Windows Server Administration/Collection

Windows Server Administration

edit

Learning Guide

edit

This learning guide supports the Wikiversity course Windows Server Administration, available at http://en.wikiversity.org/wiki/Windows_Server_Administration.

Overview

edit

Windows Server Administration is an advanced computer networking topic that includes server installation and configuration, server roles, storage, Active Directory and Group Policy, file, print, and web services, remote access, virtualization, application servers, troubleshooting, performance, and reliability.

This course comprises 15 lessons that use Windows Server to study and experiment with server administration. Each lesson includes a combination of Wikipedia and Microsoft readings, YouTube videos, and hands-on learning activities. The course also assists learners in preparing for the Microsoft MTA Exam 98-365: Windows Server Administration Fundamentals.

This entire Wikiversity course can be downloaded in book form by selecting Download Learning Guide in the sidebar.

Preparation

edit

This is a fourth-semester, college-level course. Learners should already be familiar with introductory computer networking concepts and Internet protocols.

Lessons

edit
  1. Introduction
  2. Installation
  3. Configuration
  4. Roles and Features
  5. Storage
  6. Active Directory
  7. Group Policy
  8. File and Print Services
  9. Web Services
  10. Remote Access
  11. Virtualization
  12. Application Servers
  13. Troubleshooting
  14. Performance
  15. Reliability

See Also

edit

References

edit
  Subject classification: this is a networking resource.
  Educational level: this is a tertiary (university) resource.
  Completion status: this resource is considered to be complete.
  • Exam 98-365 Windows Server Administration Fundamentals Student Study Guide
  • Microsoft Official Academic Course (2011). Exam 98-365: Windows Server Administration Fundamentals. Wiley. ISBN 9781118026830
  • Microsoft: Windows Server Administration Fundamentals Exam Details

Lesson 1 - Introduction

edit

This lesson introduces Windows Server administration by looking at servers in general, and Windows and Microsoft servers in particular. Activities include a comparison of Windows Server versions and editions.

Objectives and Skills

edit

Objectives and skills for Windows Server Administration Fundamentals certification are covered in detail later in the course. This lesson helps you:

  • Understand server functionality, terminology, and licensing.

Readings

edit
  1. Wikipedia: Server (computing)
  2. Wikipedia: Windows Server
  3. Wikipedia: Microsoft Servers
  4. Wikipedia: Client access license

Multimedia

edit
  1. Windows Server Administration Fundamentals (MTA Exam 98-365)
  2. YouTube: Client Access Licenses (CALs) in Windows Server 2012

Activities

edit
  1. Review Windows Server documentation. Identify available Windows Server documentation resources.
  2. Review Windows Server. Identify some of the new features in Server 2022 and what's on the horizon for Windows Server.
  3. Review Windows Server 2012 R2 . Identify CAL requirements for different editions. What are the different editions of Server 2012 and features?
  4. Review About Windows Server. Identify CAL requirements for different editions. What are the different editions of Server 2019 and features?
  5. Using an Internet search, identify the top three server hardware vendors by market share. Using one of the three vendors' web sites or your preferred hardware supplier, identify the cost for an entry-level tower server, a midrange rack server, and a high-end blade server.

Lesson Summary

edit
  • A server is a system (software and suitable computer hardware) that responds to requests across a computer network to provide, or help to provide, a network service.[1]
  • Servers often provide essential roles or services across a network, including file server, print server, directory services server, web server, mail server, database server, or other application server.[2]
  • While nearly any personal computer is capable of acting as a network server, a dedicated server will contain features making it more suitable for production environments. These features may include a faster or more processors, increased high-performance RAM, increased storage capacity in the form of a larger or multiple hard drives, and faster network connections.[3]
  • Servers also typically have reliability, availability and serviceability (RAS) and fault tolerance features, such as redundancy in power supplies, storage (as in RAID), and network connections.[4]
  • Servers may incorporate larger computer fans or water cooling to help remove heat, and uninterruptible power supplies that ensure the servers continue to function in the event of a power failure.[5]
  • Modern operating systems such as Microsoft Windows or Linux distributions are designed with a client–server architecture in mind.[6]
  • Server-oriented operating systems tend to have features that make them more suitable for the server environment, including no or optional graphic user interface (GUI), reconfiguration without system restart, flexible and advanced networking capabilities, automation capabilities, and tight system security with advanced user, resource, data, and memory protection.[7]
  • Many desktop and server operating systems share similar code bases, differing mostly in configuration.[8]
  • Microsoft requires that all clients that connect to server applications have a license to connect to and use the services of that software. These special purpose licenses come in the form of a Client Access License (CAL).[9]
  • A Per-User CAL is purchased to allow one user to connect to the server software. Any user can connect, but only one user may use a given CAL at any given time. A Per-Device CAL operates in much the same way, but limits connections made by number of devices, rather than number of users. User CALs and device CALs are not interchangeable.[10]

