A- Installing and Configuring Windows Server 2012. | 70-410 |
B- Administering Windows Server 2012. | 70-411 |
C- Configuring Advanced Windows Server 2012 Services. | 70-412 |
A- Installing and Configuring Windows Server 2012
1. Install and Configure Servers (17%)
- Install servers
- This objective may include but is not limited to: Plan for a server installation; plan for server roles; plan for a server upgrade; install Server Core; optimize resource utilization by using Features on Demand; migrate roles from previous versions of Windows Server
- Configure servers
- This objective may include but is not limited to: Configure Server Core; delegate administration; add and remove features in offline images; deploy roles on remote servers; convert Server Core to/from full GUI; configure services; configure NIC teaming
- Configure local storage
- This objective may include but is not limited to: Design storage spaces; configure basic and dynamic disks; configure MBR and GPT disks; manage volumes; create and mount virtual hard disks (VHDs); configure storage pools and disk pools
- Configure Server Roles and Features (16%)
- Configure file and share access
- This objective may include but is not limited to: Create and configure shares; configure share permissions; configure offline files; configure NTFS permissions; configure access-based enumeration (ABE); configure Volume Shadow Copy Service (VSS); configure NTFS quotas
- Configure print and document services
- This objective may include but is not limited to: Configure the Easy Print print driver; configure Enterprise Print Management; configure drivers; configure printer pooling; configure print priorities; configure printer permissions
- Configure servers for remote management
- This objective may include but is not limited to: Configure WinRM; configure down-level server management; configure servers for day-to-day management tasks; configure multi-server management; configure Server Core; configure Windows Firewall
- Configure Hyper-V (17%)
- Create and configure virtual machine settings
- This objective may include but is not limited to: Configure dynamic memory; configure smart paging; configure Resource Metering; configure guest integration services
- Create and configure virtual machine storage
- This objective may include but is not limited to: Create VHDs and VHDX; configure differencing drives; modify VHDs; configure pass-through disks; manage snapshots; implement a virtual Fibre Channel adapter
- Create and configure virtual networks
- This objective may include but is not limited to: Implement Hyper-V Network Virtualization; configure Hyper-V virtual switches; optimize network performance; configure MAC addresses; configure network isolation; configure synthetic and legacy virtual network adapters
- Deploy and Configure Core Network Services (16%)
- Configure IPv4 and IPv6 addressing
- This objective may include but is not limited to: Configure IP address options; configure subnetting; configure supernetting; configure interoperability between IPv4 and IPv6; configure ISATAP; configure Teredo
- Deploy and configure Dynamic Host Configuration Protocol (DHCP) service
- This objective may include but is not limited to: Create and configure scopes; configure a DHCP reservation; configure DHCP options; configure client and server for PXE boot; configure DHCP relay agent; authorize DHCP server
- Deploy and configure DNS service
- This objective may include but is not limited to: Configure Active Directory integration of primary zones; configure forwarders; configure Root Hints; manage DNS cache; create A and PTR resource records
- Install and Administer Active Directory (18%)
- Install domain controllers
- This objective may include but is not limited to: Add or remove a domain controller from a domain; upgrade a domain controller; install Active Directory Domain Services (AD DS) on a Server Core installation; install a domain controller from Install from Media (IFM); resolve DNS SRV record registration issues; configure a global catalog server
- Create and manage Active Directory users and computers
- This objective may include but is not limited to: Automate the creation of Active Directory accounts; create, copy, configure, and delete users and computers; configure templates; perform bulk Active Directory operations; configure user rights; offline domain join; manage inactive and disabled accounts
- Create and manage Active Directory groups and organizational units (OUs)
- This objective may include but is not limited to: Configure group nesting; convert groups including security, distribution, universal, domain local, and domain global; manage group membership using Group Policy; enumerate group membership; delegate the creation and management of Active Directory objects; manage default Active Directory containers; create, copy, configure, and delete groups and OUs
- Create and Manage Group Policy (16%)
- Create Group Policy objects (GPOs)
- This objective may include but is not limited to: Configure a Central Store; manage starter GPOs; configure GPO links; configure multiple local group policies; configure security filtering
- Configure security policies
- This objective may include but is not limited to: Configure User Rights Assignment; configure Security Options settings; configure Security templates; configure Audit Policy; configure Local Users and Groups; configure User Account Control (UAC)
- Configure application restriction policies
- This objective may include but is not limited to: Configure rule enforcement; configure Applocker rules; configure Software Restriction Policies
- Configure Windows Firewall
- This objective may include but is not limited to: Configure rules for multiple profiles using Group Policy; configure connection security rules; configure Windows Firewall to allow or deny applications, scopes, ports, and users; configure authenticated firewall exceptions; import and export settings
- Administering Windows Server 2012
- Deploy, Manage, and Maintain Servers (17%)
- Deploy and manage server images.
- This objective may include but is not limited to: Install the Windows Deployment Services (WDS) role; configure and manage boot, install, and discover images; update images with patches, hotfixes, and drivers; install features for offline images
- Implement patch management.
