Administering Windows Server 2012

Exam 70-411: Administering Windows Server 2012

The Administering Windows Server 2012 exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area in the exam. The higher the percentage, the more questions you are likely to see on that content area in the exam.

Deploy, manage and maintain servers (15–20%)

  • Deploy and manage server images
    • Install the Windows Deployment Services (WDS) role; configure and manage boot, install and discover images; update images with patches, hotfixes and drivers; install features for offline images; configure driver groups and packages
  • Implement patch management
    • Install and configure the Windows Server Update Services (WSUS) role, configure group policies for updates, configure client-side targeting, configure WSUS synchronisation, configure WSUS groups, manage patch management in mixed environments
  • Monitor servers
    • Configure Data Collector Sets (DCS), configure alerts, monitor real-time performance, monitor virtual machines (VMs), monitor events, configure event subscriptions, configure network monitoring, schedule performance monitoring

Configure File and Print Services (15–20%)

  • Configure Distributed File System (DFS)
    • Install and configure DFS namespaces, configure DFS Replication Targets, configure Replication Scheduling, configure Remote Differential Compression settings, configure staging, configure fault tolerance, clone a DFS database, recover DFS databases, optimise DFS replication
  • Configure File Server Resource Manager (FSRM)
    • Install the FSRM role service, configure quotas, configure file screens, configure reports, configure file management tasks
  • Configure file and disk encryption
    • Configure BitLocker encryption; configure the Network Unlock feature; configure BitLocker policies; configure the EFS recovery agent; manage EFS and BitLocker certificates, including backup and restore
  • Configure advanced audit policies
    • Implement auditing using Group Policy and AuditPol.exe, create expression-based audit policies, create removable device audit policies

Configure network services and access (15–20%)

  • Configure DNS zones
    • Configure primary and secondary zones, configure stub zones, configure conditional forwards, configure zone and conditional forward storage in Active Directory, configure zone delegation, configure zone transfer settings, configure notify settings
  • Configure DNS records
    • Create and configure DNS Resource Records (RR), including A, AAAA, PTR, SOA, NS, SRV, CNAME and MX records; configure zone scavenging; configure record options, including Time To Live (TTL) and weight; configure round robin; configure secure dynamic updates
  • Configure virtual private networks (VPN) and routing
    • Install and configure the Remote Access role, implement Network Address Translation (NAT), configure VPN settings, configure remote dial-in settings for users, configure routing, configure Web Application proxy in passthrough mode
  • Configure DirectAccess
    • Implement server requirements, implement client configuration, configure DNS for Direct Access, configure certificates for Direct Access

Configure a Network Policy Server (NPS) infrastructure (10–15%)

  • Configure Network Policy Server
    • Configure a RADIUS server, including RADIUS proxy; configure RADIUS clients; configure NPS templates; configure RADIUS accounting; configure certificates
  • Configure NPS policies
    • Configure connection request policies, configure network policies for VPN clients (multilink and bandwidth allocation, IP filters, encryption, IP addressing), import and export NPS policies
  • Configure Network Access Protection (NAP)
    • Configure System Health Validators (SHVs), configure health policies, configure NAP enforcement using DHCP and VPN, configure isolation and remediation of non-compliant computers using DHCP and VPN, configure NAP client settings

Configure and manage Active Directory (10–15%)

  • Configure service authentication
    • Create and configure Service Accounts, create and configure Group Managed Service Accounts, configure Kerberos delegation, manage Service Principal Names (SPNs), configure virtual accounts
  • Configure domain controllers
    • Transfer and seize operations master roles, install and configure a read-only domain controller (RODC), configure domain controller cloning
  • Maintain Active Directory
    • Back up Active Directory and SYSVOL, manage Active Directory offline, optimise an Active Directory database, clean up metadata, configure Active Directory snapshots, perform object- and container-level recovery, perform Active Directory restore, configure and restore objects by using the Active Directory Recycle Bin
  • Configure account policies
    • Configure domain and local user password policy settings, configure and apply Password Settings Objects (PSOs), delegate password settings management, configure account lockout policy settings, configure Kerberos policy settings

SHARE

​