Key Terms

edit
Active Directory (AD)
A directory service created by Microsoft for Windows domain networks.[11]
application server
A server dedicated to running certain software applications.[12]
automation
The use of technologies to optimize productivity by greatly decreasing the need for human sensory and mental requirements while increasing load capacity, speed, and repeatability.[13]
availability
The degree to which a system, subsystem or equipment is in a specified operable and committable state at the start of a mission, when the mission is called for at an unknown, i.e. a random, time.[14]
Client Access License (CAL)
A proprietary software license distributed by software companies to allow clients to connect to its server software and use the software's services.[15]
Central processing unit (CPU)
The hardware within a computer that carries out the instructions of a computer program by performing the basic arithmetical, logical, and input/output operations of the system.[16]
client–server model
A distributed application structure in computing that partitions tasks or workloads between the providers of a resource or service, called servers, and service requesters, called clients.[17]
code base
The entire collection of source code used to build a particular application or component.[18]
database server
A computer program that provides database services to other computer programs or computers, as defined by the client–server model.[19]
directory service
The software system that stores, organizes and provides access to information in a directory.[20]
enterprise class
Designed for large-scale, high-technology environments of modern enterprises. When comparing to consumer class, it has higher scalability, higher reliability, better fault tolerance, and much higher initial price.[21]
fault tolerance
A design that enables a system to continue its intended operation, possibly at a reduced level, rather than failing completely, when some part of the system fails.[22]
file server
A computer attached to a network that has the primary purpose of providing a location for shared disk access, i.e. shared storage of computer files, that can be accessed by the workstations that are attached to the same computer network.[23]
Group Policy
Provides the centralized management and configuration of operating systems, applications, and users' settings in an Active Directory environment.[24]
graphical user interface (GUI)
A type of user interface that allows users to interact with electronic devices using images rather than text commands.[25]
hard disk drive (HDD)
A data storage device used for storing and retrieving digital information using rapidly rotating discs (platters) coated with magnetic material which retains its data even when powered off.[26]
Hyper-V
Microsoft's hypervisor server and service.[27]
hypervisor
A piece of computer software, firmware or hardware that creates and runs virtual machines.[28]
Internet Information Services (IIS)
A web server software application and set of feature extension modules created by Microsoft for use with Microsoft Windows.[29]
machine code
A set of instructions executed directly by a computer's central processing unit (CPU).[30]
Microsoft SQL Server
A relational database management system developed by Microsoft.[31]
port
An interface between the computer and other computers or peripheral devices.[32]
RAID (redundant array of independent disks)
A storage technology that combines multiple disk drive components into a logical unit.[33]
Random-access memory (RAM)
A form of volatile computer data storage which allows stored data to be accessed directly in any random order[34]
redundancy
The duplication of critical components or functions of a system with the intention of increasing reliability of the system, usually in the case of a backup or fail-safe.[35]
reliability
The ability of a system or component to perform its required functions under stated conditions for a specified period of time.[36]
scalability
The ability of a system, network, or process to handle a growing amount of work in a capable manner or its ability to be enlarged to accommodate that growth.[37]
service
A Windows service is a computer program that operates in the background, and is similar in concept to a Unix daemon.[38]
source code
Any collection of computer instructions (possibly with comments) written using some human-readable computer language, usually as text.[39]
storage
A technology consisting of computer components and recording media used to retain digital data.[40]
uninterruptible power supply (UPS)
An electrical apparatus that provides emergency power to a load when the input power source, typically main power, fails.[41]
Virtual Desktop Infrastructure (VDI)
A desktop-centric service that hosts users desktop environments on remote servers and/or blade PCs, which are accessed over a network using a remote display protocol.[42]
virtualization
The various techniques, methods or approaches of creating a virtual (rather than actual) version of something, such as a virtual hardware platform, operating system (OS), storage device, or network resources.[43]
Windows PowerShell
Microsoft's task automation framework, consisting of a command-line shell and associated scripting language built on .NET Framework.[44]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. A server is a _____ that responds to _____ across a computer network to provide, or help to provide, a _____.
    A server is a system (software and suitable computer hardware) that responds to requests across a computer network to provide, or help to provide, a network service.
  2. Servers often provide essential roles or services across a network, including _____.
    Servers often provide essential roles or services across a network, including file server, print server, directory services server, web server, mail server, database server, or other application server.
  3. While nearly any personal computer is capable of acting as a network server, a dedicated server will contain features making it more suitable for _____ environments. These features may include a faster _____, increased _____, increased _____, and faster _____.
    While nearly any personal computer is capable of acting as a network server, a dedicated server will contain features making it more suitable for production environments. These features may include a faster or more processors, increased high-performance RAM, increased storage capacity in the form of a larger or multiple hard drives, and faster network connections.
  4. Servers also typically have _____ and _____ features, such as _____.
    Servers also typically have reliability, availability and serviceability (RAS) and fault tolerance features, such as redundancy in power supplies, storage (as in RAID), and network connections.
  5. Servers may incorporate _____ to help remove heat, and _____ that ensure the servers continue to function in the event of a power failure.
    Servers may incorporate larger computer fans or water cooling to help remove heat, and uninterruptible power supplies that ensure the servers continue to function in the event of a power failure.
  6. Modern operating systems such as Microsoft Windows or Linux distributions are designed with a _____ architecture in mind.
    Modern operating systems such as Microsoft Windows or Linux distributions are designed with a client–server architecture in mind.
  7. Server-oriented operating systems tend to have features that make them more suitable for the server environment, including no or optional _____, _____ without system restart, flexible and advanced _____ capabilities, _____ capabilities, and _____.
    Server-oriented operating systems tend to have features that make them more suitable for the server environment, including no or optional graphic user interface (GUI), reconfiguration without system restart, flexible and advanced networking capabilities, automation capabilities, and tight system security with advanced user, resource, data, and memory protection.
  8. Many desktop and server operating systems share similar _____, differing mostly in _____.
    Many desktop and server operating systems share similar code bases, differing mostly in configuration.
  9. Microsoft requires that all clients that connect to server applications have a _____ to connect to and use the services of that software.
    Microsoft requires that all clients that connect to server applications have a license to connect to and use the services of that software.
  10. Server access licenses come in the form of a _____.
    Server access licenses come in the form of a Client Access License (CAL).
  11. A _____ is purchased to allow one user to connect to the server software. Any user can connect, but only one user may use a given _____ at any given time.
    A Per-User CAL is purchased to allow one user to connect to the server software. Any user can connect, but only one user may use a given CAL at any given time.
  12. A _____ is purchased to allow one device to connect to the server software. Any device can connect, but only one device may use a given _____ at any given time.
    A Per-Device CAL is purchased to allow one device to connect to the server software. Any device can connect, but only one device may use a given CAL at any given time.
  13. User CALs and device CALs are _____.
    User CALs and device CALs are not interchangeable.

Flashcards

edit

See Also

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.
  1. Wikipedia: Server (computing)
  2. Wikipedia: Server (computing)
  3. Wikipedia: Server (computing)#Usage
  4. Wikipedia: Server (computing)#Usage
  5. Wikipedia: Server (computing)#Server hardware
  6. Wikipedia: Server (computing)#Usage
  7. Wikipedia: Server (computing)#Server operating systems
  8. Wikipedia: Server (computing)#Server operating systems
  9. Wikipedia: Client access license
  10. Wikipedia: Client access license
  11. Wikipedia: Active Directory
  12. Wikipedia: Server (computing)#Types of servers
  13. Wikipedia: Automation
  14. Wikipedia: Availability
  15. Wikipedia: Client access license
  16. Wikipedia: Central processing unit
  17. Wikipedia: Client–server model
  18. Wikipedia: Codebase
  19. Wikipedia: Database server
  20. Wikipedia: Directory service
  21. Wikipedia: Enterprise storage
  22. Wikipedia: Fault-tolerant design
  23. Wikipedia: File server
  24. Wikipedia: Group Policy
  25. Wikipedia: Graphical user interface
  26. Wikipedia: Hard disk drive
  27. Wikipedia: Hyper-V
  28. Wikipedia: Hypervisor
  29. Wikipedia: Internet Information Services
  30. Wikipedia: Machine code
  31. Wikipedia: Microsoft SQL Server
  32. Wikipedia: Computer port (hardware)
  33. Wikipedia: RAID
  34. Wikipedia: Random-access memory
  35. Wikipedia: Redundancy (engineering)
  36. Wikipedia: Reliability engineering
  37. Wikipedia: Scalability
  38. Wikipedia: Windows service
  39. Wikipedia: Source code
  40. Wikipedia: Computer data storage
  41. Wikipedia: Uninterruptible power supply
  42. Wikipedia: Desktop virtualization#Virtual desktop infrastructure
  43. Wikipedia: Virtualization
  44. Wikipedia: Windows PowerShell

