This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.
Please note
that the questions may test on, but will not be limited to, the topics
described in the bulleted text.
Do you have
feedback about the relevance of the skills measured on this exam? Please send Microsoft your
comments. All
feedback will be reviewed and incorporated as appropriate while still
maintaining the validity and reliability of the certification process. Note
that Microsoft will not respond directly to your feedback. We appreciate your
input in ensuring the quality of the Microsoft Certification program.
If you have
other questions or feedback about Microsoft Certification exams or about the
certification program, registration, or promotions, please contact your Regional Service Center.
·
Configure
zones
o Dynamic DNS (DDNS), Non-dynamic DNS
(NDDNS), and Secure Dynamic DNS (SDDNS); Time to Live (TTL); GlobalNames;
Primary, Secondary, Active Directory Integrated, Stub; SOA; zone scavenging;
forward lookup; reverse lookup
·
Configure
DNS server settings
o Forwarding; root hints; configure
zone delegation; round robin; disable recursion; debug logging; server
scavenging
·
Configure
zone transfers and replication
o Configure replication scope
(forestDNSzone; domainDNSzone); incremental zone transfers; DNS Notify; secure
zone transfers; configure name servers; application directory partitions
Preparation resources
·
Configure a
forest or a domain
o Remove a domain; perform an
unattended installation; Active Directory Migration Tool (ADMT); change forest
and domain functional levels; interoperability with previous versions of Active
Directory; multiple user principal name (UPN) suffixes; forestprep; domainprep
·
Configure
trusts
o Forest trust; selective
authentication vs. forest-wide authentication; transitive trust; external
trust; shortcut trust; SID filtering
·
Configure
sites
o Create Active Directory subnets;
configure site links; configure site link costing; configure sites
infrastructure
·
Configure
Active Directory replication
o DFSR; one-way replication;
Bridgehead server; replication scheduling; configure replication protocols;
force intersite replication
·
Configure
the global catalog
o Universal Group Membership Caching
(UGMC); partial attribute set; promote to global catalog
·
Configure
operations masters
o Seize and transfer; backup
operations master; operations master placement; Schema Master; extending the
schema; time service
Preparation resources
·
Configure
Active Directory Lightweight Directory Service (AD LDS)
o Migration to AD LDS; configure data
within AD LDS; configure an authentication server; Server Core installation
·
Configure
Active Directory Rights Management Service (AD RMS)
o Certificate request and
installation; self-enrollments; delegation; create RMS templates; RMS
administrative roles; RM add-on for IE
·
Configure
the read-only domain controller (RODC)
o Replication; Administrator role
separation; read-only DNS; BitLocker; credential caching; password replication;
syskey; read-only SYSVOL; staged install
·
Configure
Active Directory Federation Services (AD FSv2)
o Install AD FS server role; exchange
certificate with AD FS agents; configure trust policies; configure user and
group claim mapping; import and export trust policies
Preparation resources
·
Automate
creation of Active Directory accounts
o Bulk import; configure the UPN;
create computer, user, and group accounts (scripts, import, migration);
template accounts; contacts; distribution lists; offline domain join
·
Maintain
Active Directory accounts
o Manage computer accounts; configure
group membership; account resets; delegation; AGDLP/AGGUDLP; deny domain local
group; local vs. domain; Protected Admin; disabling accounts vs. deleting
accounts; deprovisioning; contacts; creating organizational units (OUs);
delegation of control; protecting AD objects from deletion; managed service
accounts
·
Create and
apply Group Policy objects (GPOs)
o Enforce, OU hierarchy, block
inheritance, and enabling user objects; group policy processing priority; WMI;
group policy filtering; group policy loopback; Group Policy Preferences (GPP)
·
Configure
GPO templates
o User rights; ADMX Central Store;
administrative templates; security templates; restricted groups; security
options; starter GPOs; shell access policies
·
Deploy and
manage software by using GPOs
o Publishing to users; assigning
software to users; assigning to computers; software removal; software
restriction policies; AppLocker
·
Configure
account policies
o Domain password policy; account
lockout policy; fine-grain password policies
·
Configure
audit policy by using GPOs
o Audit logon events; audit account
logon events; audit policy change; audit access privilege use; audit directory
service access; audit object access; advanced audit policies; global object
access auditing; “Reason for Access” reporting
Preparation resources
·
Configure
backup and recovery
o Using Windows Server Backup; back up
files and system state data to media; backup and restore by using removable
media; perform an authoritative or non-authoritative restores; linked value
replication; Directory Services Recovery Mode (DSRM); backup and restore GPOs;
configure AD recycle bin
·
Perform
offline maintenance
o Offline defragmentation and
compaction; Restartable Active Directory; Active Directory database mounting
tool
·
Monitor
Active Directory
o Event viewer subscriptions; data collector
sets; real-time monitoring; analyzing logs; WMI queries; PowerShell
Preparation resources
·
Install
Active Directory Certificate Services
o Certificate authority (CA) types,
including standalone, enterprise, root, and subordinate; role services; prepare
for multiple-forest deployments
·
Configure CA
server settings
o Key archival; certificate database
backup and restore; assigning administration roles; high-volume CAs; auditing
·
Manage certificate
templates
o Certificate template types; securing
template permissions; managing different certificate template versions; key
recovery agent
·
Manage
enrollments
o Network device enrollment service
(NDES); auto enrollment; Web enrollment; extranet enrollment; smart card
enrollment; authentication mechanism assurance; creating enrollment agents;
deploying multiple-forest certificates; x.509 certificate mapping
·
Manage
certificate revocations
o Configure Online Responders;
Certificate Revocation List (CRL); CRL Distribution Point (CDP); Authority
Information Access (AIA)
Preparation resources
Administering
certificate templates
Nguồn: Microsoft Technet
Không có nhận xét nào:
Đăng nhận xét