . . . . . . . . . . 4-28How Many DNS Servers? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-28Understanding DNS Server Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-29Creating Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-33Practice: Understanding DNS Server Functions . . . . . . . . . . . . . . . . . . . . . 4-35Practice: Creating a Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-37Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-39Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-40Lesson 4: Implementing a NetBIOS Name Resolution Strategy. . . . . . . . . . . . . 4-41Practice: Installing a WINS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-47Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-48Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-49Lesson 5: Planning DNS Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-50Determining DNS Security Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-50Securing DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-51Practice: Understanding DNS Security Techniques. . . . . . . . . . . . . . . . . . . 4-56Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-56Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-57Lesson 6: Troubleshooting Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . 4-58Troubleshooting Client Configuration Problems . . . . . . . . . . . . . . . . . . . . . 4-58Troubleshooting DNS Server Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-59Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-62Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-63Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-63Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-65 11. xivContentsChapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-66Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-67Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-67Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-67Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-69 5Using Routing and Remote Access5-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2Lesson 1: Planning a Routing and Remote Access Strategy . . . . . . . . . . . . . . . . 5-3Choosing a WAN Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3Selecting a WAN Technology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11Lesson 2: Static and Dynamic Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12Selecting Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12Using Static Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12Using Dynamic Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15Routing IP Multicast Traffic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20Practice: Installing RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24Lesson 3: Securing Remote Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25Determining Security Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25Controlling Access Using Dial-In Properties . . . . . . . . . . . . . . . . . . . . . . . . 5-26Planning Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-27Using Remote Access Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-31Practice: Installing a Routing and Remote Access Server . . . . . . . . . . . . . . 5-35Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-38Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-38Lesson 4: Troubleshooting TCP/IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-40Isolating Router Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-40Troubleshooting the Routing and Remote Access Configuration. . . . . . . . . . 5-44Troubleshooting the Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-45Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-49Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-50Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-50Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-52Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-52 12. ContentsxvExam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-53Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-53Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-54Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-55 6Maintaining Server Availability6-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1Lesson 1: Monitoring Network Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2Using the Performance Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2Analyzing Network Traffic with Network Monitor . . . . . . . . . . . . . . . . . . . . . . 6-7Practice: Using Network Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15Lesson 2: Monitoring Network Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-16Monitoring Network Server Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-16Locating System Bottlenecks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-25Practice: Establishing a Performance Baseline . . . . . . . . . . . . . . . . . . . . . 6-28Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-30Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-30Lesson 3: Planning a Backup Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-31Understanding Network Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-31Creating a Backup Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-35Performing Restores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-39Using Volume Shadow Copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-40Practice: Using Windows Server 2003 Backup . . . . . . . . . . . . . . . . . . . . . 6-42Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-43Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-44Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-44Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-45Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-46Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-47Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-47Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-48Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-49 7Clustering Servers7-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 13. xviContentsLesson 1: Understanding Clustering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2Clustering Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2Designing a Clustering Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-12Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-13Lesson 2: Using Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-14Understanding Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . 7-14Planning a Network Load Balancing Deployment . . . . . . . . . . . . . . . . . . . . 7-15Deploying a Network Load Balancing Cluster . . . . . . . . . . . . . . . . . . . . . . . 7-20Monitoring Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-21Practice: Creating a Network Load Balancing Cluster . . . . . . . . . . . . . . . . . 7-25Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-28Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-29Lesson 3: Designing a Server Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-30Designing a Server Cluster Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . 