Table Of ContentExam Ref 70-413
Designing and Implementing a Server Infrastructure, Second
Edition
Paul Ferrill
Tim Ferrill
PUBLISHED BY
Microsoft Press
A Division of Microsoft Corporation
One Microsoft Way
Redmond, Washington 98052-6399
Copyright © 2014 by Paul Ferrill and Tim Ferrill
All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form
or by any means without the written permission of the publisher.
Library of Congress Control Number: 2014935079
ISBN: 978-0-7356-8540-6
Printed and bound in the United States of America.
First Printing
Microsoft Press books are available through booksellers and distributors worldwide. If you need
support related to this book, email Microsoft Press Book Support at [email protected]. Please
tell us what you think of this book at http://www.microsoft.com/learning/booksurvey.
Microsoft and the trademarks listed at http://www.microsoft.com/en-
us/legal/intellectualproperty/Trademarks/EN-US.aspx are trademarks of the Microsoft group of
companies. All other marks are property of their respective owners.
The example companies, organizations, products, domain names, email addresses, logos, people,
places, and events depicted herein are fictitious. No association with any real company, organization,
product, domain name, email address, logo, person, place, or event is intended or should be inferred.
This book expresses the author’s views and opinions. The information contained in this book is
provided without any express, statutory, or implied warranties. Neither the authors, Microsoft
Corporation, nor its resellers, or distributors will be held liable for any damages caused or alleged to
be caused either directly or indirectly by this book.
Acquisitions Editor: Anne Hamilton
Developmental Editor: Karen Szall
Editorial Production: Box Twelve Communications
Technical Reviewer: Brian Svidergol
Cover: Twist Creative • Seattle
Contents
Introduction
Microsoft certifications
Acknowledgments
Errata, updates, & book support
We want to hear from you
Stay in touch
Preparing for the exam
Chapter 1 Plan and deploy a server infrastructure
Objective 1.1: Design and plan for an automated server installation strategy
Understanding design considerations for deployment images
Using the Windows Assessment and Deployment Kit
Planning for deploying servers to Microsoft Azure IaaS
Planning for deploying servers using System Center App Controller and Windows
PowerShell
Planning for multicast deployment
Planning for Windows Deployment Services
Objective summary
Objective review
Objective 1.2: Implement a server deployment infrastructure
Configuring multisite topology and transport servers
Configuring a multiserver topology
Objective summary
Objective review
Objective 1.3: Plan and implement server upgrade and migration
Planning for role migration
Migrating server roles
Migrating servers across domains and forests
Designing a server consolidation strategy
Planning for capacity and resource optimization
Objective summary
Objective review
Objective 1.4: Plan and deploy Virtual Machine Manager services
Designing Virtual Machine Manager service templates
Defining operating system profiles
Configuring hardware and capability profiles
Managing services
Configuring image and template libraries
Managing logical networks
Objective summary
Objective review
Objective 1.5: Plan and implement file and storage services
Incorporating planning considerations
Configuring the iSCSI Target Server
Configuring iSCSI Naming Services (iSNS)
Configuring the Network File System (NFS)
Objective summary
Objective review
Answers
Chapter 2 Design and implement network infrastructure services
Objective 2.1: Design and maintain a Dynamic Host Configuration Protocol (DHCP)
solution
Designing a highly available DHCP service
Implementing DHCP filtering
Implementing and configuring a DHCP Management Pack
Maintaining a DHCP database
Objective summary
Objective review
Objective 2.2: Design a name resolution solution strategy
Configuring secure name resolution
Supporting DNS interoperability
Managing DNS replication with application partitions
Providing name resolution for IPv6
Supporting single-label DNS name resolution
Designing a DNS zone hierarchy
Objective summary
Objective review
Objective 2.3: Design and manage an IP address management solution
Managing IP addresses with IPAM
Provisioning IPAM
Planning for IPAM server placement
