|
Certkingdom's preparation material includes the most excellent features, prepared by the same dedicated experts who have come together to offer an integrated solution. We provide the most excellent and simple method to pass your certification exams on the first attempt "GUARANTEED"
Whether you want to improve your skills, expertise or career growth, with Certkingdom's training and certification resources help you achieve your goals. Our exams files feature hands-on tasks and real-world scenarios; in just a matter of days, you'll be more productive and embracing new technology standards. Our online resources and events enable you to focus on learning just what you want on your timeframe. You get access to every exams files and there continuously update our study materials; these exam updates are supplied free of charge to our valued customers. Get the best 70-640 exam Training; as you study from our exam-files "Best Materials Great Results"
70-640 Exam + Online / Offline and Android Testing Engine & 4500+ other exams included
$50 - $25 (you save $25)
Buy Now
Exam 70-640
Windows Server 2008 Active Directory, Configuring
Published: 06 March 2008
Languages: English, German, Japanese
Audiences: IT professionals
Technology: Windows Server 2008
Credit towards certification: MCP, MCTS, MCITP, MCSA
Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area in the exam. The higher the percentage, the more questions you are likely to see on that content area in the exam.
Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.
Configuring Domain Name System (DNS) for Active Directory (18%)
Configure zones
Dynamic DNS (DDNS), Non-dynamic DNS (NDDNS) and Secure Dynamic DNS (SDDNS); Time to Live (TTL); GlobalNames; Primary, Secondary, Active Directory Integrated, Stub; SOA; zone scavenging; forward lookup; reverse lookup
Configure DNS server settings
Forwarding; root hints; configure zone delegation; round robin; disable recursion; debug logging; server scavenging
Configure zone transfers and replication
Configure replication scope (forestDNSzone; domainDNSzone); incremental zone transfers; DNS Notify; secure zone transfers; configure name servers; application directory partitions
Preparation resources
Configuring zone properties
Configure a DNS server for use with Active Directory Domain Services
Modify zone transfer settings
Configuring the Active Directory infrastructure (17%)
Configure a forest or a domain
Remove a domain; perform an unattended installation; Active Directory Migration Tool (ADMT); change forest and domain functional levels; interoperability with previous versions of Active Directory; multiple user principal name (UPN) suffixes; forestprep; domainprep
Configure trusts
Forest trust; selective authentication vs. forest-wide authentication; transitive trust; external trust; shortcut trust; SID filtering
Configure sites
Create Active Directory subnets; configure site links; configure site link costing; configure sites infrastructure
Configure Active Directory replication
DFSR; one-way replication; Bridgehead server; replication scheduling; configure replication protocols; force intersite replication
Configure the global catalogue
Universal Group Membership Caching (UGMC); partial attribute set; promote to global catalogue
Configure operations masters
Seize and transfer; backup operations master; operations master placement; Schema Master; extending the schema; time service
Preparation resources
Deploying a Windows Server 2008 forest root domain
Securing domain and forest trusts
Active Directory replication tools and settings
Configuring Active Directory roles and services (14%)
Configure Active Directory Lightweight Directory Service (AD LDS)
Migration to AD LDS; configure data within AD LDS; configure an authentication server; Server Core installation
Configure Active Directory Rights Management Service (AD RMS)
Certificate request and installation; self-enrolments; delegation; create RMS templates; RMS administrative roles; RM add-on for IE
Configure the read-only domain controller (RODC)
Replication; Administrator role separation; read-only DNS; BitLocker; credential caching; password replication; syskey; read-only SYSVOL; staged install
Configure Active Directory Federation Services (AD FSv2)
Install AD FS server role; exchange certificate with AD FS agents; configure trust policies; configure user and group claim mapping; import and export trust policies
Preparation resources
AD LDS getting started step-by-step guide
Read-only domain controllers step-by-step guide
AD FS step-by-step guide
Creating and maintaining Active Directory objects (18%)
Automate creation of Active Directory accounts
Bulk import; configure the UPN; create computer, user and group accounts (scripts, import, migration); template accounts; contacts; distribution lists; offline domain join
Maintain Active Directory accounts
Manage computer accounts; configure group membership; account resets; delegation; AGDLP/AGGUDLP; deny domain local group; local vs. domain; Protected Admin; disabling accounts vs. deleting accounts; deprovisioning; contacts; creating organisational units (OUs); delegation of control; protecting AD objects from deletion; managed service accounts
Create and apply Group Policy objects (GPOs)
Enforce, OU hierarchy, block inheritance and enabling user objects; group policy processing priority; WMI; group policy filtering; group policy loopback; Group Policy Preferences (GPP)
Configure GPO templates
User rights; ADMX Central Store; administrative templates; security templates; restricted groups; security options; starter GPOs; shell access policies
Deploy and manage software by using GPOs
Publishing to users; assigning software to users; assigning to computers; software removal; software restriction policies; AppLocker
Configure account policies
Domain password policy; account lockout policy; fine-grain password policies
Configure audit policy by using GPOs
Audit logon events; audit account logon events; audit policy change; audit access privilege use; audit directory service access; audit object access; advanced audit policies; global object access auditing; “Reason for Access” reporting
Preparation resources
Active Directory how to...
Group policy planning and deployment guide
Account policies
Maintaining the Active Directory environment (18%)
Configure backup and recovery
Using Windows Server Backup; back up files and system state data to media; backup and restore by using removable media; perform an authoritative or non-authoritative restore; linked value replication; Directory Services Recovery Mode (DSRM); backup and restore GPOs; configure AD recycle bin
Perform offline maintenance
Offline defragmentation and compaction; Restartable Active Directory; Active Directory database mounting tool
Monitor Active Directory
Event viewer subscriptions; data collector sets; real-time monitoring; analysing logs; WMI queries; PowerShell
Preparation resources
Windows Server backup step-by-step guide for Windows Server 2008
Compact the directory database file (offline defragmentation)
Restartable AD DS step-by-step guide
Configuring Active Directory Certificate Services (15%)
Install Active Directory Certificate Services
Certificate authority (CA) types, including standalone, enterprise, root, and subordinate; role services; prepare for multiple-forest deployments
Configure CA server settings
Key archival; certificate database backup and restore; assigning administration roles; high-volume CAs; auditing
Manage certificate templates
Certificate template types; securing template permissions; managing different certificate template versions; key recovery agent
Manage enrolments
Network device enrolment service (NDES); auto enrolment; Web enrolment; extranet enrolment; smart card enrolment; authentication mechanism assurance; creating enrolment agents; deploying multiple-forest certificates; x.509 certificate mapping
Manage certificate revocations
Configure Online Responders; Certificate Revocation List (CRL); CRL Distribution Point (CDP); Authority Information Access (AIA)
Preparation resources
Active Directory certificate services step-by-step guide
Setting up a certification authority
Administering certificate templates