7-30Planning a Server Cluster Hardware Configuration . . . . . . . . . . . . . . . . . . . 7-31Creating an Application Deployment Plan . . . . . . . . . . . . . . . . . . . . . . . . . 7-35Selecting a Quorum Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-38Creating a Server Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-39Configuring Failover Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-41Practice: Creating a Single Node Cluster . . . . . . . . . . . . . . . . . . . . . . . . . 7-42Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-45Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-45Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-46Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-48Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-48Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-49Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-49Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-50Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-51 8Planning a Secure Baseline Installation8-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2Lesson 1: Selecting Computers and Operating Systems . . . . . . . . . . . . . . . . . . 8-3Understanding Computer Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3Creating Hardware Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5Selecting Operating Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12 14. ContentsxviiLesson 2: Planning a Security Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13High-Level Security Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13Creating a Security Design Team . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13Mapping Out a Security Life Cycle. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-17Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-18Lesson 3: Identifying Client and Server Default Security Settings . . . . . . . . . . . 8-19Evaluating Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-19Practice: Modifying Default Security Settings . . . . . . . . . . . . . . . . . . . . . . 8-30Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-32Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-33Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-35Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-36Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-36Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-37Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-38 9Hardening Servers9-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1Lesson 1: Creating a Baseline for Member Servers. . . . . . . . . . . . . . . . . . . . . . 9-2Creating a Baseline Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2Setting Audit Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4Setting Event Log Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8Configuring Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-9Configuring Security Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12Practice: Creating a Group Policy Object . . . . . . . . . . . . . . . . . . . . . . . . . . 9-14Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-17Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-18Lesson 2: Creating Role-Specific Server Configurations . . . . . . . . . . . . . . . . . . 9-19Securing Domain Controllers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-19Securing Infrastructure Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-23Securing File and Print Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-26Securing Application Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-27Practice: Modifying the GPO for the Domain Controllers Containers GPO . . 9-28Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-29Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-30 15. xviiiContentsLesson 3: Deploying Role-Specific GPOs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31Combining GPO Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31Practice: Deploying Multiple GPOs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-34Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-36Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-37Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-38Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-40Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-41Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-42Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-42Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-42Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-44 10Deploying Security Configurations10-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1Lesson 1: Creating a Testing and Deployment Plan . . . . . . . . . . . . . . . . . . . . . 10-2Creating a Testing Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2Creating a Pilot Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6Creating a Pilot Deployment Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-9Lesson 2: Introducing Security Templates. . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10Understanding Security Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10Using the Security Templates Console . . . . . . . . . . . . . . . . . . . . . . . . . . 10-11Using the Supplied Security Templates . . . . . . . . . . . . . . . . . . . . . . . . . . 10-13Practice: Using the Security Templates Snap-in . . . . . . . . . . . . . . . . . . . . 10-15Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-16Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-17Lesson 3: Deploying Security Templates. . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-18Using Group Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-18Using the Security Configuration And Analysis Tool. . . . . . . . . . . . . . . . . . 10-20Using Secedit.exe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-23Practice: Using the Security Configuration And Analysis Snap-in . . . . . . . . 10-23Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-26Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-26Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-27Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-28Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-29 16. ContentsxixExam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-30Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-30Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-31Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-32 11Creating and Managing Digital Certificates11-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1Lesson 1: Introducing Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2Introducing the Public Key Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2Understanding PKI Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6Practice: Viewing a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8Lesson 2: Designing a Public Key Infrastructure . . . . . . . . . . . . . . . . . . . . . . . 11-9Defining Certificate Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-9Creating a CA Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11Configuring Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-16Practice: Installing a Windows Server 2003 Certification Authority . . . . . . 