- This objective may include but is not limited to: Install and configure the Windows Server Update Services (WSUS) role; configure group policies for updates; configure client-side targeting; configure WSUS synchronization; configure WSUS groups
- Monitor servers.
- This objective may include but is not limited to: Configure Data Collector Sets (DCS); configure alerts; monitor real-time performance; monitor virtual machines (VMs); monitor events; configure event subscriptions; configure network monitoring
- Configure File and Print Services (15%)
- Configure Distributed File System (DFS).
- This objective may include but is not limited to: Install and configure DFS namespaces; configure DFS Replication Targets; configure Replication Scheduling; configure Remote Differential Compression settings; configure staging; configure fault tolerance
- Configure File Server Resource Manager (FSRM).
- This objective may include but is not limited to: Install the FSRM role; configure quotas; configure file screens; configure reports
- Configure file and disk encryption.
- This objective may include but is not limited to: Configure Bitlocker encryption; configure the Network Unlock feature; configure Bitlocker policies; configure the EFS recovery agent; manage EFS and Bitlocker certificates including backup and restore
- Configure advanced audit policies.
- This objective may include but is not limited to: Implement auditing using Group Policy and AuditPol.exe; create expression-based audit policies; create removable device audit policies
- Configure Network Services and Access (17%)
- Configure DNS zones.
- This objective may include but is not limited to: Configure primary and secondary zones; configure stub zones; configure conditional forwards; configure zone and conditional forward storage in Active Directory; configure zone delegation; configure zone transfer settings; configure notify settings
- Configure DNS records.
- This objective may include but is not limited to: Create and configure DNS Resource Records (RR) including A, AAAA, PTR, SOA, NS, SRV, CNAME, and MX records; configure zone scavenging; configure record options including Time To Live (TTL) and weight; configure round robin; configure secure dynamic updates
- Configure VPN and routing.
- This objective may include but is not limited to: Install and configure the Remote Access role; implement Network Address Translation (NAT); configure VPN settings; configure remote dial-in settings for users; configure routing
- Configure DirectAccess.
- This objective may include but is not limited to: Implement server requirements; implement client configuration; configure DNS for Direct Access; configure certificates for Direct Access
- Configure a Network Policy Server Infrastructure (14%)
- Configure Network Policy Server (NPS).
- This objective may include but is not limited to: Configure multiple RADIUS server infrastructures; configure RADIUS clients; manage RADIUS templates; configure RADIUS accounting; configure certificates
- Configure NPS policies.
- This objective may include but is not limited to: Configure connection request policies; configure network policies for VPN clients (multilink and bandwidth allocation, IP filters, encryption, IP addressing); manage NPS templates; import and export NPS policies
- Configure Network Access Protection (NAP).
- This objective may include but is not limited to: Configure System Health Validators (SHVs); configure health policies; configure NAP enforcement using DHCP and VPN; configure isolation and remediation of non-compliant computers using DHCP and VPN; configure NAP client settings
- Configure and Manage Active Directory (19%)
- Configure service authentication.
- This objective may include but is not limited to: Create and configure Service Accounts; create and configure Group Managed Service Accounts; create and configure Managed Service Accounts; configure Kerberos delegation; manage Service Principal Names (SPNs)
- Configure Domain Controllers.
- This objective may include but is not limited to: Configure Universal Group Membership Caching (UGMC); transfer and seize operations masters; install and configure a read-only domain controller (RODC); configure Domain Controller cloning
- Maintain Active Directory.
- This objective may include but is not limited to: Back up Active Directory and SYSVOL; manage Active Directory offline; optimize an Active Directory database; clean up metadata; configure Active Directory snapshots; perform object- and container-level recovery; perform Active Directory restore
- Configure account policies.
- This objective may include but is not limited to: Configure domain user password policy; configure and apply Password Settings Objects (PSOs); delegate password settings management; configure local user password policy; configure account lockout settings
- Configure and Manage Group Policy (18%)
- Configure Group Policy processing.
- This objective may include but is not limited to: Configure processing order and precedence; configure blocking of inheritance; configure enforced policies; configure security filtering and WMI filtering; configure loopback processing; configure and manage slow-link processing; configure client-side extension (CSE) behavior
- Configure Group Policy settings.
- This objective may include but is not limited to: Configure settings including software installation, folder redirection, scripts, and administrative template settings; import security templates; import custom administrative template file; convert administrative templates using ADMX Migrator; configure property filters for administrative templates
- Manage Group Policy objects (GPOs).
- This objective may include but is not limited to: Back up, import, copy, and restore GPOs; create and configure Migration Table; reset default GPOs; delegate Group Policy management
- Configure Group Policy preferences.
- This objective may include but is not limited to: Configure Group Policy Preferences (GPP) settings including printers, network drive mappings, power options, custom registry settings, Control Panel settings, Internet Explorer settings, file and folder deployment, and shortcut deployment; configure item-level targeting
- Configuring Advanced Windows Server 2012 Services
- Configure and Manage High Availability (16%)
- Configure Network Load Balancing (NLB).
