0471-6454555
9447387064
9847003556

No1 Training Institute in Kerala

MCSE

Design and implement identity and access solutions

Design a Certificate Services infrastructure

Design a multi-tier Certificate Authority (CA) hierarchy with offline root CA; plan for multi-forest CA deployment; plan for Certificate Enrollment Web Services and Certificate Enrollment Policy Web Services; plan for Network Device Enrollment Services (NDES); plan for certificate validation and revocation; plan for disaster recovery; plan for trust between organizations including Certificate Trust Lists (CTL), cross certifications, and bridge CAs

Implement and manage a Certificate Services infrastructure

Configure and manage offline root CA; configure and manage Certificate Enrollment Web Services and Certificate Enrollment Policy Web Services; configure and manage Network Device Enrollment Services; configure Online Certificates Status Protocol (OCSP) responders; migrate CA; implement administrator role separation; implement and manage trust between organizations including Certificate Trust Lists (CTL), cross certifications, and bridge CAs; monitor CA health

Implement and manage certificates

Manage certificate templates; implement and manage certificate deployment, validation, renewal, revocation, and publishing including Internet-based clients, CAs, and network devices; configure and manage key archival and recovery

Design and implement a federated identity solution

Plan for and implement claims-based authentication including planning and implementing Relying Party Trusts; plan for and configure Claims Provider and Relying Party Trust claim rules; plan for and configure attribute stores including Active Directory Lightweight Directory Services (AD LDS); plan for and manage Active Directory Federation Services (AD FS) certificates; plan for and implement Identity Integration with cloud services; integrate Web Application Proxy with AD FS

Design and implement Active Directory Rights Management Services (AD RMS

Plan for highly available AD RMS deployment; plan for AD RMS client deployment; manage Trusted User Domains; manage Trusted Publishing Domains; manage Federated Identity support; upgrade or migrate AD RMS; decommission AD RMS

TRINITY TECHNOLOGIES

Plan and implement a server virtualization infrastructure

Plan and implement virtualization hosts

Plan for and implement delegation of virtualization environment (hosts, services, and VMs), including self-service capabilities; plan and implement multi-host libraries including equivalent objects; plan for and implement host resource optimization; integrate third-party virtualization platforms; deploying Hyper-V hosts to bare metal

Plan and implement virtual machines

Plan for and implement highly available VMs; plan for and implement guest resource optimization including shared VHDx; configure placement rules; create Virtual Machine Manager templates

Plan and implement virtualization networking

Plan for and configure Virtual Machine Manager logical networks, including virtual switch extensions and logical switches; plan for and configure IP address and MAC address settings across multiple Hyper-V hosts, including network virtualization; plan for and configure virtual network optimization; plan and implement Windows Server Gateway; plan and implement VLANs and pVLANs; plan and implement virtual machine (VM) networks; plan and implement converged networks

Plan and implement virtualization storage

Plan for and configure Hyper-V host clustered storage; plan for and configure Hyper-V virtual machine storage including virtual Fibre Channel, iSCSI, and shared VHDx; plan for storage optimization; plan and implement storage using SMB 3.0 file shares

Plan and implement virtual machine movement

Plan for and configure live and storage migration between Hyper-V hosts; plan for and manage P2V and V2V; plan and implement virtual machine migration between clouds

Manage and maintain a server virtualization infrastructure

Manage dynamic optimization and resource optimization; integrate Operations Manager with System Center Virtual Machine Manager and System Center Service Manager; update virtual machine images in libraries; plan for and implement backup and recovery of virtualization infrastructure by using System Center Data Protection Manager (DPM)

 

TRINITY TECHNOLOGIES

Plan and implement a highly available enterprise infrastructure

Plan and implement failover clustering

Plan for and implement multi-node and multi-site clustering including the use of networking storage, name resolution, and Global Update Manager (GUM); design considerations including redundant networks, network priority settings, resource failover and failback, heartbeat and DNS settings, Quorum configuration, storage placement and replication, and cluster aware updates

Plan and implement highly available network services

Plan for and configure Network Load Balancing (NLB); design considerations including fault-tolerant networking, multicast vs. unicast configuration, state management, and automated deployment of NLB using Virtual Machine Manager service templates

Plan and implement highly available storage solutions

Plan for and configure storage spaces and storage pools; design highly available, multi-replica DFS namespaces; plan for and configure multi-path I/O (MPIO); configure highly available iSCSI Target and iSNS Server; plan for and implement storage using RDMA and SMB multi-channel

Plan and implement highly available roles

Plan for a highly available Dynamic Host Configuration Protocol (DHCP) Server, Hyper-V clustering, Continuously Available File Shares, and a DFS Namespace Server; plan for and implement highly available applications, services, and scripts using Generic Application, Generic Script, and Generic Service clustering roles

Plan and implement a business continuity and disaster recovery solution

Plan a backup and recovery strategy; planning considerations including Active Directory domain and forest recovery, Hyper-V replica including using Microsoft Azure Site Recovery, domain controller restore and cloning, and Active Directory object and container restore using authoritative restore and Recycle Bin; plan for and implement backup and recovery by using System Center Data Protection Manager (DPM)

TRINITY TECHNOLOGIES

Manage and maintain a server infrastructure

Design an administrative model

Design considerations, including user rights and built-in groups; design a delegation of administration structure for Microsoft System Center 2012 R2; design self-service portals by using System Center Service Manager; delegate rights for managing private cloud by using AppController and System Center Virtual Machine Manager

Design a monitoring strategy

Design considerations including monitoring servers using Audit Collection Services (ACS) and System Center Global Service Monitor, performance monitoring, application monitoring, centralized monitoring, and centralized reporting; implement and optimize System Center 2012 – Operations Manager management packs; plan for monitoring Active Directory

Plan and implement automated remediation

Create an Update Baseline in Virtual Machine Manager; implement a Desired Configuration Management (DCM) Baseline; implement Virtual Machine Manager integration with Operations Manager; configure Virtual Machine Manager to move a VM dynamically based on policy; integrate System Center 2012 for automatic remediation into your existing enterprise infrastructure; design and implement a Windows PowerShell Desired State Configuration (DSC) solution

TRINITY TECHNOLOGIES

Implementing an Advanced Server Infrastructure 70-414

TRINITY TECHNOLOGIES

Design and implement an Active Directory infrastructure (physical)