11-16Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-17Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-18Lesson 3: Managing Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-19Understanding Certificate Enrollment and Renewal . . . . . . . . . . . . . . . . . 11-19Manually Requesting Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-21Revoking Certificates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-24Practice: Requesting a Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-25Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-28Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-29Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-29Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-30Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-31Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-32Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-32Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-32Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-33 12Securing Network Communications Using IPSec12-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2 17. xxContentsLesson 1: Securing Internetwork Communications . . . . . . . . . . . . . . . . . . . . . 12-3Introducing Packet Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3Packet Filtering Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5Windows Server 2003 Packet Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-8Practice: Creating Packet Filters in Routing and Remote Access Service . . . 12-9Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-11Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-13Lesson 2: Planning an IPSec Implementation . . . . . . . . . . . . . . . . . . . . . . . . 12-14Evaluating Threats. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-14Introducing IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-16IPSec Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-18Transport Mode and Tunnel Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-22Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-23Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-24Lesson 3: Deploying IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-25IPSec Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-25Planning an IPSec Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-26Working with IPSec Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-26Practice: Creating an IPSec Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-30Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-33Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-34Lesson 4: Troubleshooting Data Transmission Security . . . . . . . . . . . . . . . . . 12-35Troubleshooting Policy Mismatches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-35Examining IPSec Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-38Practice: Using Resultant Set of Policy . . . . . . . . . . . . . . . . . . . . . . . . . . 12-39Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-42Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-42Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-43Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-44Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-44Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-45Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-45Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-46Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-47 13Designing a Security Infrastructure13-1Why This Chapter Matters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1 18. ContentsxxiLesson 1: Planning a Security Update Infrastructure . . . . . . . . . . . . . . . . . . . . 13-2Understanding Software Update Practices . . . . . . . . . . . . . . . . . . . . . . . . . 13-2Using Windows Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3Updating a Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-4Practice: Using Microsoft Baseline Security Analyzer . . . . . . . . . . . . . . . . . 13-8Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-10Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-11Lesson 2: Securing a Wireless Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-12Understanding Wireless Networking Standards . . . . . . . . . . . . . . . . . . . . 13-12Wireless Networking Topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-13Understanding Wireless Network Security . . . . . . . . . . . . . . . . . . . . . . . . 13-15Controlling Wireless Access Using Group Policies . . . . . . . . . . . . . . . . . . 13-15Authenticating Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-17Encrypting Wireless Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-19Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-19Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-20Lesson 3: Providing Secure Network Administration . . . . . . . . . . . . . . . . . . . 13-21Using Remote Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-21Using Remote Desktop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-25Practice: Configuring Remote Assistance . . . . . . . . . . . . . . . . . . . . . . . 13-27Lesson Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-29Lesson Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-30Case Scenario Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-31Troubleshooting Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-32Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-32Exam Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-33Key Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-33Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-34Questions and Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-35Part 214Prepare for the Exam Planning and Implementing Server Roles and Server Security (1.0)14-3Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-3Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-4Configure Security for Servers That Are Assigned Specific Roles . . . . . . . . . . . . 14-6Objective 1.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-7Objective 1.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-8 19. xxiiContentsPlan a Secure Baseline Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10Objective 1.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-12Objective 1.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-14Plan Security for Servers That Are Assigned Specific Roles. . . . . . . . . . . . . . . 14-16Objective 1.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-18Objective 1.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-20Evaluate and Select the Operating System to Install onComputers in an Enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-22Objective 1.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-23Objective 1.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-25 15Planning, Implementing, and Maintaining a Network Infrastructure (2.0) 15-1 Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-4Plan a TCP/IP Network Infrastructure Strategy. . . . . . . . . . . . . . . . . . . . . . . . . 15-6Objective 2.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-8Objective 2.