MCSE Windows 2000 Designing 考试指南（1CD）

加载中...

    本书是美国著名的出版商McGraw-Hill出版的畅销认证系列丛书All-in-One中的一本。本书包含现行的MCSE Windows 2000 Designing核心考试的全部内容，即Directory Services Infrastructure、Network Infrastructure和Network Security三门Designing（设计）考试。作者在本书中提供了极具洞察力的专家经验，每一章都包括详细的考试目标、实践问题和实用练习，详细讲述了Windows的安装、配置和故障排除等方面的内容，光盘中包含大量原汁原味的考试试题、测试引擎和专题讲座视频片断。本书适合MCSE认证考试的备考者使用。

Introduction 1
PartⅠ Exam 70-219: Designing a Microsoft Windows 2000
Directory Services Infrastructure 9
Chapter 1 Defining Directory Services 10
Common Understanding of Directory Services 10
Directory Services and Meta-Information 12
History and Types of Directory Services 12
Predicting the Future: Meta-Directories 14
Active Directory from the Top Down 15
Forests 15
Trees 16
Domains 16
Organizational Units 17
Lower-Level Objects 17
Data and Attributes 19
Sites 19
Directory Services in Different Versions of Windows 19
Top Reasons to Implement Windows 2000 and Active Directory 21
Top Reasons to Implement Windows 2000 21
Top Reasons to Implement Active Directory 26
Chapter Review 31
Questions 31
Answers 31
Key Skill Sets 31
Key Terms 31
Chapter 2 Analyzing Business Requirements 33
Analyzing the Existing and Planned Business Models 34
Analyzing the Company Model and the Geographical Scope 34
Analyzing Company Processes 41
Management 43
Company Organization 44
Vendor, Partner, and Customer Relationships 46
Acquisition Plans 46
Analyzing Factors That Influence Company Strategies 47
Identifying Company Priorities 47
Identifying the Projected Growth and Growth Strategy 48
Identifying Relevant Laws and Regulations 48
Identifying the Company?s Tolerance for Risk 48
Identifying the Total Cost of Operations 48
Chapter Review 49
Questions 49
Answers 49
Key Skill Sets 49
Key Terms 49
Chapter 3 Analyzing Technical Requirements 50
Evaluating Existing and Planned Technical Environment 51
Analyzing Company Size and User and Resource Distribution 51
Assessing Available Connectivity 53
Assessing Net Available Bandwidth 55
Analyzing Performance Requirements 56
Analyzing Data- and System-Access Patterns 56
Analyzing Network Roles and Responsibilities 57
Analyzing Security Considerations 58
Analyzing the Impact of Active Directory 59
Assessing Existing Systems and Applications 59
Identifying Existing and Planned Upgrades and Rollouts 59
Analyzing the Technical Support Structure 59
Analyzing Existing and Planned Network and Systems Management 60
Analyzing the Business Requirements for Client-Desktop Management 61
Chapter Review 62
Questions 62
Answers 63
Key Skill Sets 63
Key Terms 63
Chapter 4 Designing a Directory Service Architecture 64
Designing an Active Directory Forest and Domain 65
Designing a Forest and Schema Structure 66
Designing a Domain Structure 69
Analyzing and Optimizing Trust Relationships 69
Designing an Active Directory Naming Strategy 71
Establishing the Scope of the Active Directory 72
Designing the Namespace 73
Planning DNS Strategy 74
Designing and Planning Organization Units 75
Developing an OU Delegation Plan 77
Planning Group Policy Object Management 78
Planning Policy Management for Client Computers 80
Planning for Coexistence 80
Designing an Active Directory Site Topology 81
Designing a Replication Strategy 81
Defining Site Boundaries 83
Designing a Schema Modification Policy 83
Designing an Active Directory Implementation Plan 85
Single-Domain Windows NT System 85
Single-Master-Domain Windows NT System 85
Multiple-Master-Domain Windows NT System 86
Complete-Trust-Domain Windows NT System 86
A New Windows 2000 Domain 87
Chapter Review 87
Questions 88
Answers 88
Key Skill Sets 88
Key Terms 89
Chapter 5 Designing Your Service Locations 90
Designing the Placement of Operations Masters 91
Understanding the Roles of Operations Masters 91
Schema Master 91
Domain Naming Master 93
Primary Domain Controller Emulator 93
Infrastructure Master 94
Relative Identifier Master 94
Role Placement 94
Permissions 95
Role Changing 95
Disaster Recovery 96