- This objective may include but is not limited to: Install NLB nodes; configure NLB prerequisites; configure affinity; configure port rules; configure cluster operation mode; upgrade an NLB cluster
- Configure failover clustering.
- This objective may include but is not limited to: Configure Quorum; configure cluster networking; restore single node or cluster configuration; configure cluster storage; implement Cluster Aware Updating; upgrade a cluster
- Manage failover clustering roles.
- This objective may include but is not limited to: Configure role-specific settings including continuously available shares; configure VM monitoring; configure failover and preference settings
- Manage Virtual Machine (VM) movement.
- This objective may include but is not limited to: Perform Live Migration; perform quick migration; perform storage migration; import, export, and copy VMs; migrate from other platforms (P2V and V2V)
- Configure File and Storage Solutions (15%)
- Configure advanced file services.
- This objective may include but is not limited to: Configure NFS data store; configure BranchCache; configure File Classification Infrastructure (FCI) using File Server Resource Manager (FSRM); configure file access auditing
- Implement Dynamic Access Control (DAC).
- This objective may include but is not limited to: Configure user and device claim types; implement policy changes and staging; perform access-denied remediation; configure file classification
- Configure and optimize storage.
- This objective may include but is not limited to: Configure iSCSI Target and Initiator; configure Internet Storage Name server (iSNS); implement thin provisioning and trim; manage server free space using Features on Demand
- Implement Business Continuity and Disaster Recovery (16%)
- Configure and manage backups.
- This objective may include but is not limited to: Configure Windows Server backups; configure Windows Online backups; configure role-specific backups; manage VSS settings using VSSAdmin; create System Restore snapshots
- Recover servers.
- This objective may include but is not limited to: Restore from backups; perform a Bare Metal Restore (BMR); recover servers using Windows Recovery Environment (Win RE) and safe mode; apply System Restore snapshots; configure the Boot Configuration Data (BCD) store
- Configure site-level fault tolerance.
- This objective may include but is not limited to: Configure Hyper-V Replica including Hyper-V Replica Broker and VMs; configure multi-site clustering including network settings, Quorum, and failover settings
- Configure Network Services (17%)
- Implement an advanced Dynamic Host Configuration Protocol (DHCP) solution.
- This objective may include but is not limited to: Create and configure superscopes and multicast scopes; implement DHCPv6; configure high availability for DHCP including DHCP failover and split scopes; configure DHCP Name Protection
- Implement an advanced DNS solution.
- This objective may include but is not limited to: Configure security for DNS including DNSSEC, DNS Socket Pool, and cache locking; configure DNS logging; configure delegated administration; configure recursion; configure netmask ordering; configure a GlobalNames zone
- Deploy and manage IPAM.
- This objective may include but is not limited to: Configure IPAM manually or by using Group Policy; configure server discovery; create and manage IP blocks and ranges; monitor utilization of IP address space; migrate to IPAM; delegate IPAM administration; manage IPAM collections
- Configure the Active Directory Infrastructure (18%)
- Configure a forest or a domain.
- This objective may include but is not limited to: Implement multi-domain and multi-forest Active Directory environments including interoperability with previous versions of Active Directory; upgrade existing domains and forests including environment preparation and functional levels; configure multiple user principal name (UPN) suffixes
- Configure trusts.
- This objective may include but is not limited to: Configure external, forest, shortcut, and realm trusts; configure trust authentication; configure SID filtering; configure name suffix routing
- Configure sites.
- This objective may include but is not limited to: Configure sites and subnets; create and configure site links; manage site coverage; manage registration of SRV records; move domain controllers between sites
- Manage Active Directory and SYSVOL replication.
- This objective may include but is not limited to: Configure replication to Read-Only Domain Controllers (RODCs); configure Password Replication Policy (PRP) for RODCs; monitor and manage replication; upgrade SYSVOL replication to Distributed File System Replication (DFSR)
- Configure Identity and Access Solutions (15%)
- Implement Active Directory Federation Services 2.1 (AD FSv2.1).
- This objective may include but is not limited to: Implement claims-based authentication including Relying Party Trusts; configure Claims Provider Trust rules; configure attribute stores including Active Directory Lightweight Directory Services (AD LDS); manage AD FS certificates; configure AD FS proxy; integrate with Cloud Services
- Install and configure Active Directory Certificate Services (AD CS).
- This objective may include but is not limited to: Install an Enterprise Certificate Authority (CA); configure CRL distribution points; install and configure Online Responder; implement administrative role separation; configure CA backup and recovery
- Manage certificates.
- This objective may include but is not limited to: Manage certificate templates; implement and manage certificate deployment, validation, and revocation; manage certificate renewal; manage certificate enrollment and renewal to computers and users using Group Policies; configure and manage key archival and recovery
- Install and configure Active Directory Rights Management Services (AD RMS).
- This objective may include but is not limited to: Install a licensing or certificate AD RMS server; manage AD RMS Service Connection Point (SCP); manage AD RMS client deployment; manage Trusted User Domains; manage Trusted Publishing Domains; manage Federated Identity support; manage RMS templates; configure Exclusion Policies