Plan and deploy a server infrastructure
(20–25%)
Design an automated server installation
strategy
Design considerations including
images and bare metal/virtual deployment; design a server implementation using
Windows Assessment and Deployment Kit (ADK); design a virtual server deployment
Plan and implement a server deployment
infrastructure
Configure multicast deployment;
configure multi-site topology and distribution points; configure a multi-server
topology; configure autonomous and replica Windows Deployment Services (WDS)
servers
Plan and implement server upgrade and
migration
Plan for role migration; migrate
server roles; migrate servers across domains and forests; design a server
consolidation strategy; plan for capacity and resource optimization
Plan and deploy Virtual Machine Manager
services
Design Virtual Machine Manager
service templates; define operating system profiles; configure hardware and
capability profiles; manage services; configure image and template libraries;
manage logical networks
Plan and implement file and storage
services
Planning considerations include
iSCSI SANs, Fibre Channel SANs, Virtual Fibre Channel, storage spaces, storage
pools, and data de-duplication; configure the iSCSI Target server; configure
the Internet Storage Name server (iSNS); configure Network File System (NFS);
install Device Specific Modules (DSMs)
Design and implement network
infrastructure services (20–25%)
Design and maintain a Dynamic Host
Configuration Protocol (DHCP) solution
Design considerations including a
highly available DHCP solution including split scope, DHCP failover, and DHCP
failover clustering, DHCP interoperability, and DHCPv6; implement DHCP
filtering; implement and configure a DHCP management pack; maintain a DHCP
database
Design a name resolution solution
strategy
Design considerations including
secure name resolution, DNSSEC, DNS Socket Pool, cache locking, disjoint
namespaces, DNS interoperability, migration to application partitions, IPv6,
Single-Label DNS Name Resolution, zone hierarchy, and zone delegation
Design and manage an IP address
management solution
Design considerations including IP
address management technologies including IPAM, Group Policy based, manual
provisioning, and distributed vs. centralized placement; configure role-based
access control; configure IPAM auditing; migrate IPs; manage and monitor
multiple DHCP and DNS servers; configure data collection for IPAM
Design and implement network access
services (15–20%)
Design a VPN solution
Design considerations including
certificate deployment, firewall configuration, client/site to site, bandwidth,
protocol implications, and VPN deployment configurations using Connection
Manager Administration Kit (CMAK)
Design a DirectAccess solution
Design considerations including
topology, migration from Forefront UAG, DirectAccess deployment, and enterprise
certificates
Implement a scalable remote access
solution
Configure site-to-site VPN;
configure packet filters; implement packet tracing; implement multi-site Remote
Access; configure Remote Access clustered with Network Load Balancing (NLB);
configure DirectAccess
Design a network protection solution
Design considerations including
Network Access Protection (NAP) enforcement methods for DHCP, IPSec, VPN, and
802.1x, capacity, placement of servers, firewall, Network Policy Server (NPS),
and remediation network
Implement a network protection solution
Implement multi-RADIUS deployment;
configure NAP enforcement for IPSec and 802.1x; deploy and configure the
Endpoint Protection client; create anti-malware and firewall policies; monitor
for compliance
Design and implement an Active Directory
infrastructure (logical) (20–25%)
Design a forest and domain
infrastructure
Design considerations including
multi-forest architecture, trusts, functional levels, domain upgrade, domain migration,
forest restructure, and hybrid cloud services
Implement a forest and domain
infrastructure
Configure domain rename; configure
Kerberos realm trusts; implement a domain upgrade; implement a domain
migration; implement a forest restructure; deploy and manage a test forest
including synchronization with production forests
Design a Group Policy strategy
Design considerations including
inheritance blocking, enforced policies, loopback processing, security, and WMI
filtering, site-linked Group Policy Objects (GPOs), slow-link processing, group
strategies, organizational unit (OU) hierarchy, and Advanced Group Policy
Management (AGPM)
Design an Active Directory permission
model
Design considerations including
Active Directory object security and Active Directory quotas; customize tasks
to delegate in Delegate of Control Wizard; deploy administrative tools on the
client computer; delegate permissions on administrative users (AdminSDHolder); configure
Kerberos delegation
Design and implement an Active Directory
infrastructure (physical) (20–25%)
Design an Active Directory sites
topology
Design considerations including
proximity of domain controllers, replication optimization, and site link;
monitor and resolve Active Directory replication conflicts
Design a domain controller strategy
Design considerations including
global catalog, operations master roles, Read-Only Domain Controllers (RODCs),
partial attribute set, and domain controller cloning
Design and implement a branch office
infrastructure
Design considerations including
RODC, Universal Group Membership Caching (UGMC), global catalog, DNS, DHCP, and
BranchCache; implement confidential attributes; delegate administration; modify
filtered attributes set; configure password replication policy; configure hash
publication
No comments:
Post a Comment