Design an Active Directory sites topology

Design considerations including proximity of domain controllers, replication optimization, and site link; monitor and resolve Active Directory replication conflicts

Design a domain controller strategy

Design considerations including global catalog, operations master roles, Read-Only Domain Controllers (RODCs), partial attribute set, and domain controller cloning, and domain controller placement

Design and implement a branch office infrastructure

Design considerations including RODC, Universal Group Membership Caching (UGMC), global catalog, DNS, DHCP, and BranchCache; implement confidential attributes; delegate administration; modify filtered attributes set; configure password replication policy; configure hash publication

 

TRINITY TECHNOLOGIES

Design and implement an Active Directory infrastructure (logical)

Design a forest and domain infrastructure

Design considerations including multi-forest architecture, trusts, functional levels, domain upgrade, domain migration, forest restructure, Microsoft Azure Active Directory and DirSync

Implement a forest and domain infrastructure

Configure domain rename; configure Kerberos realm trusts; implement a domain upgrade; implement a domain migration; implement a forest restructure; deploy and manage a test forest including synchronization with production forests

Design a Group Policy strategy

Design considerations including inheritance blocking, enforced policies, loopback processing, security, and WMI filtering, site-linked Group Policy Objects (GPOs), slow-link processing, group strategies, organizational unit (OU) hierarchy, and Advanced Group Policy Management (AGPM), and Group Policy caching

Design an Active Directory permission model

Design considerations including Active Directory object security and Active Directory quotas; customize tasks to delegate in Delegate of Control Wizard; deploy administrative tools on the client devices; delegate permissions on administrative users (AdminSDHolder); plan for Kerberos delegation

TRINITY TECHNOLOGIES

Design and implement network access services

Design a VPN solution

Design considerations including certificate deployment, firewall configuration, client/site to site, bandwidth, protocol implications, connectivity to Microsoft Azure IaaS and VPN deployment configurations using Connection Manager Administration Kit (CMAK)

Design a DirectAccess solution

Design considerations including deployment topology, migration from Forefront UAG, One Time Password (OTP), and use of certificates issued by enterprise Certificate Authority (CA)

Design a Web Application Proxy solution

Design considerations including planning for applications, authentication and authorization, Workplace Join, devices, multifactor authentication, multifactor access control, single sign-on (SSO), certificates, planning access for internal and external clients

Implement a scalable remote access solution

Configure site-to-site VPN; configure packet filters; implement packet tracing; implement multi-site Remote Access; configure Remote Access clustered with Network Load Balancing (NLB); implement an advanced DirectAccess solution, configure multiple RADIUS server groups and infrastructure, configure Web Application Proxy for clustering

Design and implement network protection solution

Design considerations including Network Access Protection (NAP) enforcement methods for DHCP, IPSec, VPN, and 802.1x, capacity, placement of servers, firewall, Network Policy Server (NPS), and remediation network, configure NAP enforcement for IPsec and 802.1x, monitor for compliance

TRINITY TECHNOLOGIES

Design and implement network infrastructure services

Design and maintain a Dynamic Host Configuration Protocol (DHCP) solution

Design considerations including a highly available DHCP solution including split scope, DHCP failover, and DHCP failover clustering, DHCP interoperability, and DHCPv6; implement DHCP filtering; implement and configure a DHCP management pack; maintain a DHCP database

Design a name resolution solution strategy

Design considerations including Active Directory integrated zones, DNSSEC, DNS Socket Pool, cache locking, disjoint namespaces, DNS interoperability, migration to application partitions, IPv6, Single-Label DNS Name Resolution, zone hierarchy, and zone delegation

Design and manage an IP address management solution

Design considerations including IP address management technologies including IPAM, Group Policy based, manual provisioning, and distributed, centralized, hybrid placement, and database storage; configure role-based access control; configure IPAM auditing; migrate IPs; manage and monitor multiple DHCP and DNS servers; configure data collection for IPAM; integrate IPAM with Virtual Machine Manager (VMM)

TRINITY TECHNOLOGIES

Plan and deploy a server infrastructure

Design and plan an automated server installation strategy

Design considerations including images and bare metal/virtual deployment; design a server implementation using Windows Assessment and Deployment Kit (ADK); design a virtual server deployment

Plan for deploying servers to Microsoft Azure infrastructure as a service (IaaS); plan for deploying servers to public and private cloud by using AppController and Windows PowerShell; plan for multicast deployment; plan for Windows Deployment Services (WDS)

Implement a server deployment infrastructure

Configure multi-site topology and transport servers; implement a multi-server topology, including stand-alone and Active Directory–integrated Windows Deployment Services (WDS) servers; deploy servers to Microsoft Azure IaaS; deploy servers to public and private cloud by using AppController and Windows PowerShell

Plan and implement server upgrade and migration

Plan for role migration; migrate server roles; migrate servers across domains and forests; design a server consolidation strategy; plan for capacity and resource optimization

Plan and deploy Virtual Machine Manager services

Design Virtual Machine Manager service templates; plan and deploy profiles, operating system profiles, hardware and capability profiles, application profiles, and SQL profiles; plan and manage services including scaling out, updating and servicing services; configure Virtual Machine Manager libraries; plan and deploy services to non-trusted domains and workgroups

Plan and implement file and storage services

Planning considerations include iSCSI SANs, Fibre Channel SANs, Virtual Fibre Channel, storage spaces, storage pools including tiered storage and data de-duplication; configure the Internet Storage Name server (iSNS); configure Services for Network File System (NFS); plan and implement SMB 3.0 based storage; plan for Windows Offloaded Data Transfer (ODX)

TRINITY TECHNOLOGIES

Designing and Implementing a Server Infrastructure (70-413)

TRINITY TECHNOLOGIES

Configure Identity and Access Solutions

Implement Active Directory Federation Services (AD FS)

Install AD FS; implement claims-based authentication, including Relying Party Trusts; configure authentication policies; configure Workplace Join; configure multi-factor authentication

Install and configure Active Directory Certificate Services (AD CS)

Install an Enterprise Certificate Authority (CA), configure certificate revocation lists (CRL) distribution points, install and configure Online Responder, implement administrative role separation, configure CA backup and recovery

Manage certificates

Manage certificate templates; implement and manage certificate deployment, validation, and revocation; manage certificate renewal; manage certificate enrollment and renewal to computers and users using Group Policies; configure and manage key archival and recovery

Install and configure Active Directory Rights Management Services (AD RMS)

