70-290:Managing and Maintaining a Windows Server 2003 Environment

The Advanced System Information—Policy tool enables you to create an RSoP query and view the results in an HTML report that appears in the Help And Support Center window. This report can be printed, and it can be saved to an .htm file. Although this report does not contain as much information as the results of RSoP queries generated with the Resultant Set Of Policy Wizard or the Gpresult command-line tool, it can be run easily by novice users who have RSoP authority. The results of the Advanced System Information—Policy tool RSoP query are obtained from RSoP Logging mode for the currently logged on user on the computer on which the query is performed. The report generated displays policy-related information for the following categories:

•       Computer name, associated domain, and current site

•       User name and associated domain

•       Applied GPOs for the computer and user

•       Security group memberships for the computer and user

•       Microsoft Internet Explorer settings

•       Scripts: logon, logoff, startup, shutdown

•       Security settings

•       Programs installed

•       Folder redirection

•       Registry settings

No comments

Download 70-290 exam questions&answers for FREE！

IT certifications have never been easier before.You will be IT expert in 7days. Working with several Prometric and VUE testing centers, certtopper.com can pass the exams for you discreetly and help you get certified like all regular candidates do. The only difference is that you save all your time and effort.
Don't be hesitate any more. We are professional test taker, just seize chance to sigu up with us and sit back to enjoy our service.

No comments

All of Microsoft’s published objectives for the MCSA/MCSE 70-290 Exam are covered in this book. To help you easily find the sections that directly support particular objectives, we’ve listed all of the exam objectives below, and mapped them to the Chapter number in which they are covered. We’ve also assigned numbers to each objective, which we use in the subsequent Table of Contents and again throughout the book to identify objective coverage. In some chapters, we’ve made the judgment that it is probably easier for the student to cover objectives in a slightly different sequence than the order of the published Microsoft objectives. By reading this study guide and following the corresponding objective list, you can be sure that you have studied 100% of Microsoft’s MCSA/MCSE 70-290 Exam objectives.

No comments

To create an RSoP query for an existing user and computer, you must either be logged on to the local computer as a user, be a member of the local Administrators, Domain Administrators, or Enterprise Administrators group, or have permission to generate RSoP for the domain or OU in which the user and computer accounts are contained. You must be an enterprise administrator if the RSoP query includes site GPOs that cross domain boundaries in the same forest. This section describes how to create RSoP que¬ries in Logging mode and Planning mode.

To create an RSoP query with the Resultant Set Of Policy Wizard Logging mode, complete the following steps:

1.      Click Start, and then click Run.

2.      In the Run dialog box, type tame in the Open box, and then click OK.

3.      In the MMC, from the File menu, click Add/Remove Snap-In.

4.      In the Add/Remove Snap-In dialog box, click Add.

5.      In the Add Standalone Snap-In dialog box, select Resultant Set Of Policy, click

Add, and then click Close.

6.      In the Add/Remove Snap-In dialog box, click OK.

7.      In the MMC, right-click the Resultant Set Of Policy icon on the RSoP Wizard con¬

sole, and then select Generate RSoP Data.

8.      In the Welcome To The Resultant Set Of Policy Wizard page, click Next.

9.      On the Mode Selection page, shown in Figure 11-1, select Logging Mode,

10. On the Computer Selection page in the Resultant Set Of Policy Wizard, shown in Figure 11-2, select This Computer, or to search for a different computer, click Another Computer, and then click Browse to select the appropriate computer. If you want to display user policy settings only, click the Do Not Display Policy Settings For The Selected Computer In the Results check box.

11. On the User Selection page, shown in Figure 11-3, select Current User to view policy settings for the current user, or to search for a different user, click Select A Specific User, and select a user in the list. If you want to display computer policy settings only, click the Do Not Display User Policy Settings In the Results check box. Click Next.

Resultant Set of Policy Wizard

12.  On the Summary Of Selections page, shown in Figure 11-4, review your selections. Click Next.

14. The RSoP console opens. Click the folders in the console tree to view the data in the details pane.

No comments

MCSA 70-290 exam objectives are:

Objective 1: Managing and Maintaining Physical and Logical Devices

In this objective you will need to demonstrate expertise in managing and maintaining physical and logical devices. As an administrator, you should understand Basic and Dynamic disks, RAID configuration and troubleshooting, driver signing, and the use of tools, such as Device Manager and Hardware Troubleshooting Wizard. Familiarize yourself with Device Manager and the warning and disabled icons found when problems are present on installed devices.

Objective 2: Managing Users, Computers, and Groups

This objective includes many topics, so you should be prepared to face many questions that fall into this category. Have a healthy introduction to profile management, user and group accounts, permissions, and troubleshooting. Practice a lot on GPOs and perform a variety of administrative tasks, including configuration of desktop settings, control of security settings, assignment of scripts, redirection of folders, and software distribution. Also, get a clear understanding on inheritance and filtering.