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-10Plan and Modify a Network Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-12Objective 2.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-15Objective 2.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-16Plan an Internet Connectivity Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-17Objective 2.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-20Objective 2.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-22Plan Network Traffic Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-24Objective 2.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-26Objective 2.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-28Troubleshoot Connectivity to the Internet. . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-30Objective 2.5 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-32Objective 2.5 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-34Troubleshoot TCP/IP Addressing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-36Objective 2.6 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-38Objective 2.6 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-39Plan a Host Name Resolution Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-41Objective 2.7 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-43Objective 2.7 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-45Plan a NetBIOS Name Resolution Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . 15-47Objective 2.8 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-49Objective 2.8 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-51Troubleshoot Host Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-53Objective 2.9 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-55Objective 2.9 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-56 20. Contents16Planning, Implementing, and Maintaining Routing and Remote Access (3.0)xxiii16-1Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2Plan a Routing Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-4Objective 3.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-6Objective 3.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-8Plan Security for Remote Access Users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-10Objective 3.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-13Objective 3.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-15Implement Secure Access Between Private Networks. . . . . . . . . . . . . . . . . . . 16-17Objective 3.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-19Objective 3.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-21Troubleshoot TCP/IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-23Objective 3.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-25Objective 3.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-27 17Planning, Implementing, and Maintaining Server Availability (4.0)17-1Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-1Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-3Plan Services for High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-5Objective 4.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-6Objective 4.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-7Identify System Bottlenecks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-9Objective 4.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-11Objective 4.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-13Implement a Cluster Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-15Objective 4.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-18Objective 4.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-21Manage Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-24Objective 4.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-25Objective 4.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-26Plan a Backup and Recovery Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-27Objective 4.5 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-29Objective 4.5 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-31 18Planning and Maintaining Network Security (5.0)18-1Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-1Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-3 21. xxivContentsConfigure Network Protocol Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-5Objective 5.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-7Objective 5.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-9Configure Security for Data Transmission . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-11Objective 5.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-13Objective 5.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-15Plan for Network Protocol Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-17Objective 5.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-19Objective 5.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-21Plan Secure Network Administration Methods . . . . . . . . . . . . . . . . . . . . . . . . 18-23Objective 5.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-25Objective 5.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-27Plan Security for Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-29Objective 5.5 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-31Objective 5.5 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-33Plan Security for Data Transmission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-35Objective 5.6 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-36Objective 5.6 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-38Troubleshoot Security for Data Transmission . . . . . . . . . . . . . . . . . . . . . . . . . 18-40Objective 5.7 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-42Objective 5.7 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-43 19Planning, Implementing, and Maintaining Security Infrastructure (6.0) 19-1 Tested Skills and Suggested Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-1Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-2Configure Active Directory Directory Service for Certificate Publication. . . . . . . . 19-4Objective 6.1 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-5Objective 6.1 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-7Plan a Public Key Infrastructure (PKI) That Uses Certificate Services . . . . . . . . . 19-9Objective 6.2 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-11Objective 6.2 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-13Plan a Framework for Planning and Implementing Security . . . . . . . . . . . . . . . 