Designing the Placement of Global Catalog Servers 96
Global Catalog Servers 97
Global Catalog Server Placement Considerations 97
Designing the Placement of Domain Controller Servers 98
DNS Zone Planning 101
DNS Lookup Zones 102
DNS Zone Types 102
Where, Oh Where Should My DNS Go? 103
Designing the Placement of DNS Servers 103
Design 1 104
Design 2 105
Design 3 105
Design 4 105
Next Steps 105
Chapter Review 106
Questions 106
Answers 106
Key Skill Sets 107
Key Terms 107
PartⅡ Exam 70-220: Designing Security for a Microsoft
Windows 2000 109
Chapter 6 Introduction to Security 110
Intruder Perspectives 110
The Business Case 111
Technical Tangents of Networking and Security 112
User and Group Account Management 112
Machine Security 113
Network and Communication Security 113
Public Key Infrastructure (PKI) 116
The Security Life Cycle 117
Discovery 117
Design 117
Testing 117
Deployment 117
Evaluation 118
Final Steps-Feedback 118
Chapter Review 119
Questions 119
Answers 119
Key Skill Sets 119
Key Terms 120
Chapter 7 Analyzing Business and Technical Requirements 121
Defining Security in the Enterprise 122
Evaluating Business Factors That Affect Security Planning 123
Analyzing the Existing and Planned Business Models 124
Analyzing Business Factors That Influence Company Strategies 125
Evaluating Your Technology Options in Security Planning 129
Analyzing the Physical and Information-Security Models 130
Understanding the Logical Layout of Services and Applications 133
Understanding the People Factor in Security Planning 136
Analyzing Business and Security Requirements for the End User 137
Analyzing Network Roles and Responsibilities 137
Evaluating Specific Security Vulnerabilities 139
Lack of IT Staff Education 139
Ineffective, Incomplete, or Missing Corporate Security Policies 140
User Education 141
Proactive Anti-Hacking Measures 142
Disaster-Recovery Plan 143
Security Hotspots 144
Catywhompus Construction Updates 145
Chapter Review 145
Questions 146
Answers 146
Key Skill Sets 147
Key Terms 147
Additional Resources and Information 147
Chapter 8 Analyzing Security Requirements 149
Assessing Your Current Environment 149
Vulnerabilities 150
Creating a Baseline 153
Developing a Security Policy 155
Authenticating All User Access to System Resources 156
Applying Appropriate Access Control to All Resources 158
Establishing Appropriate Trust Relationships Between Multiple Domains 160
Enabling Data Protection for Sensitive Data 161
Setting Uniform Security Policies 161
Deploying Secure Applications 167
Managing Security Administration 168
Implementing Your Security Policy 168
Chapter Review 172
Questions 172
Answers 173
Key Skill Sets 173
Key Terms 174
Chapter 9 Designing a Windows 2000 Security Solution 175
Windows 2000 Security Policies 176
Audit Policies 176
Delegation of Authority 184
Policy Inheritance 189
Encrypting File System (EFS) 192
Design an Authentication Strategy 196
Authentication Methods 196
Security Group Strategy 203
Design a Public Key Infrastructure 204
Certificate Authority Hierarchies 204
Certificate Server Roles 205
Managing Certificates 208
Third-Party Certificate Authorities 212
Design Windows 2000 Network Services Security 214
DNS Security 214
Remote Installation Services (RIS) Security 215
SNMP Security 220
Terminal Services Security 223
Chapter Review 229
Questions 229
Answers 230
Key Skill Sets 230
Key Terms 231
Chapter 10 Designing a Security Solution for Access Between Networks 232
Accessing the I

FOREWORD If you think you have picked up just another book about becoming a Microsoft Certified Systems Engineer in Windows 2000, think again! This particular book happens to be written by Harry Brelsford and Michael Henrichsen who are definitely not just average MCSEs. What you will find, as in Harry's previous books, is a writing style that is understandable by not only the technical professional working in the field today, but also by the person considering a career transition to the technical profession--and that includes people with n..