Lesson 2 - Installation

edit

This lesson covers Windows Server installation. Activities include both manual and automated installation of Windows Server.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Installation portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand server installation options: choosing correct OS version; partitioning; F8 options; server core vs. full; interactive install; unattended install; automated install using WDS; upgrade vs. clean install; firmware updates including BIOS

Readings

edit
  1. Wikipedia: Installation (computer programs)
  2. Wikipedia: Firmware#Personal computers
  3. Wikipedia: Windows Server 2016
  4. Wikipedia: Windows Server 2019
  5. Wikipedia: Windows Deployment Services

Multimedia

edit
  1. YouTube: How to Install Windows Server 2016
  2. YouTube: Microsoft Windows Server 2019 - Installation

Activities

edit
  1. Review Installing Windows Server 2016 or Microsoft Windows Server 2019 - Installation. Perform a clean installation of Windows Server Windows Server 2016 or 2019.
  2. Review Microsoft Windows Server 2019 - Installation. Identify the steps necessary to prepare for an upgrade installation.
  3. Review Upgrade and conversion options for Windows Server 2016. Identify supported upgrade paths.
  4. Review Walkthrough: Build a Simple Answer File. Perform an unattended installation of Windows Server 2008 R2, Windows Server 2012 R2, or Windows Server 2016 using an unattended answer file.
  5. Review Windows Deployment Services Getting Started Guide. Perform an unattended installation of Windows Server 2012 R2, or Windows Server 2016 using Windows Deployment Services.
  6. Review Windows Server Installation Options. Perform a clean installation of Windows Server Core using either Windows Server 2012 R2, or Windows Server 2016.

Lesson Summary

edit
  • A clean installation is one that is done in the absence of any interfering elements such as old versions of the computer program being installed or leftovers from a previous installation. In particular, the clean installation of an operating system is an installation in which the target disk partition is erased before installation.[2]
  • An upgrade installation is the process of replacing a product with a newer version of the same product in order to bring the system up to date or to improve its characteristics.[3]
  • An interactive or attended installation requires a user to be present during the installation to make choices, such as accepting or declining an end-user license agreement (EULA), specifying preferences such as the installation location, supplying passwords or assisting in product activation.[4]
  • An unattended installation is performed without user interaction during its progress or with no user present at all.[5]
  • It may be necessary to update the firmware and BIOS in a computer before installing an operating system.[6]
  • Windows Server 2016 and 2019 are 64-bit only.[7][8]
  • Windows Server 2016 was developed concurrently with Windows 10. Windows Server 2019 is the successor for Windows Server 2016</ref>[9][10]
  • Windows Server 2016 and later versions include a variation of installation called Server Core. Server Core is a significantly scaled-back installation where no Windows Explorer shell is installed. All configuration and maintenance is done entirely through command-line interface windows, or by connecting to the machine remotely using Microsoft Management Console.[11]
  • On installation, Server 2016 offers two options: Windows Server 2016 (which is Server Core) and Windows Server 2016 Desktop Experience. Switching between these versions, as is available in Server 2012, is not supported.[12]
  • Windows Server 2016 is available in Standard, Data Center and Essentials editions.[13]
  • Windows Server 2019 is available in Standard, Data Center and Essentials editions.[14]
  • With Server 2016, Microsoft announced a new installation option, Nano Server, which offers a minimal-footprint headless version of Windows Server. It excludes the graphical user interface, WoW64 (support for 32-bit software) and Windows Installer. It does not support console login, either locally or via Remote Desktop Connection. All management is performed remotely via Windows Management Instrumentation (WMI), Windows PowerShell and Remote Server Management Tools (a collection of web-based GUI and command line tools)[15]
  • Microsoft Hyper-V Server 2016 is a stand-alone product that contains only the Windows hypervisor, a Windows Server driver model, and virtualization components. It provides a simple and reliable virtualization solution to help you improve your server utilization and reduce costs.[16]
  • The Essentials edition in Server 2019 is designed for smaller businesses. It was previously called Small Business Server (SBS) or Microsoft BackOffice Server. Essentials edition is limited in features and licensing options and accordingly it’s cheaper among its paid family members. According to Microsoft, Essentials edition “is ideal for small businesses with up to 25 users and 50 devices.[17]
  • The Server 2019 Datacenter license provides the widest range of features and capabilities with the least amount of licensing limitations, among all Server editions. For example, all servers which are virtualized in a Datacenter server are licensed automatically by their Datacenter host, given the host and guest servers are of the same version. Such guests can also automatically be activated via Virtual Machine Activation (AVMA).[18]
  • Windows Server 2016 introduced Shielded Virtual Machines, a new feature which was made available only in the Datacenter edition[19]
  • The 2019 Standard edition supports 64 64-bit sockets, an unlimited number of cores, 24 TB RAM, one Hyper-V host per license and two virtual machines.[20]
  • The 2019 Datacenter edition supports 64 64-bit sockets, an unlimited number of cores, 24 TB RAM, one Hyper-V host per license and unlimited virtual machines.[21]
  • Windows Deployment Services is a server technology from Microsoft for network-based installation of Windows and other operating systems based on a disk image using the Windows Imaging Format (WIM). The network installation is performed by pressing <F12> during PXE boot.[22]