Objective 3: Managing and Maintaining Access to Resources

Knowing how to configure, monitor, audit and troubleshoot NTFS permissions based issues are one of those most important areas that you need to know this concept thoroughly and also be sure to brush up on your share permissions and share/NTFS permissions interaction. Do not forget to brush up on how folder and file permissions can change or stay the same when copying or moving within a drive or between drives.

Objective 4: Managing and Maintaining a Server Environment

In this objective you'll find questions from topics, such as Event Viewer, System Monitor, software updates (including the functionality of Microsoft's Software Update Service or SUS), Remote Assistance, disk quotas, print queues, performance objects and IIS 6.0. Spend time understanding IIS topics around Web sites, Virtual and physical directories, files and host and cname records in DNS. New to Windows Server 2003 is SUS. Understand clearly how SUS is used for deploying and managing

client and server critical updates.

Objective 5: Managing and Implementing Disaster Recovery

In this objective you'll find questions on ASR, VSS, backing up files and system state data, configuring security for backup

operators, verifying backup jobs, managing media, restoring and scheduling backups and recovering from server hardware failures. You should take some extra time to get familiar with the various types of backups that Windows Server 2003 supports, as well as the various configuration options that are available to you. Practice making backups of different types and then practice restoring them.

No comments

Most network designers do not implement a completely redundant network. Instead, network

designers implement partially redundant internetworks. The section, “Choosing Internetworking

Reliability Options,” later in this chapter, addresses several hypothetical networks that represent

commonly implemented points along the reliability continuum.

Switched access provides the capability to enable aWAN link on an as-needed basis via automated

router controls. Onemodel for a reliable backbone consists of dual, dedicated links and one switched

link for idle hot backup. Under normal operational conditions, you can load balance over the dual

links, but the switched link is not operational until one of the dedicated links fails.

Traditionally, WAN connections over the Public Switched Telephone Network (PSTN) have used

dedicated lines. This can be very expensive when an application requires only low-volume, periodic

connections. To reduce the need for dedicated circuits, a feature called dial-on-demand routing

(DDR) is available. Figure 2-8 illustrates a DDR connection.Identifying and Selecting Internetworking Capabilities

No comments

This book also offers you an added bonus of accessing Exam Cram practice tests
online. All you need is a connection to the Internet and you can take advantage
of these practice exam questions right from your very own web browser! This
software simulates the Microsoft testing environment with similar types of questions
that you’re likely to see on the actual Microsoft exam. We also strongly
recommend that you install, configure, and play around with the network operating
system software that you’ll be tested on: Nothing beats hands-on experience
and familiarity when it comes to understanding the questions you’re likely
to encounter on a certification test. Book learning is essential, but without a
doubt, hands-on experience is the best teacher of all!
The Microsoft Certification Program
Microsoft currently offers several certification titles, each of which boasts its
own special abbreviation. (As a certification candidate and computer professional,
you need to have a high tolerance for acronyms.) Except for the Microsoft
Certified Trainer (MCT) and the Microsoft Certified Learning Consultant
(MCLC) designations, the current certification credentials that Microsoft offers
fall into one of two major categories—Microsoft Certifications for Application
Developers and Microsoft Certifications for Information Technology (IT) Professionals.
NOTE
The MCT credential is offered to qualified instructors whom Microsoft can certify to deliver
training classes to both IT professionals and application developers using Microsoft
Official Curriculum (MOC) courseware. MCTs whose job roles have expanded to incorporate
a high level of expertise in designing and delivering customized learning solutions for
customers can earn the MCLC title.
The Microsoft Certified Professional (MCP)
Title
The easiest certification title to earn is the MCP designation. This entry-level
certification is designed to provide an individual with the first step on the road
to higher levels of Microsoft certification. An MCP candidate needs to pass only
one current Microsoft certification exam from any current Microsoft certification
track. You become an MCP after successfully passing at least one qualifying
exam—qualifying MCP exams include tests from both the application developer
certification category and from the IT professional certification category.
However, not all Microsoft exams qualify an individual for MCP status—for example,
passing Exam 70-290, “Designing and Providing Microsoft Volume LicenseSolutions to Large Organizations,” does not certify an individual as a Microsoft
Certified Professional (MCP). The list of qualifying certification tracks from which
a candidate must successfully pass an exam to achieve MCP status are as follows:
. MCDST on Windows XP
. MCSA on Windows 2000
. MCSA: Security on Windows 2000
. MCSA on Windows Server 2003
. MCSE on Windows 2000
. MCSE: Security on Windows 2000
. MCSE on Windows Server 2003
. MCDBA on Microsoft SQL Server 2000
. MCAD on Microsoft .NET
. MCSD on Microsoft .NET
. MCSD on Microsoft Visual Studio 6.0
Microsoft Certifications for Application
Developers

No comments

1.      Describe what happens in a nonauthoritative restore.

In a nonauthoritative restore, the distributed services on a domain controller are restored from backup media and the restored data is then updated through normal replication. Each restored directory partition is updated with that of its replication partners.