19-15Objective 6.3 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-17Objective 6.3 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-18Plan a Security Update Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-20Objective 6.4 Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-22Objective 6.4 Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-23Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . G-1 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I-1 22. About This Book Welcome to MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure. In this book, you study some of the more advanced applications, protocols, and services included with Windows Server 2003 and learn how to use them to create a network that is both efficient and secure. For many of these applications, protocols, and services, implementing them on a network consists of a good deal more than just running an installation program or configuring a few parameters; many of them require careful planning and continual maintenance once you have completed the initial implementation. This book covers all these phases of the implementation process, so you learn all the relevant information about each service. Note For more information about becoming a Microsoft Certified Professional, see the sec tion titled The Microsoft Certified Professional Program later in this introduction.Intended Audience This book was developed for information technology (IT) professionals who plan to take the related Microsoft Certified Professional exam 70-293, Planning and Maintain ing a Microsoft Windows Server 2003 Network Infrastructure, as well as IT profession als who design, implement, and maintain networks based on Microsoft Windows Server 2003 and its related technologies. Note Exam skills are subject to change without prior notice and at the sole discretion of Microsoft.Prerequisites The MCSE 70-293 exam and this training kit do not have any official prerequisites, but students should have the following qualifications: At least one year of experience implementing and administering a Microsoft Windows network with the following characteristics: 250 to 5,000 or more users, at least three physical locations, a minimum of three Active Directory domain controllers, and a variety of network services and resources, such as file and print servers, client/server applications, Internet access, and remote accessAt least one year of experience, implementing and maintaining desktop operating systemsExperience planning and designing networks xxv 23. xxviAbout This BookAbout the CD-ROM For your use, this book includes a Supplemental Materials CD-ROM. This CD-ROM contains a variety of informational aids to complement the book content: The Microsoft Press Readiness Review Suite, powered by MeasureUp. This suite of practice tests and objective reviews contains questions of varying degrees of com plexity and offers multiple testing modes. You can assess your understanding of the concepts presented in this book and use the results to develop a learning plan that meets your needs.An electronic version of this book (eBook). For information about using the eBook, see the section The eBooks later in this introduction.An eBook of the Microsoft Encyclopedia of Networking, Second Edition, and of the Microsoft Encyclopedia of Security provide complete and up-to-date reference materials for networking and security.Sample chapters from several Microsoft Press books give you additional informa tion about Windows Server 2003 and introduce you to other resources that are available from Microsoft Press.A second CD-ROM contains a 180-day evaluation edition of Microsoft Windows Server 2003, Enterprise Edition. Caution The 180-day Evaluation Edition provided with this training kit is not the full retail product and is provided only for the purposes of training and evaluation. Microsoft Technical Support does not support this evaluation edition.For additional support information regarding this book and the CD-ROM (including answers to commonly asked questions about installation and use), visit the Microsoft Press Technical Support Web site at http://www.microsoft.com/mspress/support/. You can also email [email protected] or send a letter to Microsoft Press, Attention: Microsoft Press Technical Support, One Microsoft Way, Redmond, WA 98052-6399.Features of This Book This book is divided into two parts. Use Part 1 to learn at your own pace and practice what youve learned with practical exercises. Part 2 contains questions and answers that you can use to test yourself on what youve learned. 24. About This BookxxviiPart 1: Learn at Your Own Pace Each chapter identifies the exam objectives that are covered in the chapter, provides an overview of why the topics matter by explaining how the information applies in the real world, and lists any prerequisites that must be met to complete the lessons pre sented in the chapter. The chapters contain a set of lessons. Lessons contain practices that include one or more hands-on exercises. These exercises give you an opportunity to use the skills being presented or explore the part of the application being described. Each lesson also has a set of review questions to test your knowledge of the material covered in that lesson. After the lessons, you are given an opportunity to apply what youve learned in a case scenario exercise. In this exercise, you work through a multistep solution for a realistic case scenario. You are also given an opportunity to work through a troubleshooting lab that explores difficulties you might encounter when applying what youve learned on the job. Each chapter ends with a summary of key concepts and a short section listing key top ics and terms that you need to know before taking the exam, summarizing the key learnings with a focus on the exam.Real World Helpful Real World Information You will find sidebars like this one, which contain related information you might find helpful. Real World sidebars contain specific information gained through the experience of IT professionals just like you.Part 2: Prepare for the Exam Part 2 helps to familiarize you with the types of questions that you will encounter on the MCP exam. By reviewing the objectives and the sample questions, you can focus on the specific skills that you need to improve before taking the exam. See Also For a complete list of MCP exams and their related objectives, go to http://www.microsoft.com/traincert/mcp.Part 2 is organized by the exams objectives. Each chapter covers one of the primary groups of objectives, called Objective Domains. Each chapter lists the tested skills you must master to answer the exam questions and includes a list of further readings to help you improve your ability to perform the tasks or use the skills specified by the objectives. 25. xxviiiAbout This BookWithin each Objective Domain, you will find the related objectives that are covered on the exam. Each objective provides you with several practice exam questions. The answers are accompanied by explanations of each correct and incorrect answer. Note These questions are also available on the companion CD as a practice test.Informational Notes Several types of reader aids appear throughout the training kit. Tip contains methods of performing a task more quickly or in a not-so-obvious way.Important contains information that is essential to completing a task.Note contains supplemental information.Caution contains valuable information about possible loss of data; be sure to read this information carefully.Warning contains critical information about possible physical injury; be sure to read this information carefully.See also contains references to other sources of information.Planning contains hints and useful information that should help you plan the implementation.Security Alert highlights information you need to know to maximize security in your work environment.Exam Tip flags information you should know before taking the certification exam.Off the Record contains practical advice about the real-world implications of information presented in the lesson.Notational Conventions The following conventions are used throughout this book. Characters or commands that you type appear in bold type.Italic in syntax statements indicates placeholders for variable information. Italic is also used for newly introduced terms and book titles.Names of files and folders appear in Title caps, except when you are to type them directly. Unless otherwise indicated, you can use all lowercase letters when you type a file name in a dialog box or at a command prompt.File name extensions appear in all lowercase.Acronyms appear in all uppercase. 