Key Terms

edit
BIOS
The Basic Input / Output System, used to initialize and test system hardware components and to load an operating system or other programs from a mass storage device.[23]
disk image
A single file or storage device containing the complete contents and structure representing a data storage medium or device, such as a hard drive, tape drive, floppy disk, optical disc, or USB flash drive.[24]
firmware
The combination of persistent memory and program code and data stored in it.[25]
original equipment manufacturer (OEM)
A computer equipment maker or reseller.[26]
partitioning
The act of dividing a hard disk drive into multiple logical storage units referred to as partitions, to treat one physical disk drive as if it were multiple disks, so that different filesystems can be used on each partition.[27]
Preboot eXecution Environment (PXE)
An environment to boot computers using a network interface independently of data storage devices (like hard disks) or installed operating systems.[28]
Remote Installation Services (RIS)
The previous name of Windows Deployment Services.[29]
Sysprep
The name of Microsoft's System Preparation Tool for Microsoft Windows operating system deployment.[30]
Windows Automated Installation Kit (WAIK)
A collection of tools and technologies produced by Microsoft designed to help deploy Windows operating system images to target computers or to a VHD (Virtual Hard Disk).[31]
Windows Imaging Format (WIM)
A file-based disk image format developed by Microsoft to help deploy Windows Vista and subsequent versions of Windows.[32]
Windows Preinstallation Environment (WinPE)
A lightweight version of Windows used for the deployment of workstations and servers or troubleshooting an operating system while it is offline.[33]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. A clean installation is one that is _____. In particular, the clean installation of an operating system is an installation in which the target disk partition is _____.
    A clean installation is one that is done in the absence of any interfering elements such as old versions of the computer program being installed or leftovers from a previous installation. In particular, the clean installation of an operating system is an installation in which the target disk partition is erased before installation.
  2. An upgrade installation is _____.
    An upgrade installation is the process of replacing a product with a newer version of the same product in order to bring the system up to date or to improve its characteristics.
  3. An interactive or attended installation requires _____.
    An interactive or attended installation requires a user to be present during the installation to make choices, such as accepting or declining an end-user license agreement (EULA), specifying preferences such as the installation location, supplying passwords or assisting in product activation.
  4. An unattended installation is performed _____.
    An unattended installation is performed without user interaction during its progress or with no user present at all.
  5. It may be necessary to update _____ before installing an operating system.
    It may be necessary to update the firmware and BIOS in a computer before installing an operating system.
  6. Windows Server 2016 and Windows Server 2019 are _____ only.
    Windows Server 2016 and Windows Server 2019 are 64-bit only.
  7. Windows Server 2016 was developed concurrently with _____. _____ is the successor to Windows Server 2016.
    Windows Server 2016 was developed concurrently with Windows 10. Windows Server 2019 is the successor to Windows Server 2016.
  8. Windows Server 2016 and later versions include a variation of installation called _____. _____ is a significantly scaled-back installation where no Windows Explorer shell is installed. All configuration and maintenance is done entirely through _____. or by connecting to the machine remotely using Microsoft Management Console.
    Windows Server 2016 and later versions include a variation of installation called Server Core. Server Core is a significantly scaled-back installation where no Windows Explorer shell is installed. All configuration and maintenance is done entirely through command-line interface windows, or by connecting to the machine remotely using Microsoft Management Console.
  9. On installation, Server 2016 offers two options: Windows Server 2016 (which is Server Core) and ___________________________
    On installation, Server 2016 offers two options: Windows Server 2016 (which is Server Core) and Windows Server 2016 Desktop Experience
  10. Windows Server 2016 is available in _____ editions.
    Windows Server 2016 is available in Standard, Data Center, and Essentials editions.
  11. Windows Server 2019 is available in _____ editions.
    Windows Server 2019 is available in Standard, Data Center, and Essentials editions.
  12. With Windows Server 2016, Microsoft announced a new installation option, ___________, which offers a minimal-footprint headless version of Windows Server. It excludes the __________, WoW64 (support for 32-bit software) and Windows Installer. It does not support __________, either locally or via Remote Desktop Connection. All management is performed remotely via Windows Management Instrumentation (WMI), _______________ and __________________ (a collection of web-based GUI and command line tools)
    With Windows Server 2016, Microsoft announced a new installation option, Nano Server, which offers a minimal-footprint headless version of Windows Server. It excludes the graphical user interface, WoW64 (support for 32-bit software) and Windows Installer. It does not support console login, either locally or via Remote Desktop Connection. All management is performed remotely via Windows Management Instrumentation (WMI), Windows PowerShell and Remote Server Management Tools (a collection of web-based GUI and command line tools)
  13. Microsoft ____________ 2016 is a stand-alone product that contains only the Windows hypervisor, a Windows Server driver model, and virtualization components. It provides a simple and reliable ________________ solution to help you improve your server utilization and reduce costs.
    Microsoft Hyper-V Server 2016 is a stand-alone product that contains only the Windows hypervisor, a Windows Server driver model, and virtualization components. It provides a simple and reliable virtualization solution to help you improve your server utilization and reduce costs.
  14. The Essentials edition in Server 2019 is designed for smaller businesses. It was previously called _______________ or Microsoft BackOffice Server. Essentials edition is limited in features and licensing options and accordingly it’s cheaper among its paid family members. According to Microsoft, Essentials edition “is ideal for small businesses with up to _____ users and ____ devices
    The Essentials edition in Server 2019 is designed for smaller businesses. It was previously called Small Business Server (SBS) or Microsoft BackOffice Server. Essentials edition is limited in features and licensing options and accordingly it’s cheaper among its paid family members. According to Microsoft, Essentials edition “is ideal for small businesses with up to 25 users and 50 devices
  15. The _______________________________ provides the widest range of features and capabilities with the least amount of licensing limitations, among all Server editions. For example, all servers which are __________ in a Datacenter server are licensed automatically by their Datacenter host, given the host and guest servers are of the _____ version. Such guests can also automatically be activated via __________________________ (AVMA).
    The Server 2019 Datacenter license provides the widest range of features and capabilities with the least amount of licensing limitations, among all Server editions. For example, all servers which are virtualized in a Datacenter server are licensed automatically by their Datacenter host, given the host and guest servers are of the same version. Such guests can also automatically be activated via Virtual Machine Activation (AVMA).
  16. Windows Server ____ introduced Shielded Virtual Machines, a new feature which was made available only in the __________ edition.
    Windows Server 2016 introduced Shielded Virtual Machines, a new feature which was made available only in the Datacenter edition
  17. The 2019 Standard edition supports __ 64-bit sockets, an _________ number of cores, __ TB RAM, ___ Hyper-V host per license and ___ virtual machines.
    The 2019 Standard edition supports 64 64-bit sockets, an unlimited number of cores, 24 TB RAM, one Hyper-V host per license and two virtual machines.
  18. The 2019 Datacenter edition supports __ 64-bit sockets, an _________ number of cores, __ TB RAM, ___ Hyper-V host per license and _________ virtual machines.
    The 2019 Datacenter edition supports 64 64-bit sockets, an unlimited number of cores, 24 TB RAM, one Hyper-V host per license and unlimited virtual machines.
  19. _____ is a server technology from Microsoft for network-based installation of Windows and other operating systems based on a disk image using the _____. The network installation is performed by pressing _____ during _____ boot.
    Windows Deployment Services is a server technology from Microsoft for network-based installation of Windows and other operating systems based on a disk image using the Windows Imaging Format (WIM). The network installation is performed by pressing <F12> during PXE boot.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 3 - Configuration