Install a licensing or certificate AD RMS server, manage AD RMS Service Connection Point (SCP), manage RMS templates, configure Exclusion Policies, back up and restore AD RMS

Preparation resources

TRINITY TECHNOLOGIES

Configure the Active Directory infrastructure

Configure a forest or a domain

Implement multi-domain and multi-forest Active Directory environments, including interoperability with previous versions of Active Directory; upgrade existing domains and forests, including environment preparation and functional levels; configure multiple user principal name (UPN) suffixes

Configure trusts

Configure external, forest, shortcut, and realm trusts; configure trust authentication; configure SID filtering; configure name suffix routing

Configure sites

Configure sites and subnets, create and configure site links, manage site coverage, manage registration of SRV records, move domain controllers between sites

Manage Active Directory and SYSVOL replication

Configure replication to Read-Only Domain Controllers (RODCs), configure Password Replication Policy (PRP) for RODC, monitor and manage replication, upgrade SYSVOL replication to Distributed File System Replication (DFSR)

 

TRINITY TECHNOLOGIES

Configure Network Services

Implement an advanced Dynamic Host Configuration Protocol (DHCP) solution

Create and configure superscopes and multicast scopes; implement DHCPv6; configure high availability for DHCP, including DHCP failover and split scopes; configure DHCP Name Protection; configure DNS registration

Implement an advanced DNS solution

Configure security for DNS, including Domain Name System Security Extensions (DNSSEC), DNS Socket Pool, and cache locking; configure DNS logging; configure delegated administration; configure recursion; configure netmask ordering; configure a GlobalNames zone; analyze zone level statistics

Deploy and manage IP Address Management (IPAM)

Provision IPAM manually or by using Group Policy, configure server discovery, create and manage IP blocks and ranges, monitor utilization of IP address space, migrate to IPAM, delegate IPAM administration, manage IPAM collections, configure IPAM database storage

TRINITY TECHNOLOGIES

Configure file and storage solutions

Configure advanced file services

Configure Network File System (NFS) data store, configure BranchCache, configure File Classification Infrastructure (FCI) using File Server Resource Manager (FSRM), configure file access auditing

Implement Dynamic Access Control (DAC)

Configure user and device claim types, implement policy changes and staging, perform access-denied remediation, configure file classification, create and configure Central Access rules and policies, create and configure resource properties and lists

Configure and optimize storage

Configure iSCSI target and initiator, configure Internet Storage Name server (iSNS), implement thin provisioning and trim, manage server free space using Features on Demand, configure tiered storageImplement business continuity and disaster recovery (15–20%)

Configure and manage backups

Configure Windows Server backups, configure Microsoft Azure backups, configure role-specific backups, manage VSS settings using VSSAdmin

Recover servers

Restore from backups, perform a Bare Metal Restore (BMR), recover servers using Windows Recovery Environment (Win RE) and safe mode, configure the Boot Configuration Data (BCD) store

Configure site-level fault tolerance

Configure Hyper-V Replica, including Hyper-V Replica Broker and VMs; configure multi-site clustering, including network settings, Quorum, and failover settings; configure Hyper-V Replica extended replication; configure Global Update Manager; recover a multi-site failover cluster

TRINITY TECHNOLOGIES

Configure and manage high availability

Configure Network Load Balancing (NLB)

Install NLB nodes, configure NLB prerequisites, configure affinity, configure port rules, configure cluster operation mode, upgrade an NLB cluster

Configure failover clustering

Configure quorum, configure cluster networking, restore single node or cluster configuration, configure cluster storage, implement Cluster-Aware Updating, upgrade a cluster, configure and optimize clustered shared volumes, configure clusters without network names, configure storage spaces

Manage failover clustering roles

Configure role-specific settings, including continuously available shares; configure virtual machine (VM) monitoring; configure failover and preference settings; configure guest clustering

Manage VM movement

Perform live migration; perform quick migration; perform storage migration; import, export, and copy VMs; configure VM network health protection; configure drain on shutdown

TRINITY TECHNOLOGIES

Configuring Advanced Windows Server 2012 Services (70-412)

TRINITY TECHNOLOGIES

Configure and manage Group Policy

Configure Group Policy processing

Configure processing order and precedence, configure blocking of inheritance, configure enforced policies, configure security filtering and Windows Management Instrumentation (WMI) filtering, configure loopback processing, configure and manage slow-link processing and Group Policy caching, configure client-side extension (CSE) behavior, force Group Policy Update

Configure Group Policy settings

Configure settings, including software installation, folder redirection, scripts, and administrative template settings; import security templates; import custom administrative template file; configure property filters for administrative templates

Manage Group Policy objects (GPOs)

Back up, import, copy, and restore GPOs; create and configure Migration Table; reset default GPOs; delegate Group Policy management

Configure Group Policy preferences (GPP)

Configure GPP settings, including printers, network drive mappings, power options, custom registry settings, Control Panel settings, Internet Explorer settings, file and folder deployment, and shortcut deployment; configure item-level targeting

TRINITY TECHNOLOGIES

Configure and manage Active Directory

Configure service authentication

Create and configure Service Accounts, create and configure Group Managed Service Accounts, configure Kerberos delegation, manage Service Principal Names (SPNs), configure virtual accounts

Configure domain controllers

Transfer and seize operations master roles, install and configure a read-only domain controller (RODC), configure domain controller cloning

Maintain Active Directory

Back up Active Directory and SYSVOL, manage Active Directory offline, optimize an Active Directory database, clean up metadata, configure Active Directory snapshots, perform object- and container-level recovery, perform Active Directory restore, configure and restore objects by using the Active Directory Recycle Bin

Configure account policies

Configure domain and local user password policy settings, configure and apply Password Settings Objects (PSOs), delegate password settings management, configure account lockout policy settings, configure Kerberos policy settings

TRINITY TECHNOLOGIES

Configure a Network Policy Server (NPS) infrastructure

Configure Network Policy Server

Configure a RADIUS server, including RADIUS proxy; configure RADIUS clients; configure NPS templates; configure RADIUS accounting; configure certificates

Configure NPS policies

Configure connection request policies, configure network policies for VPN clients (multilink and bandwidth allocation, IP filters, encryption, IP addressing), import and export NPS policies

Configure Network Access Protection (NAP)

Configure System Health Validators (SHVs), configure health policies, configure NAP enforcement using DHCP and VPN, configure isolation and remediation of non-compliant computers using DHCP and VPN, configure NAP client settings