2.      Describe what happens in an authoritative restore.

An authoritative restore brings a domain or a container back to the state it was in at the time of backup and overwrites all changes made since the backup.

3.      Which method of restore should you use if you accidentally delete an OU?

Authoritative.

4.      Which method of restore should you use if a domain controller has completely

failed due to hardware or software problems?

Nonauthoritative.

5.      Which of the following Ntdsutil command parameters should you use if you want

to restore the entire directory?

a. Restore database

b. Restore subtree

c. Database restore

d. Subtree restore

The correct answer is a. Database restore and subtree restore are not Ntdsutil command parameters. Restore subtree is used to restore a portion or a subtree of the directory.

No comments

Welcome to MCSA/MCSE Managing and Maintaining a Microsoft Windows
Server 2003 Environment Exam Cram! Whether this book is your first or your
fifteenth Exam Cram series book, you’ll find information here that will help
ensure your success as you pursue knowledge, experience, and certification. This
book aims to help you get ready to take—and pass—the Microsoft certification
exam “Managing and Maintaining a Microsoft Windows Server 2003
Environment” (Exam 70-290). This introduction, along with Chapter 1,
explains Microsoft’s certification programs in general and talks about how the
Exam Cram series can help you prepare for Microsoft’s latest MCSE and MCSA
certification exams. Chapters 2 through 9 are designed to remind you of everything
you’ll need to know to pass the 70-290 certification exam. The two sample
tests at the end of the book should give you a reasonably accurate assessment
of your knowledge—and, yes, we’ve provided the answers and their explanations
for these sample tests. Read the book, understand the material, and you’ll stand
a very good chance of passing the real test.
Exam Cram books help you understand and appreciate the subjects and materials
you need to know to pass Microsoft certification exams. Exam Cram books
are aimed strictly at test preparation and review. They do not teach you everything
you need to know about a subject. Instead, the author streamlines and
highlights the pertinent information by presenting and dissecting the questions
and problems he’s discovered that you’re likely to encounter on a Microsoft test.
Nevertheless, to completely prepare yourself for any Microsoft test, we recommend
that you begin by taking the self assessment that is included in this book,
immediately following this introduction. The self-assessment tool will help you
evaluate your knowledge base against the requirements for becoming a
Microsoft Certified Systems Administrator (MCSA) and a Microsoft Certified
Systems Engineer (MCSE) for Windows Server 2003 under both ideal and real
circumstances.
Based on what you learn from the self assessment, you might decide to begin
your studies with some classroom training or some background reading. On the
other hand, you might decide to pick up and read one of the many study guides
available from Microsoft or third-party vendors. We also recommend that you
supplement your study program with visits to http://www.examcram.com to
receive additional practice questions, get advice, and track the Windows Server
2003 MCSA and MCSE programs.

No comments

Passwords are the keys to access control. You can do much for the security of your network if you implement a strong password policy and help users to develop strong passwords.

What Makes a Strong Password?

A strong password must be defined in the context of its use. No matter the system, we know that in general long passwords are more secure than short ones. And we know that passwords that are not dictionary -words or the same as account names, pet names, parents' names, and so on are harder to guess or crack. However, because password-cracking software is specific to the operating systems it is used on, and because ordinary desktop computers have the speed and memory available to crack ordinaiy passwords in ever reduced amounts of time, creating strong passwords requires more than following the recommendations of the assigned password policy in the domain.

Password crackers work by attempting dictionary and heuristic attacks followed by a brute-force attack. Dictionary attacks simply hash each word in the dictionary using the algorithm that is used by the authentication process, and then compare each password hash with the hashed dictionary words. Heuristic attacks make assumptions about user behavior and attempt to guess some portion of the password. They understand, for example, that users' first choice for including capital letters is at the front of a word, and their first choice for including numbers is at the end. Brute-force attacks simply try each possible permutation of the existing letters and numbers.

Modern password crackers meant for Windows systems also start with an attempt to crack the LAN Manager password. This password can be a maximum of 14 characters in length, splits the password into two seven-character words and hashes them independently, and does not distinguish between uppercase and lowercase letters. This makes it very easy to use a brute-force attack against these passwords. Users can decrease the likelihood of their password being successfully attacked by creating passwords longer than 14 characters. This means that the LM-style cracking attacks will not work, because no LM password hash will be stored. Designers can assist by designing authentication practices that limit or remove the use of LM passwords and remove the LM password hash from the account database. For more information about these methodologies, see Lesson 2 earlier in this chapter.

No comments