edit

This lesson covers Windows Server configuration. Activities include initial configuration of a new server installation.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Installation portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand device drivers: installation; removal; disabling; update/upgrade; rollback; troubleshooting; Plug & Play; IRQ; interrupts; driver signing
  • Understand services: what services are; which statuses a service can be in; startup types; recovery options; delayed startup; Run As settings for a service; stopping or pausing a service; service accounts, dependencies

Readings

edit
  1. Wikipedia: Microsoft Product Activation
  2. Windows Update: FAQ
  3. The Settings App in Windows 10
  4. Wikipedia: Device Manager
  5. Wikipedia: Device driver
  6. Wikipedia: Plug and play
  7. What is Microsoft Management Console?
  8. Microsoft Management Console
  9. Wikipedia: Windows service

Multimedia

edit
  1. YouTube: Microsoft Windows Server 2019 - Initial Setup & Configuration

Activities

edit
  1. Review Windows Server 2019 Activation. If you have a license key and are ready to activate Windows Server, proceed with activation. Windows licenses for student use are available through Azure.
  2. Review Initial Configurations of Windows server. Configure a Windows Server installation by setting the time zone, networking, computer name, and domain if applicable.
  3. Review Youtube: Windows Server 2019 Windows Updates Settings and Options. Enable automatic updating and download and install updates. It is important to update your server before installing any roles or features to ensure all current security updates have been applied.
  4. Review Driver Signing. Check the current driver signing policy settings.
  5. Review Youtube: How to use Device Manager in Windows Admin Center website. Use the Windows Admin Center and Device Manager to check for driver updates on the display adapter and all network adapters.
  6. Review PnPUtil (Windows Drivers). Use PnPUtil to display third-party driver packages currently in the driver store.
  7. Review Services. Open the Services console and stop and restart the Print Spooler service.

Lesson Summary

edit
  • Microsoft Product Activation is a form of digital rights management used by Microsoft to enforce compliance with a program's end-user license agreement by transmitting information about both the product key used to install the program and the user's computer hardware to Microsoft and inhibiting or completely preventing the use of the program until the validity of its license is confirmed.[2]
  • Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components.[3]
  • Microsoft Update is an optional feature which replaces Windows Update and provides updates for both the operating system and Microsoft applications such as Microsoft Office.[4]
  • Windows security updates are routinely provided on the second Tuesday of each month, but can be provided whenever a new update is urgently required to prevent a newly discovered or prevalent exploit targeting Windows users.[5]
  • Control Panel is a part of the Microsoft Windows graphical user interface which allows users to view and manipulate basic system settings and controls via applets, such as adding hardware, adding and removing software, controlling user accounts, and changing accessibility options.[6]
  • Device Manager is a Control Panel applet in Microsoft Windows operating systems that allows users to view and manage the hardware attached to a computer.[7]
  • Device drivers are computer programs that operate or control a particular type of device that is attached to a computer. Device drivers may run in either kernel mode or user mode, with kernel mode having unrestricted access to the system, and user mode protecting access to other hardware and applications.[8]
  • Drivers may be installed automatically through Plug and Play hardware detection and installed manually through Device Manager.[9]
  • Drivers may be pre-staged by placing them in the DevicePath driver store. If a device driver is not found in the driver store, Windows will search Windows Updates for a driver. If a device driver is not found in Windows Update, Windows will ask the user for a path to the driver on local media.[10]
  • By default, only administrators may install drivers that are not in the driver store. This restriction may be changed through a computer policy.[11]
  • Drivers are removed by right-clicking on the device in Device Manager and removing the device. A dialog box will appear confirming device removal and allowing driver removal from the driver store.[12]
  • Drivers are enabled and disabled by right-clicking on the device in Device Manager.[13]
  • Drivers are updated automatically through Windows Update and manually by right-clicking on the device in Device Manager.[14]
  • Drivers may be rolled back to a previous version by right-clicking on the device in Device Manager and then selecting the Drivers tab under device properties.[15]
  • Troubleshoot drivers using Device Manager or Safe Mode.[16]
  • The driver store may also be managed using the command line utility PNPUTIL.EXE.[17]
  • A plug and play device or computer bus is one with a specification that facilitates the discovery of a hardware component in a system without the need for physical device configuration or user intervention in resolving resource conflicts.[18]
  • The Intel / Microsoft Plug and Play standard requires configuration of devices to be handled by system firmware, which then provides details of resources allocations to the operating system. The process is invoked at boot time. When the computer is first turned on, compatible devices are identified and assigned non-conflicting addresses and interrupt request numbers.[19]
  • Microsoft Management Console (MMC) is a component of Windows operating systems that provides advanced users an interface for configuring and monitoring the system through snap-in components.[20]
  • A Windows service is a computer program that operates in the background, and is similar in concept to a Unix daemon. Services are managed using the Microsoft Management Console Services snap-in.[21]
  • Services may be started, stopped, paused, or restarted.[22]
  • Service startup types may be set to Automatic, Automatic (Delayed), Manual, or Disabled.[23]
  • When a service fails, recovery actions may be set on the first failure, second failure, and subsequent failures. Options include restarting the service, running a program or script, and restarting the computer.[24]
  • Because services run in the background, they must be configured to run in a given security context. Options include the Local System account, the Local Service account, the Network Service account, or a specific user account .[25]
  • Starting with Windows Server 2008 R2, service accounts can automatically be managed by Windows as a managed service account.[26]
  • Service dependencies may be configured to ensure that one or more services are started before starting another service. Service dependencies may be viewed in the Services console and configured using the Registry Editor.[27]