TRINITY TECHNOLOGIES

Configure network services and access

Configure DNS zones

Configure primary and secondary zones, configure stub zones, configure conditional forwards, configure zone and conditional forward storage in Active Directory, configure zone delegation, configure zone transfer settings, configure notify settings

Configure DNS records

Create and configure DNS Resource Records (RR), including A, AAAA, PTR, SOA, NS, SRV, CNAME, and MX records; configure zone scavenging; configure record options, including Time To Live (TTL) and weight; configure round robin; configure secure dynamic updates

Configure virtual private network (VPN) and routing

Install and configure the Remote Access role, implement Network Address Translation (NAT), configure VPN settings, configure remote dial-in settings for users, configure routing, configure Web Application proxy in pass-through mode

Configure Direct Access

Implement server requirements, implement client configuration, configure DNS for Direct Access, configure certificates for Direct Access

 

TRINITY TECHNOLOGIES

Configure File and Print Services

Configure Distributed File System (DFS)

Install and configure DFS namespaces, configure DFS Replication Targets, configure Replication Scheduling, configure Remote Differential Compression settings, configure staging, configure fault tolerance, clone a DFS database, recover DFS databases, optimize DFS replication

Configure File Server Resource Manager (FSRM)

Install the FSRM role service, configure quotas, configure file screens, configure reports, configure file management tasks

Configure file and disk encryption

Configure BitLocker encryption; configure the Network Unlock feature; configure BitLocker policies; configure the EFS recovery agent; manage EFS and BitLocker certificates, including backup and restore

Configure advanced audit policies

Implement auditing using Group Policy and AuditPol.exe, create expression-based audit policies, create removable device audit policies

 

TRINITY TECHNOLOGIES

Deploy, manage, and maintain servers

Deploy and manage server images

Install the Windows Deployment Services (WDS) role; configure and manage boot, install, and discover images; update images with patches, hotfixes, and drivers; install features for offline images; configure driver groups and packages

Implement patch management

Install and configure the Windows Server Update Services (WSUS) role, configure group policies for updates, configure client-side targeting, configure WSUS synchronization, configure WSUS groups, manage patch management in mixed environments

Monitor servers

Configure Data Collector Sets (DCS), configure alerts, monitor real-time performance, monitor virtual machines (VMs), monitor events, configure event subscriptions, configure network monitoring, schedule performance monitoring

TRINITY TECHNOLOGIES

Administering Windows Server (2012 70-411

TRINITY TECHNOLOGIES

Create and manage Group Policy

Create Group Policy objects (GPOs)

Configure a Central Store, manage starter GPOs, configure GPO links, configure multiple local Group Policies

Configure security policies

Configure User Rights Assignment, configure Security Options settings. configure Security templates, configure Audit Policy, configure Local Users and Groups, configure User Account Control (UAC)

Configure application restriction policies

Configure rule enforcement, configure AppLocker rules, configure Software Restriction Policies

Configure Windows Firewall

Configure rules for multiple profiles using Group Policy; configure connection security rules; configure Windows Firewall to allow or deny applications, scopes, ports, and users; configure authenticated firewall exceptions; import and export settings

TRINITY TECHNOLOGIES

Install and administer Active Directory

Install domain controllers

Add or remove a domain controller from a domain, upgrade a domain controller, install Active Directory Domain Services (AD DS) on a Server Core installation, install a domain controller from Install from Media (IFM), resolve DNS SRV record registration issues, configure a global catalog server, deploy Active Directory infrastructure as a service (IaaS) in Microsoft Azure

Create and manage Active Directory users and computers

Automate the creation of Active Directory accounts; create, copy, configure, and delete users and computers; configure templates; perform bulk Active Directory operations; configure user rights; offline domain join; manage inactive and disabled accounts

Create and manage Active Directory groups and organizational units (OUs)

Configure group nesting; convert groups, including security, distribution, universal, domain local, and domain global; manage group membership using Group Policy; enumerate group membership; delegate the creation and management of Active Directory objects; manage default Active Directory containers; create, copy, configure, and delete groups and OUs

 

TRINITY TECHNOLOGIES

Deploy and configure core network services

Configure IPv4 and IPv6 addressing

Configure IP address options, configure IPv4 or IPv6 subnetting, configure supernetting, configure interoperability between IPv4 and IPv6, configure Intra-site Automatic Tunnel Addressing Protocol (ISATAP), configure Teredo

Deploy and configure Dynamic Host Configuration Protocol (DHCP) service

Create and configure scopes, configure a DHCP reservation, configure DHCP options, configure client and server for PXE boot, configure DHCP relay agent, authorize DHCP server

Deploy and configure DNS service

Configure Active Directory integration of primary zones, configure forwarders, configure Root Hints, manage DNS cache, create A and PTR resource records

TRINITY TECHNOLOGIES

Configure Hyper-V

Create and configure virtual machine settings

Configure dynamic memory, configure smart paging, configure Resource Metering, configure guest integration services, create and configure Generation 1 and 2 virtual machines, configure and use enhanced session mode, configure RemoteFX

Create and configure virtual machine storage

Create VHDs and VHDX, configure differencing drives, modify VHDs, configure pass-through disks, manage checkpoints, implement a virtual Fibre Channel adapter, configure storage Quality of Service

Create and configure virtual networks

Configure Hyper-V virtual switches, optimize network performance, configure MAC addresses; configure network isolation, configure synthetic and legacy virtual network adapters, configure NIC teaming in virtual machines

TRINITY TECHNOLOGIES

Configure server roles and features

Configure file and share access

Create and configure shares, configure share permissions, configure offline files, configure NTFS permissions, configure access-based enumeration (ABE), configure Volume Shadow Copy Service (VSS), configure NTFS quotas, create and configure Work Folders

Configure print and document services

Configure the Easy Print print driver, configure Enterprise Print Management, configure drivers, configure printer pooling, configure print priorities, configure printer permissions

Configure servers for remote management

Configure WinRM, configure down-level server management, configure servers for day-to-day management tasks, configure multi-server management, configure Server Core, configure Windows Firewall, manage non-domain joined servers

 

TRINITY TECHNOLOGIES

Install and configure servers

Install servers

Plan for a server installation, plan for server roles, plan for a server upgrade, install Server Core, optimize resource utilization by using Features on Demand, migrate roles from previous versions of Windows Server