Managing IPAM database storage
Using role-based access control with IPAM
Configuring IPAM auditing
Managing and monitoring multiple DHCP and DNS servers with IPAM
Migrating IP addresses
Configuring data collection for IPAM
Integrating IPAM with Virtual Machine Manager (VMM)
Objective summary
Objective review
Answers
Chapter 3 Design and implement network access services
Objective 3.1: Design a VPN solution
Deploying certificates
Configuring firewalls
Using client/site-to-site connections
Understanding bandwidth requirements
Understanding protocol implications
Connecting to Microsoft Azure IaaS
Using the Connection Manager Administration Kit (CMAK) for VPN deployment
configurations
Objective summary
Objective review
Objective 3.2: Design a DirectAccess solution
Understanding deployment topology
Migrating from Forefront UAG
Using One-Time Password (OTP)
Using enterprise Certificate Authority (CA) certificates
Objective summary
Objective review
Objective 3.3: Design a Web Application Proxy solution
Planning for applications
Using authentication and authorization
Using Workplace Join
Using devices
Using multifactor authentication
Using multifactor access control
Using Single Sign-On (SSO)
Using certificates
Planning access for internal and external clients
Objective summary
Objective review
Objective 3.4: Implement a scalable remote access solution
Configuring site-to-site VPNs
Configuring packet filters
Implementing packet tracing
Implementing multisite remote access
Configuring remote access clustered with NLB
Implementing an advanced DirectAccess solution
Configuring multiple RADIUS server groups and infrastructure
Configuring Web Application Proxy for clustering
Objective summary
Objective review
Objective 3.5: Design and implement a network protection solution
Configuring NAP enforcement methods
Designing an NPS infrastructure
Configuring NAP enforcement for IPsec and 802.1x
Monitoring for compliance
Objective summary
Objective review
Answers
Chapter 4 Design and implement an Active Directory infrastructure (logical)
Objective 4.1: Design a forest and domain infrastructure
Building multiforest structures and trust relationships
Managing functional levels and domain upgrades
Altering the forest structure
Implementing hybrid cloud services, including Microsoft Azure Active Directory and
DirSync
Objective summary
Objective review
Objective 4.2: Implement a forest and domain infrastructure
Configuring domain rename
Configuring Kerberos realm trusts
Implementing a domain upgrade
Implementing a domain migration
Implementing a forest restructure
Deploying and managing a test forest
Objective summary
Objective review
Objective 4.3: Design a Group Policy strategy
Controlling GPO application
Managing GPO assignment
Using Advanced Group Policy Management (AGPM)
Group Policy caching
Objective summary
Objective review
Objective 4.4: Design an Active Directory permission model
Designing and implementing Active Directory object security
Managing Active Directory quotas
Creating custom tasks using the Delegation of Control Wizard
Deploying administration tools
Delegating permissions on administrative users (AdminSDHolder)
Planning for Kerberos delegation
Objective summary
Objective review
Answers
Chapter 5 Design and implement an Active Directory infrastructure (physical)
Objective 5.1: Design an Active Directory sites topology
Planning for domain controller proximity
Optimizing Active Directory replication
Designing site links
Identifying and resolving Active Directory replication conflicts
Objective summary
Objective review
Objective 5.2: Design a domain controller strategy
Using the global catalog
Optimizing operations master roles
Planning for read-only domain controller (RODC) placement
Understanding the partial attribute set
Using cloned domain controllers
Choosing domain controller placement
Objective summary
Objective review
Objective 5.3: Design and implement a branch office infrastructure
Improving branch office authentication
Implementing branch office infrastructure requirements
Securing branch office deployments
Objective summary
Objective review
Answers
Index
What do you think of this book? We want to hear from you!
Microsoft is interested in hearing your feedback so we can continually improve our books and
learning resources for you. To participate in a brief online survey, please visit:
www.microsoft.com/learning/booksurvey/