Key Terms

edit
certificate of authenticity
A seal or small sticker on a proprietary computer program with a license number which verifies that the program is a genuine, legal copy.[28]
denial-of-service attack
An attempt to make a machine or network resource unavailable to its intended users.[29]
digital rights management (DRM)
A class of technologies that are used by hardware manufacturers, publishers, copyright holders, and individuals with the intent to control the use of digital content and devices after sale.[30]
driver signing (code signing)
The process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash.[31]
end-user license agreement (EULA)
The contract between a licensor and purchaser, establishing the purchaser's right to use software.[32]
exploit
A piece of software that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware, typically to gain control of a computer system or allow privilege escalation or a denial-of-service attack.[33]
interrupt request (IRQ)
A hardware signal sent to the processor that temporarily stops a running program and allows a special program, an interrupt handler, to run instead.[34]
malware
Malicious software used by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.[35]
privilege escalation
The act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.[36]
System Locked Pre-installation (SLP) key
A master product key issued to Original Equipment Manufacturers (OEMs) to automatically activate Windows without the need for interaction from the user.[37]
volume license key
A product key used when installing software licensed in bulk, which allows a single product key to be used for multiple installations.[38]
Windows Registry
A hierarchical database that stores configuration settings and options on Microsoft Windows operating systems.[39]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Microsoft Product Activation is a form of _____ used by Microsoft to enforce compliance with a program's _____ by transmitting information about _____ to Microsoft and _____ of the program until the validity of its license is confirmed.
    Microsoft Product Activation is a form of digital rights management used by Microsoft to enforce compliance with a program's end-user license agreement by transmitting information about both the product key used to install the program and the user's computer hardware to Microsoft and inhibiting or completely preventing the use of the program until the validity of its license is confirmed.
  2. Windows Update is a service provided by Microsoft that provides _____.
    Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components.
  3. Microsoft Update is an optional feature which replaces _____ and provides _____.
    Microsoft Update is an optional feature which replaces Windows Update and provides updates for both the operating system and Microsoft applications such as Microsoft Office.
  4. Windows security updates are routinely provided on the _____ of each month, but can be provided _____ to prevent a newly discovered or prevalent exploit targeting Windows users.
    Windows security updates are routinely provided on the second Tuesday of each month, but can be provided whenever a new update is urgently required to prevent a newly discovered or prevalent exploit targeting Windows users.
  5. Control Panel is a part of the Microsoft Windows graphical user interface which allows users to _____.
    Control Panel is a part of the Microsoft Windows graphical user interface which allows users to view and manipulate basic system settings and controls via applets, such as adding hardware, adding and removing software, controlling user accounts, and changing accessibility options.
  6. Device Manager is a Control Panel applet in Microsoft Windows operating systems that allows users to _____.
    Device Manager is a Control Panel applet in Microsoft Windows operating systems that allows users to view and manage the hardware attached to a computer.
  7. Device drivers are computer programs that _____. Device drivers may run in either _____ mode or _____ mode, with _____ mode having _____, and _____ mode _____.
    Device drivers are computer programs that operate or control a particular type of device that is attached to a computer. Device drivers may run in either kernel mode or user mode, with kernel mode having unrestricted access to the system, and user mode protecting access to other hardware and applications.
  8. Drivers may be installed automatically through _____ and installed manually through _____.
    Drivers may be installed automatically through Plug and Play hardware detection and installed manually through Device Manager.
  9. Drivers may be pre-staged by placing them in the _____. If a device driver is not found in the _____, Windows will search _____ for a driver. If a device driver is not found in _____, Windows will _____.
    Drivers may be pre-staged by placing them in the DevicePath driver store. If a device driver is not found in the driver store, Windows will search Windows Updates for a driver. If a device driver is not found in Windows Update, Windows will ask the user for a path to the driver on local media.
  10. By default, _____ may install drivers that are not in _____. This restriction may be changed through _____.
    By default, only administrators may install drivers that are not in the driver store. This restriction may be changed through a computer policy.
  11. Drivers are removed by _____. A dialog box will appear _____.
    Drivers are removed by right-clicking on the device in Device Manager and removing the device. A dialog box will appear confirming device removal and allowing driver removal from the driver store.
  12. Drivers are enabled and disabled by _____.
    Drivers are enabled and disabled by right-clicking on the device in Device Manager.
  13. Drivers are updated automatically through _____ and manually by _____.
    Drivers are updated automatically through Windows Update and manually by right-clicking on the device in Device Manager.
  14. Drivers may be rolled back to a previous version by _____.
    Drivers may be rolled back to a previous version by right-clicking on the device in Device Manager and then selecting the Drivers tab under device properties.
  15. Troubleshoot drivers using _____ or _____.
    Troubleshoot drivers using Device Manager or Safe Mode.
  16. The driver store may be managed using the command line utility _____.
    The driver store may be managed using the command line utility PNPUTIL.EXE.
  17. A plug and play device or computer bus is one with a specification that facilitates _____ in a system without the need for _____.
    A plug and play device or computer bus is one with a specification that facilitates the discovery of a hardware component in a system without the need for physical device configuration or user intervention in resolving resource conflicts.
  18. The Intel / Microsoft Plug and Play standard requires configuration of devices to be handled by _____, which then provides details of _____ to _____. The process is invoked _____. When the computer is _____, compatible devices are _____.
    The Intel / Microsoft Plug and Play standard requires configuration of devices to be handled by system firmware, which then provides details of resources allocations to the operating system. The process is invoked at boot time. When the computer is first turned on, compatible devices are identified and assigned non-conflicting addresses and interrupt request numbers.
  19. Microsoft Management Console (MMC) is a _____ that provides _____ through _____.
    Microsoft Management Console (MMC) is a component of Windows operating systems that provides advanced users an interface for configuring and monitoring the system through snap-in components.
  20. A Windows service is a _____ that operates _____, and is similar in concept to _____. Services are managed using _____.
    A Windows service is a computer program that operates in the background, and is similar in concept to a Unix daemon. Services are managed using the Microsoft Management Console Services snap-in.
  21. Services may be _____, _____, _____, or _____.
    Services may be started, stopped, paused, or restarted.
  22. Service startup types may be set to _____, _____, _____, or _____.
    Service startup types may be set to Automatic, Automatic (Delayed), Manual, or Disabled.
  23. When a service fails, recovery actions may be set on _____, _____, and _____. Options include _____, _____, and _____.
    When a service fails, recovery actions may be set on the first failure, second failure, and subsequent failures. Options include restarting the service, running a program or script, and restarting the computer.
  24. Because services run _____, they must be _____. Options include the _____ account, the _____ account, the _____ account, or a _____ account.
    Because services run in the background, they must be configured to run in a given security context. Options include the Local System account, the Local Service account, the Network Service account, or a specific user account .
  25. Starting with Windows Server 2008 R2, service accounts can automatically be managed by Windows as a _____ account or _____ account.
    Starting with Windows Server 2008 R2, service accounts can automatically be managed by Windows as a managed service account or virtual account.
  26. Service dependencies may be configured to ensure that one or more services are _____. Service dependencies may be viewed in _____ and configured using _____.
    Service dependencies may be configured to ensure that one or more services are started before starting another service. Service dependencies may be viewed in the Services console and configured using the Registry Editor.