Configure servers

Configure Server Core, delegate administration, add and remove features in offline images, deploy roles on remote servers, convert Server Core to/from full GUI, configure services, configure NIC teaming, install and configure Windows PowerShell Desired State Configuration (DSC)

Configure local storage

Design storage spaces, configure basic and dynamic disks, configure master boot record (MBR) and GUID partition table (GPT) disks, manage volumes, create and mount virtual hard disks (VHDs), configure storage pools and disk pools, create storage pools by using disk enclosures

TRINITY TECHNOLOGIES

Installing and Configuring Windows Server 2012 r2 (70-410)

TRINITY TECHNOLOGIES

Installing and Configuring Windows Server 2012 r2 (70-410)

Install and configure servers

Install servers

Plan for a server installation, plan for server roles, plan for a server upgrade, install Server Core, optimize resource utilization by using Features on Demand, migrate roles from previous versions of Windows Server

Configure servers

Configure Server Core, delegate administration, add and remove features in offline images, deploy roles on remote servers, convert Server Core to/from full GUI, configure services, configure NIC teaming, install and configure Windows PowerShell Desired State Configuration (DSC)

Configure local storage

Design storage spaces, configure basic and dynamic disks, configure master boot record (MBR) and GUID partition table (GPT) disks, manage volumes, create and mount virtual hard disks (VHDs), configure storage pools and disk pools, create storage pools by using disk enclosures

Configure server roles and features

Configure file and share access

Create and configure shares, configure share permissions, configure offline files, configure NTFS permissions, configure access-based enumeration (ABE), configure Volume Shadow Copy Service (VSS), configure NTFS quotas, create and configure Work Folders

Configure print and document services

Configure the Easy Print print driver, configure Enterprise Print Management, configure drivers, configure printer pooling, configure print priorities, configure printer permissions

Configure servers for remote management

Configure WinRM, configure down-level server management, configure servers for day-to-day management tasks, configure multi-server management, configure Server Core, configure Windows Firewall, manage non-domain joined servers

 

Configure Hyper-V

Create and configure virtual machine settings

Configure dynamic memory, configure smart paging, configure Resource Metering, configure guest integration services, create and configure Generation 1 and 2 virtual machines, configure and use enhanced session mode, configure RemoteFX

Create and configure virtual machine storage

Create VHDs and VHDX, configure differencing drives, modify VHDs, configure pass-through disks, manage checkpoints, implement a virtual Fibre Channel adapter, configure storage Quality of Service

Create and configure virtual networks

Configure Hyper-V virtual switches, optimize network performance, configure MAC addresses; configure network isolation, configure synthetic and legacy virtual network adapters, configure NIC teaming in virtual machines

Deploy and configure core network services

Configure IPv4 and IPv6 addressing

Configure IP address options, configure IPv4 or IPv6 subnetting, configure supernetting, configure interoperability between IPv4 and IPv6, configure Intra-site Automatic Tunnel Addressing Protocol (ISATAP), configure Teredo

Deploy and configure Dynamic Host Configuration Protocol (DHCP) service

Create and configure scopes, configure a DHCP reservation, configure DHCP options, configure client and server for PXE boot, configure DHCP relay agent, authorize DHCP server

Deploy and configure DNS service

Configure Active Directory integration of primary zones, configure forwarders, configure Root Hints, manage DNS cache, create A and PTR resource records

Install and administer Active Directory

Install domain controllers

Add or remove a domain controller from a domain, upgrade a domain controller, install Active Directory Domain Services (AD DS) on a Server Core installation, install a domain controller from Install from Media (IFM), resolve DNS SRV record registration issues, configure a global catalog server, deploy Active Directory infrastructure as a service (IaaS) in Microsoft Azure

Create and manage Active Directory users and computers

Automate the creation of Active Directory accounts; create, copy, configure, and delete users and computers; configure templates; perform bulk Active Directory operations; configure user rights; offline domain join; manage inactive and disabled accounts

Create and manage Active Directory groups and organizational units (OUs)

Configure group nesting; convert groups, including security, distribution, universal, domain local, and domain global; manage group membership using Group Policy; enumerate group membership; delegate the creation and management of Active Directory objects; manage default Active Directory containers; create, copy, configure, and delete groups and OUs

 

Create and manage Group Policy

Create Group Policy objects (GPOs)

Configure a Central Store, manage starter GPOs, configure GPO links, configure multiple local Group Policies

Configure security policies

Configure User Rights Assignment, configure Security Options settings. configure Security templates, configure Audit Policy, configure Local Users and Groups, configure User Account Control (UAC)

Configure application restriction policies

Configure rule enforcement, configure AppLocker rules, configure Software Restriction Policies

Configure Windows Firewall

Configure rules for multiple profiles using Group Policy; configure connection security rules; configure Windows Firewall to allow or deny applications, scopes, ports, and users; configure authenticated firewall exceptions; import and export settings

Administering Windows Server (2012 70-411

Deploy, manage, and maintain servers

Deploy and manage server images

Install the Windows Deployment Services (WDS) role; configure and manage boot, install, and discover images; update images with patches, hotfixes, and drivers; install features for offline images; configure driver groups and packages

Implement patch management

Install and configure the Windows Server Update Services (WSUS) role, configure group policies for updates, configure client-side targeting, configure WSUS synchronization, configure WSUS groups, manage patch management in mixed environments

Monitor servers

Configure Data Collector Sets (DCS), configure alerts, monitor real-time performance, monitor virtual machines (VMs), monitor events, configure event subscriptions, configure network monitoring, schedule performance monitoring

Configure File and Print Services

Configure Distributed File System (DFS)

Install and configure DFS namespaces, configure DFS Replication Targets, configure Replication Scheduling, configure Remote Differential Compression settings, configure staging, configure fault tolerance, clone a DFS database, recover DFS databases, optimize DFS replication

Configure File Server Resource Manager (FSRM)

Install the FSRM role service, configure quotas, configure file screens, configure reports, configure file management tasks

Configure file and disk encryption

Configure BitLocker encryption; configure the Network Unlock feature; configure BitLocker policies; configure the EFS recovery agent; manage EFS and BitLocker certificates, including backup and restore

Configure advanced audit policies

Implement auditing using Group Policy and AuditPol.exe, create expression-based audit policies, create removable device audit policies

 