26. About This Bookxxix Monospacetype represents code samples, examples of screen text, or entries that you might type at a command prompt or in initialization files.Square brackets [ ] are used in syntax statements to enclose optional items. For example, [filename] in command syntax indicates that you can choose to type a file name with the command. Type only the information within the brackets, not the brackets themselves.Braces { } are used in syntax statements to enclose required items. Type only the information within the braces, not the braces themselves.Keyboard Conventions A plus sign (+) between two key names means that you must press those keys at the same time. For example, Press ALT+TAB means that you hold down ALT while you press TAB.A comma ( , ) between two or more key names means that you must press each of the keys consecutively, not together. For example, Press ALT, F, X means that you press and release each key in sequence. Press ALT+W, L means that you first press ALT and W at the same time, and then release them and press L.Getting Started This training kit contains hands-on exercises to help you learn about the networking features of Windows Server 2003. Use this section to prepare your self-paced training environment. Most of the exercises require a computer running Windows Server 2003, and some of them require the Enterprise Edition. Caution Several exercises require you to make changes to the computer running Windows Server 2003, which can have undesirable results if the system is used for other purposes or is connected to a production network. It is strongly recommended that you create a new Windows Server 2003 installation on your computer using the 180-day Evaluation Edition of the operating system provided on the CD-ROM. If the computer is connected to a network, check with your network administrator before attempting these exercises.Hardware Requirements Each computer must have the following minimum hardware configuration. All hardware should be on the Microsoft Windows Server 2003 Windows Server Catalog, and should meet the requirements listed at http://www.microsoft.com/windowsserver2003/ evaluation/sysreqs/default.mspx. 27. xxxAbout This Book Minimum CPU: 133 MHz for x86-based computersMinimum RAM: 128 MB (256 MB is recommended) Disk space for setup: 1.5 GB for x86-based computersDisplay monitor capable of 800 x 600 resolution or higher CD-ROM or DVD drive Microsoft Mouse or compatible pointing device Network interface adapter (optional) Software Requirements The following software is required to complete the procedures in this training kit: Windows Server 2003, Enterprise Edition (A 180-day evaluation edition of Windows Server 2003, Enterprise Edition, is included on the CD-ROM.)Caution The 180-day Evaluation Edition provided with this training is not the full retail product and is provided only for the purposes of training and evaluation. Microsoft Technical Support does not support these evaluation editions. For additional support information regarding this book and the CD-ROMs (including answers to commonly asked questions about installation and use), visit the Microsoft Press Technical Support Web site at http://www.microsoft.com/mspress/support/. You can also e-mail [email protected] or send a letter to Microsoft Press, Attn: Microsoft Press Technical Support, One Microsoft Way, Redmond, WA 98502-6399.Setup Instructions Set up your computer according to the manufacturers instructions. Then install Windows Server 2003, Enterprise Edition according to the instructions provided on the installation CD-ROM. Use the following table during installation to help you configure the Windows Setup parameters. Caution If your computers are connected to a larger network, you must verify with your network administrator that the computer names, domain name, and other information used in setting up your system as described in this section do not conflict with network operations. If they do conflict, ask your network administrator to provide alternative values and use those values throughout all the exercises in this book. 28. About This BookWindows Setup Wizard pageSettingsRegional And Language OptionsDefault (English)Personalize Your SoftwareEnter your name and organization.Your Product Key Enter the product key provided with the Windows Server 2003 CD-ROM.Licensing ModesDefaultComputer Name And Administrator PasswordComputer Name: Server01 Administrator Password: [enter a strong password of your choice]Modem Dialing InformationDefaultDate And Time SettingsYour date, time, and time zone.Networking Settings Custom Settings IP Address: 10.0.0.1 Subnet Mask: 255.0.0.0 Preferred DNS Server: 10.0.0.1Workgroup Or Computer DomainxxxiDefault (Workgroup named WORKGROUP)Setup for Practice Exercises After you complete the Windows Server 2003 installation, complete the following configuration steps to prepare your computer for the practice exercises in the lessons. 1.Create a folder called Windist on your computers system drive. Then, copy the contents of the I386 folder on the Windows Server 2003 CD-ROM to the Windist folder. 2.Use the Manage Your Server page (which appears by default after you log on to the computer for the first time) to add the domain controller role to the server. This installs the Active Directory, DHCP, and DNS services on the computer. The procedure is as follows: a.On the Manage Your Server page, click the Add Or Remove A Role hyperlink. The Preliminary Steps page appears. b.Click Next. The Configure Your Server Wizard analyzes the computer. When the analysis completes, the Configuration Options page appears. c.Click the Typical Configuration For A First Server option button, and then click Next. The Active Directory Domain Name page appears. d.In the Active Directory Domain Name text box, type contoso.com, and then click Next. The NetBIOS Name page appears. 29. xxxiiAbout This Booke.Click Next to accept the default DNS and NetBIOS domain names. The Forwarding DNS Queries page appears. f.Click No, Do Not Forward Queries, and then click Next. The Summary Of Selections page appears. g.Click Next to accept your selections. A Configure Your Server Wizard mes sage box appears. h.Click OK to begin the installation process. After a few minutes, the computer restarts. i.Log