Flashcards

edit

See Also

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.
  1. Microsoft: Windows Server Administration Fundamentals Exam Details
  2. Wikipedia: Microsoft Product Activation
  3. Wikipedia: Windows Update
  4. Wikipedia: Windows Update
  5. Wikipedia: Windows Update
  6. Wikipedia: Control Panel (Windows)]]
  7. Wikipedia: Device Manager
  8. Wikipedia: Device driver
  9. Overview of Device and Driver Installation
  10. Overview of Device and Driver Installation
  11. Install a Plug and Play Device
  12. How to Use the Windows Device Manager for Troubleshooting
  13. How to Use the Windows Device Manager for Troubleshooting
  14. How to Use the Windows Device Manager for Troubleshooting
  15. How to Use the Windows Device Manager for Troubleshooting
  16. How to Use the Windows Device Manager for Troubleshooting
  17. How Devices and Driver Packages are Uninstalled
  18. Wikipedia: Plug and play
  19. Wikipedia: Legacy Plug and Play
  20. Microsoft Management Console
  21. Wikipedia: Windows service
  22. Wikipedia: Windows service
  23. Wikipedia: Windows service
  24. Windows Service : Setting Recovery Options
  25. Configure How a Service Is Started
  26. What's New for Managed Service Accounts
  27. View Service Dependencies
  28. Wikipedia: Certificate of authenticity
  29. Wikipedia: Denial-of-service attack
  30. Wikipedia: Digital rights management
  31. Wikipedia: Code signing
  32. Wikipedia: End-user license agreement
  33. Wikipedia: Exploit (computer security)
  34. Wikipedia: Interrupt request
  35. Wikipedia: Malware
  36. Wikipedia: Privilege escalation
  37. Wikipedia: Microsoft Product Activation
  38. Wikipedia: Volume license key
  39. Wikipedia: Windows Registry

Lesson 4 - Storage

edit

This lesson covers Windows Server storage. Activities include comparing storage types, working with a variety of disks, volumes, and virtual hard disks.

Objectives and Skills

edit

Objectives and skills for the Understanding Storage portion of Windows Server Administration Fundamentals certification include:[1]

  • Identify storage technologies: advantages and disadvantages of different storage types; local (SATA, SCSI, IDE); NAS; SAN; fibre channel; iSCSI; NFS; FC HBA and FC switches; iSCSI hardware
  • Understand RAID: RAID 0, RAID 1, RAID 5, RAID 10 and combinations; hardware and software RAID
  • Understand disk types: ATA; basic disk; dynamic disk; mount points; file systems; mounting a virtual hard disk; distributed file systems; optical disks

Readings

edit
  1. Wikipedia: Computer data storage
  2. Wikipedia: Serial attached SCSI
  3. Wikipedia: Network-attached storage
  4. Wikipedia: Storage Area Network
  5. Wikipedia: iSCSI
  6. Wikipedia: RAID
  7. Wikipedia: Disk partitioning
  8. Wikipedia: Logical Disk Manager
  9. Wikipedia: File system
  10. Wikipedia: Distributed File System (Microsoft)

Multimedia

edit
  1. YouTube: Memory & Storage: Crash Course Computer Science #19
  2. YouTube: What is RAID 0, 1, 2, 3, 4, 5, 6 and 10 (1+0)?
  3. YouTube: Explaining File Systems: NTFS, exFAT, FAT32, ext4 & More
  4. YouTube: Basic Disk Vs Dynamic Disks
  5. YouTube: Windows 10 Native Boot VHD
  6. YouTube: Install and Configure DFS Namespaces in Windows Server 2019
  7. YouTube: Intro to Storage Area Network SAN Technologies

Activities

edit
  1. Research pricing for SATA vs. SCSI. Compare pricing to equivalent NAS and SAN.
  2. Review How To Configure iSCSI Initiator on Windows Server 2019. Connect to an iSCSI target.
  3. Review Basic and Dynamic Disks. Create a basic disk.
  4. Review Basic and Dynamic Disks. Convert the basic disk to a dynamic disk.
  5. Create a spanned volume.
  6. Create a mirrored volume.
  7. Break the mirror.
  8. Review RAID levels for Windows environments. Create a RAID 5 volume.
  9. Review NTFS overview. Create a FAT partition. Convert the partition to NTFS.
  10. Create an NTFS partition in powershell.
  11. Review How to create and set up a virtual hard disk on Windows 10. Create a new virtual hard disk file, then mount and format it.