Configure network services and access

Configure DNS zones

Configure primary and secondary zones, configure stub zones, configure conditional forwards, configure zone and conditional forward storage in Active Directory, configure zone delegation, configure zone transfer settings, configure notify settings

Configure DNS records

Create and configure DNS Resource Records (RR), including A, AAAA, PTR, SOA, NS, SRV, CNAME, and MX records; configure zone scavenging; configure record options, including Time To Live (TTL) and weight; configure round robin; configure secure dynamic updates

Configure virtual private network (VPN) and routing

Install and configure the Remote Access role, implement Network Address Translation (NAT), configure VPN settings, configure remote dial-in settings for users, configure routing, configure Web Application proxy in pass-through mode

Configure Direct Access

Implement server requirements, implement client configuration, configure DNS for Direct Access, configure certificates for Direct Access

 

Configure a Network Policy Server (NPS) infrastructure

Configure Network Policy Server

Configure a RADIUS server, including RADIUS proxy; configure RADIUS clients; configure NPS templates; configure RADIUS accounting; configure certificates

Configure NPS policies

Configure connection request policies, configure network policies for VPN clients (multilink and bandwidth allocation, IP filters, encryption, IP addressing), import and export NPS policies

Configure Network Access Protection (NAP)

Configure System Health Validators (SHVs), configure health policies, configure NAP enforcement using DHCP and VPN, configure isolation and remediation of non-compliant computers using DHCP and VPN, configure NAP client settings

Configure and manage Active Directory

Configure service authentication

Create and configure Service Accounts, create and configure Group Managed Service Accounts, configure Kerberos delegation, manage Service Principal Names (SPNs), configure virtual accounts

Configure domain controllers

Transfer and seize operations master roles, install and configure a read-only domain controller (RODC), configure domain controller cloning

Maintain Active Directory

Back up Active Directory and SYSVOL, manage Active Directory offline, optimize an Active Directory database, clean up metadata, configure Active Directory snapshots, perform object- and container-level recovery, perform Active Directory restore, configure and restore objects by using the Active Directory Recycle Bin

Configure account policies

Configure domain and local user password policy settings, configure and apply Password Settings Objects (PSOs), delegate password settings management, configure account lockout policy settings, configure Kerberos policy settings

Configure and manage Group Policy

Configure Group Policy processing

Configure processing order and precedence, configure blocking of inheritance, configure enforced policies, configure security filtering and Windows Management Instrumentation (WMI) filtering, configure loopback processing, configure and manage slow-link processing and Group Policy caching, configure client-side extension (CSE) behavior, force Group Policy Update

Configure Group Policy settings

Configure settings, including software installation, folder redirection, scripts, and administrative template settings; import security templates; import custom administrative template file; configure property filters for administrative templates

Manage Group Policy objects (GPOs)

Back up, import, copy, and restore GPOs; create and configure Migration Table; reset default GPOs; delegate Group Policy management

Configure Group Policy preferences (GPP)

Configure GPP settings, including printers, network drive mappings, power options, custom registry settings, Control Panel settings, Internet Explorer settings, file and folder deployment, and shortcut deployment; configure item-level targeting

Configuring Advanced Windows Server 2012 Services (70-412)

Configure and manage high availability

Configure Network Load Balancing (NLB)

Install NLB nodes, configure NLB prerequisites, configure affinity, configure port rules, configure cluster operation mode, upgrade an NLB cluster

Configure failover clustering

Configure quorum, configure cluster networking, restore single node or cluster configuration, configure cluster storage, implement Cluster-Aware Updating, upgrade a cluster, configure and optimize clustered shared volumes, configure clusters without network names, configure storage spaces

Manage failover clustering roles

Configure role-specific settings, including continuously available shares; configure virtual machine (VM) monitoring; configure failover and preference settings; configure guest clustering

Manage VM movement

Perform live migration; perform quick migration; perform storage migration; import, export, and copy VMs; configure VM network health protection; configure drain on shutdown

Configure file and storage solutions

Configure advanced file services

Configure Network File System (NFS) data store, configure BranchCache, configure File Classification Infrastructure (FCI) using File Server Resource Manager (FSRM), configure file access auditing

Implement Dynamic Access Control (DAC)

Configure user and device claim types, implement policy changes and staging, perform access-denied remediation, configure file classification, create and configure Central Access rules and policies, create and configure resource properties and lists

Configure and optimize storage

Configure iSCSI target and initiator, configure Internet Storage Name server (iSNS), implement thin provisioning and trim, manage server free space using Features on Demand, configure tiered storageImplement business continuity and disaster recovery (15–20%)

Configure and manage backups

Configure Windows Server backups, configure Microsoft Azure backups, configure role-specific backups, manage VSS settings using VSSAdmin

Recover servers

Restore from backups, perform a Bare Metal Restore (BMR), recover servers using Windows Recovery Environment (Win RE) and safe mode, configure the Boot Configuration Data (BCD) store

Configure site-level fault tolerance

Configure Hyper-V Replica, including Hyper-V Replica Broker and VMs; configure multi-site clustering, including network settings, Quorum, and failover settings; configure Hyper-V Replica extended replication; configure Global Update Manager; recover a multi-site failover cluster

Configure Network Services

Implement an advanced Dynamic Host Configuration Protocol (DHCP) solution

Create and configure superscopes and multicast scopes; implement DHCPv6; configure high availability for DHCP, including DHCP failover and split scopes; configure DHCP Name Protection; configure DNS registration

Implement an advanced DNS solution

Configure security for DNS, including Domain Name System Security Extensions (DNSSEC), DNS Socket Pool, and cache locking; configure DNS logging; configure delegated administration; configure recursion; configure netmask ordering; configure a GlobalNames zone; analyze zone level statistics

Deploy and manage IP Address Management (IPAM)

Provision IPAM manually or by using Group Policy, configure server discovery, create and manage IP blocks and ranges, monitor utilization of IP address space, migrate to IPAM, delegate IPAM administration, manage IPAM collections, configure IPAM database storage

Configure the Active Directory infrastructure

Configure a forest or a domain

Implement multi-domain and multi-forest Active Directory environments, including interoperability with previous versions of Active Directory; upgrade existing domains and forests, including environment preparation and functional levels; configure multiple user principal name (UPN) suffixes

Configure trusts

Configure external, forest, shortcut, and realm trusts; configure trust authentication; configure SID filtering; configure name suffix routing

