1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows®...

1.1 © 2004 Pearson Education, Inc.

Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment

Lesson 1: Introducing Windows Server 2003

Goals Introduce the Windows Server 2003 family of operating

systems Explore the features of Windows Server 2003 Introduce Windows Server 2003 operating system

architecture Understand workgroups and domains Introduce Windows Server 2003 network services Understand Windows Server 2003 network protocols Introduce Windows Server 2003 network security

services




Introducing Workgroup and Domains

Windows Server 2003 operating system supports workgroups and domains, the two basic network model types that enable users to share common resourcesA workgroup or peer-to-peer network is a logical group of

computers that are interconnected, generally over a local area network (LAN)

A domain is a logical grouping of network computers that share a central directory database

(Skill 4)




Introducing Workgroup and Domains (2)

Workgroup features The administration of user accounts and resource security

in a workgroup is decentralizedTo gain access to resources on any computer in the

workgroup, user must have an account on that computer Workgroup limitations

A workgroup model is practical only in smaller environments where computers are in close proximity

Microsoft recommends that a workgroup consist of less than 10 computers

(Skill 4)




Figure 1-9 Workgroup model

(Skill 4)





Domain features Active Directory database

Stores information about how the network is structured and organized

Enables users to identify and locate resources on the networkDomain controller

Windows Server 2003 computer on which Active Directory resides

Manages security-related aspects of user/domain interactions

(Skill 4)





Domain advantages Centralized security and administration means that a

change to any object within the domain is available to the entire domain

Provide a single logon process for users to gain access to network resources, such as file, print, and application resources

(Skill 4)




Figure 1-10 Domain model

(Skill 4)




Introducing Network Services in Windows Server 2003

Dynamic Host Configuration Protocol (DHCP) Domain Name System (DNS) Windows Internet Name Service (WINS) Virtual Private Networks (VPN) Routing and Remote Access Service (RRAS) Internet Authentication Service (IAS) and Load Balancing Internet Connection Firewall (ICF)

(Skill 5)




Introducing Network Services in Windows Server 2003 (2)

Dynamic Host Configuration Protocol (DHCP) Provides the standard used by DHCP servers on the network DHCP servers manage the dynamic allocation of IP addresses

and the related configuration details for DHCP-enabled clients on your network

Domain Name System (DNS) Main name resolution service for Windows Server 2003 Enables access to computers on a TCP/IP network using the

domain name

(Skill 5)





Windows Internet Name Service (WINS) Assigns or maps an IP address to a computer name so network

users can find a computer on a TCP/IP network using the NetBIOS name

WINS server database provides a lookup directory

Virtual Private Networks (VPNs) Provide connections to private networks, such as a LAN, through

a non-secure communication channel like the Internet Use tunneling and encryption to create a virtual tunnel for secure

information exchange

(Skill 5)





Routing and Remote Access Service (RRAS) Allows remote or mobile workers to connect to a firm’s networks

so that they can work as if their computers were physically connected to the network

Workers connect to the LAN via modem or Virtual Private Network (VPN)

IAS RADIUS and Load Balancing Internet Authentication Service (IAS) is Windows Server 2003’s

Remote Authentication Dial-In User Service (RADIUS) server component

Network Load Balancing (NLB) allows certain types of servers (mostly file/print servers and Web servers) to scale to a much larger size than would otherwise be possible

(Skill 5)





IAS Enhancements Centralize services for wireless users and logs information to a

Microsoft SQL server Allow advanced SQL queries Provides new 801.1X authentication features and cross-forest

authentication

Internet Connection Firewall (ICF) Supplies basic protection on computers directly connected to the

Internet or on LAN segments Designed for use in a small business

(Skill 5)




Figure 1-11 Networking services offered by

Windows Server 2003

(Skill 5)




Figure 1-12 Routing and Remote Access

(Skill 5)




Figure 1-13 Internet Authentication Service

(Skill 5)




Introducing Network Protocols

Transmission Control Protocol/Internet Protocol (TCP/IP) Point-to-Point Tunneling Protocol (PPTP) Layer Two Tunneling Protocol (L2TP) Hypertext Transmission Protocol (HTTP)

(Skill 6)




Introducing Network Protocols (2)

Transmission Control Protocol/Internet Protocol (TCP/IP) Core protocol suite used by the Internet and Windows 2003

Server networks Scalable and routable transport protocol suite used for both large

and small networks Enables you to route messages across networks and between

computers using different operating systems and with widely varying structural designs

(Skill 6)




Introducing Network Protocols (3) Point-to-Point Tunneling Protocol (PPTP)

Tunneling protocol used to create secure connections to corporate networks, over any intermediate network

Secure connections for VPNs are created using either PPTP or Layer Two Tunneling Protocol

Layer Two Tunneling Protocol (L2TP) Another tunneling protocol used to create VPNs Creates a “tunnel” but does not encrypt data Use in conjunction with IPSec, which provides data encryption

(Skill 6)




Introducing Network Protocols (4)

Hypertext Transmission Protocol (HTTP) Part of the TCP/IP protocol suite Standard protocol used in the transmission of data across

the Internet

(Skill 6)




Figure 1-14 Network protocols supported by Windows Server 2003

(Skill 6)




Introducing Network Security Services

Kerberos v.5 Hypertext Transmission Protocol (HTTP) Internet Protocol Security (IPSec) Encrypting File System (EFS) Internet Protocol Security (IPSec) Security configuration tools

(Skill 7)




Introducing Network Security Services (2) Kerberos v.5

A ticket-based authentication protocol Provides high security for authentication traffic using digital

signatures and mutual authentication mechanisms

Public Key Infrastructure (PKI) and Microsoft Certificate Services PKI is a system of digital certificates and trusted Certification

Authorities (CAs) as well as other registration authorities that issue them

Verifies and authenticates the validity of each party in a communication exchange

(Skill 7)




Introducing Network Security Services (3)

Internet Protocol Security (IPSec) A vendor-independent encryption protocol The ability to sign and/or encrypt any IP packet makes it vendor-

and application-independent

Encrypting File System (EFS) Encrypts data stored in files and folders to protect against

unauthorized access In the EFS encryption technique, important data is secured using

an asymmetrical cryptographic key pair: a public key and a private key

(Skill 7)




Introducing Network Security Services (4) Internet Protocol Security (IPSec)

A vendor-independent encryption protocol The ability to sign and/or encrypt any IP packet makes it vendor-

and application-independent

Security configuration tools Cost reduction tools provided by Windows Server 2003 Include the Microsoft Management Console (MMC) used to

configure Windows Server 2003 security settings and conduct system analysis

(Skill 7)




Figure 1-15 Security Services provided by Windows Server 2003

(Skill 7)




Figure 1-16 The SNMP Service Properties

dialog box

(Skill 7)




Figure 1-17 The Manage Your Server graphical user interface

(Skill 7)

1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows®...

Documents

Transcript of 1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows®...