Configure sites

Configure sites and subnets, create and configure site links, manage site coverage, manage registration of SRV records, move domain controllers between sites

Manage Active Directory and SYSVOL replication

Configure replication to Read-Only Domain Controllers (RODCs), configure Password Replication Policy (PRP) for RODC, monitor and manage replication, upgrade SYSVOL replication to Distributed File System Replication (DFSR)

 

Configure Identity and Access Solutions

Implement Active Directory Federation Services (AD FS)

Install AD FS; implement claims-based authentication, including Relying Party Trusts; configure authentication policies; configure Workplace Join; configure multi-factor authentication

Install and configure Active Directory Certificate Services (AD CS)

Install an Enterprise Certificate Authority (CA), configure certificate revocation lists (CRL) distribution points, install and configure Online Responder, implement administrative role separation, configure CA backup and recovery

Manage certificates

Manage certificate templates; implement and manage certificate deployment, validation, and revocation; manage certificate renewal; manage certificate enrollment and renewal to computers and users using Group Policies; configure and manage key archival and recovery

Install and configure Active Directory Rights Management Services (AD RMS)

Install a licensing or certificate AD RMS server, manage AD RMS Service Connection Point (SCP), manage RMS templates, configure Exclusion Policies, back up and restore AD RMS

Preparation resources

Designing and Implementing a Server Infrastructure (70-413)

Plan and deploy a server infrastructure

Design and plan an automated server installation strategy

Design considerations including images and bare metal/virtual deployment; design a server implementation using Windows Assessment and Deployment Kit (ADK); design a virtual server deployment

Plan for deploying servers to Microsoft Azure infrastructure as a service (IaaS); plan for deploying servers to public and private cloud by using AppController and Windows PowerShell; plan for multicast deployment; plan for Windows Deployment Services (WDS)

Implement a server deployment infrastructure

Configure multi-site topology and transport servers; implement a multi-server topology, including stand-alone and Active Directory–integrated Windows Deployment Services (WDS) servers; deploy servers to Microsoft Azure IaaS; deploy servers to public and private cloud by using AppController and Windows PowerShell

Plan and implement server upgrade and migration

Plan for role migration; migrate server roles; migrate servers across domains and forests; design a server consolidation strategy; plan for capacity and resource optimization

Plan and deploy Virtual Machine Manager services

Design Virtual Machine Manager service templates; plan and deploy profiles, operating system profiles, hardware and capability profiles, application profiles, and SQL profiles; plan and manage services including scaling out, updating and servicing services; configure Virtual Machine Manager libraries; plan and deploy services to non-trusted domains and workgroups

Plan and implement file and storage services

Planning considerations include iSCSI SANs, Fibre Channel SANs, Virtual Fibre Channel, storage spaces, storage pools including tiered storage and data de-duplication; configure the Internet Storage Name server (iSNS); configure Services for Network File System (NFS); plan and implement SMB 3.0 based storage; plan for Windows Offloaded Data Transfer (ODX)

Design and implement network infrastructure services

Design and maintain a Dynamic Host Configuration Protocol (DHCP) solution

Design considerations including a highly available DHCP solution including split scope, DHCP failover, and DHCP failover clustering, DHCP interoperability, and DHCPv6; implement DHCP filtering; implement and configure a DHCP management pack; maintain a DHCP database

Design a name resolution solution strategy

Design considerations including Active Directory integrated zones, DNSSEC, DNS Socket Pool, cache locking, disjoint namespaces, DNS interoperability, migration to application partitions, IPv6, Single-Label DNS Name Resolution, zone hierarchy, and zone delegation

Design and manage an IP address management solution

Design considerations including IP address management technologies including IPAM, Group Policy based, manual provisioning, and distributed, centralized, hybrid placement, and database storage; configure role-based access control; configure IPAM auditing; migrate IPs; manage and monitor multiple DHCP and DNS servers; configure data collection for IPAM; integrate IPAM with Virtual Machine Manager (VMM)

Design and implement network access services

Design a VPN solution

Design considerations including certificate deployment, firewall configuration, client/site to site, bandwidth, protocol implications, connectivity to Microsoft Azure IaaS and VPN deployment configurations using Connection Manager Administration Kit (CMAK)

Design a DirectAccess solution

Design considerations including deployment topology, migration from Forefront UAG, One Time Password (OTP), and use of certificates issued by enterprise Certificate Authority (CA)

Design a Web Application Proxy solution

Design considerations including planning for applications, authentication and authorization, Workplace Join, devices, multifactor authentication, multifactor access control, single sign-on (SSO), certificates, planning access for internal and external clients

Implement a scalable remote access solution

Configure site-to-site VPN; configure packet filters; implement packet tracing; implement multi-site Remote Access; configure Remote Access clustered with Network Load Balancing (NLB); implement an advanced DirectAccess solution, configure multiple RADIUS server groups and infrastructure, configure Web Application Proxy for clustering

Design and implement network protection solution

Design considerations including Network Access Protection (NAP) enforcement methods for DHCP, IPSec, VPN, and 802.1x, capacity, placement of servers, firewall, Network Policy Server (NPS), and remediation network, configure NAP enforcement for IPsec and 802.1x, monitor for compliance

Design and implement an Active Directory infrastructure (logical)

Design a forest and domain infrastructure

Design considerations including multi-forest architecture, trusts, functional levels, domain upgrade, domain migration, forest restructure, Microsoft Azure Active Directory and DirSync

Implement a forest and domain infrastructure

Configure domain rename; configure Kerberos realm trusts; implement a domain upgrade; implement a domain migration; implement a forest restructure; deploy and manage a test forest including synchronization with production forests

Design a Group Policy strategy

Design considerations including inheritance blocking, enforced policies, loopback processing, security, and WMI filtering, site-linked Group Policy Objects (GPOs), slow-link processing, group strategies, organizational unit (OU) hierarchy, and Advanced Group Policy Management (AGPM), and Group Policy caching

Design an Active Directory permission model

Design considerations including Active Directory object security and Active Directory quotas; customize tasks to delegate in Delegate of Control Wizard; deploy administrative tools on the client devices; delegate permissions on administrative users (AdminSDHolder); plan for Kerberos delegation

Design and implement an Active Directory infrastructure (physical)

Design an Active Directory sites topology

Design considerations including proximity of domain controllers, replication optimization, and site link; monitor and resolve Active Directory replication conflicts

Design a domain controller strategy

Design considerations including global catalog, operations master roles, Read-Only Domain Controllers (RODCs), partial attribute set, and domain controller cloning, and domain controller placement

Design and implement a branch office infrastructure

Design considerations including RODC, Universal Group Membership Caching (UGMC), global catalog, DNS, DHCP, and BranchCache; implement confidential attributes; delegate administration; modify filtered attributes set; configure password replication policy; configure hash publication

 

Implementing an Advanced Server Infrastructure 70-414

Manage and maintain a server infrastructure

Design an administrative model

Design considerations, including user rights and built-in groups; design a delegation of administration structure for Microsoft System Center 2012 R2; design self-service portals by using System Center Service Manager; delegate rights for managing private cloud by using AppController and System Center Virtual Machine Manager

Design a monitoring strategy

Design considerations including monitoring servers using Audit Collection Services (ACS) and System Center Global Service Monitor, performance monitoring, application monitoring, centralized monitoring, and centralized reporting; implement and optimize System Center 2012 – Operations Manager management packs; plan for monitoring Active Directory

Plan and implement automated remediation

Create an Update Baseline in Virtual Machine Manager; implement a Desired Configuration Management (DCM) Baseline; implement Virtual Machine Manager integration with Operations Manager; configure Virtual Machine Manager to move a VM dynamically based on policy; integrate System Center 2012 for automatic remediation into your existing enterprise infrastructure; design and implement a Windows PowerShell Desired State Configuration (DSC) solution

Plan and implement a highly available enterprise infrastructure

Plan and implement failover clustering

Plan for and implement multi-node and multi-site clustering including the use of networking storage, name resolution, and Global Update Manager (GUM); design considerations including redundant networks, network priority settings, resource failover and failback, heartbeat and DNS settings, Quorum configuration, storage placement and replication, and cluster aware updates

Plan and implement highly available network services

Plan for and configure Network Load Balancing (NLB); design considerations including fault-tolerant networking, multicast vs. unicast configuration, state management, and automated deployment of NLB using Virtual Machine Manager service templates

Plan and implement highly available storage solutions

Plan for and configure storage spaces and storage pools; design highly available, multi-replica DFS namespaces; plan for and configure multi-path I/O (MPIO); configure highly available iSCSI Target and iSNS Server; plan for and implement storage using RDMA and SMB multi-channel

Plan and implement highly available roles

Plan for a highly available Dynamic Host Configuration Protocol (DHCP) Server, Hyper-V clustering, Continuously Available File Shares, and a DFS Namespace Server; plan for and implement highly available applications, services, and scripts using Generic Application, Generic Script, and Generic Service clustering roles

Plan and implement a business continuity and disaster recovery solution

Plan a backup and recovery strategy; planning considerations including Active Directory domain and forest recovery, Hyper-V replica including using Microsoft Azure Site Recovery, domain controller restore and cloning, and Active Directory object and container restore using authoritative restore and Recycle Bin; plan for and implement backup and recovery by using System Center Data Protection Manager (DPM)

Plan and implement a server virtualization infrastructure

Plan and implement virtualization hosts

Plan for and implement delegation of virtualization environment (hosts, services, and VMs), including self-service capabilities; plan and implement multi-host libraries including equivalent objects; plan for and implement host resource optimization; integrate third-party virtualization platforms; deploying Hyper-V hosts to bare metal

Plan and implement virtual machines

Plan for and implement highly available VMs; plan for and implement guest resource optimization including shared VHDx; configure placement rules; create Virtual Machine Manager templates

Plan and implement virtualization networking

Plan for and configure Virtual Machine Manager logical networks, including virtual switch extensions and logical switches; plan for and configure IP address and MAC address settings across multiple Hyper-V hosts, including network virtualization; plan for and configure virtual network optimization; plan and implement Windows Server Gateway; plan and implement VLANs and pVLANs; plan and implement virtual machine (VM) networks; plan and implement converged networks

Plan and implement virtualization storage

Plan for and configure Hyper-V host clustered storage; plan for and configure Hyper-V virtual machine storage including virtual Fibre Channel, iSCSI, and shared VHDx; plan for storage optimization; plan and implement storage using SMB 3.0 file shares

Plan and implement virtual machine movement

Plan for and configure live and storage migration between Hyper-V hosts; plan for and manage P2V and V2V; plan and implement virtual machine migration between clouds

Manage and maintain a server virtualization infrastructure

Manage dynamic optimization and resource optimization; integrate Operations Manager with System Center Virtual Machine Manager and System Center Service Manager; update virtual machine images in libraries; plan for and implement backup and recovery of virtualization infrastructure by using System Center Data Protection Manager (DPM)

 

Design and implement identity and access solutions

Design a Certificate Services infrastructure

Design a multi-tier Certificate Authority (CA) hierarchy with offline root CA; plan for multi-forest CA deployment; plan for Certificate Enrollment Web Services and Certificate Enrollment Policy Web Services; plan for Network Device Enrollment Services (NDES); plan for certificate validation and revocation; plan for disaster recovery; plan for trust between organizations including Certificate Trust Lists (CTL), cross certifications, and bridge CAs

Implement and manage a Certificate Services infrastructure

Configure and manage offline root CA; configure and manage Certificate Enrollment Web Services and Certificate Enrollment Policy Web Services; configure and manage Network Device Enrollment Services; configure Online Certificates Status Protocol (OCSP) responders; migrate CA; implement administrator role separation; implement and manage trust between organizations including Certificate Trust Lists (CTL), cross certifications, and bridge CAs; monitor CA health

Implement and manage certificates

Manage certificate templates; implement and manage certificate deployment, validation, renewal, revocation, and publishing including Internet-based clients, CAs, and network devices; configure and manage key archival and recovery

Design and implement a federated identity solution

Plan for and implement claims-based authentication including planning and implementing Relying Party Trusts; plan for and configure Claims Provider and Relying Party Trust claim rules; plan for and configure attribute stores including Active Directory Lightweight Directory Services (AD LDS); plan for and manage Active Directory Federation Services (AD FS) certificates; plan for and implement Identity Integration with cloud services; integrate Web Application Proxy with AD FS

Design and implement Active Directory Rights Management Services (AD RMS

Plan for highly available AD RMS deployment; plan for AD RMS client deployment; manage Trusted User Domains; manage Trusted Publishing Domains; manage Federated Identity support; upgrade or migrate AD RMS; decommission AD RMS