Lesson Summary

edit
  • Computer data storage, often called storage or memory, is a technology consisting of computer components and recording media used to retain digital data.[2]
  • Primary storage (or main memory or internal memory), often referred to simply as memory, is the only one directly accessible to the CPU. It is typically implemented as Random Access Memory (RAM) and is volatile, with access time measured in nanoseconds.[3]
  • Secondary storage (also known as external memory or auxiliary storage), differs from primary storage in that it is not directly accessible by the CPU. It is typically implemented using some type of hard disk drive and is non-volatile, with access time measured in milliseconds.[4]
  • Tertiary storage typically involves a robotic mechanism which will mount (insert) and dismount removable mass storage media into a storage device according to system demands, with access time measured in seconds.[5]
  • Serial ATA replaced the older AT Attachment standard (ATA; later referred to as Parallel ATA or PATA) based on advantages of reduced cable size and cost (seven conductors instead of 40), native hot swapping, faster data transfer through higher signalling rates, and more efficient transfer through an (optional) I/O queuing protocol.[6]
  • Serial Attached SCSI (SAS) replaced the older parallel SCSI based on similar advantages of reduced cable size and costs and faster transfer rates.[7]
  • SAS controllers support SATA drives, but SAS drives cannot be used with SATA controllers.[8]
  • SAS supports greater error recovery functionality, higher voltages, and longer cables when compared to SATA, making SAS more appropriate for server environments.[9]
  • Network-attached storage (NAS) is a file-level computer data storage device connected to a computer network and providing data access to a heterogeneous group of clients.[10]
  • NAS devices typically provide access to files using a variety of network file sharing protocols including NFS, SMB/CIFS, or AFP.[11]
  • iSCSI (Internet Small Computer System Interface) is an IP-based storage networking standard for linking data storage facilities by carrying SCSI commands over IP networks to facilitate data transfers over intranets and manage storage over long distances.[12]
  • iSCSI clients are referred to as initiators. iSCSI resources are referred to as targets.[13]
  • RAID (redundant array of independent disks) is a storage technology that combines multiple disk drive components into a logical unit. Data is distributed across the drives in one of several ways called "RAID levels", depending on the level of redundancy and performance required.[14]
  • RAID 0 (striping without parity) has no (or zero) redundancy. It provides improved performance and additional storage but no fault tolerance.[15]
  • RAID 1 (mirroring) has data written identically to two drives, thereby producing a "mirrored set". Read requests may be processed by either drive, potentially improving read performance. [16]
  • RAID 5 (striping with parity) distributes parity along with the data and requires all drives but one to be present to operate. Upon single drive failure, any subsequent reads can be calculated from the distributed parity such that the drive failure is masked from the end user. RAID 5 requires at least three disks.[17]
  • RAID 10 (mirroring and striping) , often referred to as RAID 1+0, has data is written in stripes across primary disks that have been mirrored to secondary disks.[18]
  • RAID may be implemented either in a hardware controller or by the operating system. Hardware-based RAID does not require system processor resources.[19]
  • Windows supports two types of disk structures: basic disks and dynamic disks. Basic disks have traditional primary or extended partitions and are compatible with other operating systems but must reside on a single physical disk and only support simple volumes. Dynamic disks may contain volumes that span up to 32 physical disks and support simple, spanned, striped, mirrored, and RAID-5 volumes.[20][21]
  • Windows supports two types of partition tables: MBR and GPT.[22] MBR is limited to drives of 2 TB or less.[23] GPT supports larger drive sizes, but requires a UEFI-based system rather than one based on a traditional BIOS. Only 64-bit versions of Windows support GPT.[24]
  • Windows supports FAT, NTFS, exFAT and ReFS file systems, with ReFS only supported in Windows Server 2012 and above.[25]
  • Virtual hard disks can be mounted in Windows using the Microsoft Management Console Disk Management snap-in. VHD files may be created, initialized, mounted, and unmounted.[26]
  • Distributed File System (DFS) is a set of client and server services that allow an organization using Microsoft Windows servers to organize many distributed SMB file shares into a distributed file system. DFS provides location transparency and redundancy to improve data availability in the face of failure or heavy load by allowing shares in multiple different locations to be logically grouped under one folder, or DFS root.[27]

Key Terms

edit
ATA (AT Attachment)
An interface standard for the connection of storage devices such as hard disks, floppy drives, and optical disc drives in computers.[28]
ATAPI (AT Attachment Packet Interface)
Another name for the ATA interface standard.[29]
cyclic redundancy check (CRC)
An error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.[30]
data compression
The encoding of information using fewer bits than the original representation before it is stored or transmitted.[31]
encryption
The process of encoding messages (or information) in such a way that eavesdroppers or hackers cannot read it, but that authorized parties can.[32]
exFAT (Extended File Allocation Table)
A Microsoft proprietary file system optimized for flash drives.[33]
FAT (File Allocation Table)
A legacy file system compatible with virtually all existing personal computer operating systems, and thus is a well-suited format for data exchange between computers and devices of almost any type.[34]
Fibre Channel (FC)
A high-speed network technology (commonly running at 2-, 4-, 8- and 16-gigabit speeds) primarily used for storage area networks.[35]
Fiber Channel switch
A network switch compatible with the Fibre Channel (FC) protocol.[36]
GPT (GUID Partition Table)
A standard for the layout of the partition table on a physical hard disk, using globally unique identifiers (GUID).[37]
host bus adapter (HBA)
A controller card which connects a host system (the computer) to other network and storage devices, primarily used with controllers that connect to SCSI, Fibre Channel and eSATA devices.[38]
hot spare
A redundant device or system used as a failover mechanism to provide reliability, with the hot designation indicating that the spare is powered on, active, and connected as part of the working system.[39]
IDE (Integrated Drive Electronics)
The original name for what became the ATA / ATAPI / PATA standard.[40]
iSCSI (Internet Small Computer System Interface)
An Internet Protocol (IP)-based storage networking standard for linking data storage over local or wide area networks.[41]
LUN (Logical Unit Number)
A number used to identify a logical unit, which is a device addressed by the SCSI protocol or protocols which encapsulate SCSI, such as Fibre Channel or iSCSI, and used to refer to a logical disk as created on a SAN.[42]
MBR (Master Boot Record)
A special type of boot sector at the very beginning of partitioned computer mass storage devices like fixed disks or removable drives intended for use with IBM PC-compatible systems and beyond, limited to drives of 2 TB or less.[43]
mount point
A specialized NTFS filesystem object which is used to mount and provide an entry point to other volumes.[44]
NFS (Network File System)
A distributed file system protocol originally developed by Sun Microsystems in 1984, allowing a user on a client computer to access files over a network in a manner similar to how local storage is accessed.[45]
Non-volatile memory
Memory that will retain the stored information even if it is not constantly supplied with electric power.[46]
NTFS (New Technology File System)
A proprietary file system developed by Microsoft Corporation for its Windows NT and later line of operating systems, and supporting performance, reliability, and security features.[47]
optical disk
A flat, usually circular disc which encodes binary data (bits) in the form of pits (binary value of 0 or off, due to lack of reflection when read) and lands (binary value of 1 or on, due to a reflection when read) on a special material (often aluminium) on one of its flat surfaces.[48]
partition
a logical hard disk drive storage unit, allowing one physical disk drive to be treated as if it were multiple disks so that different filesystems can be used on each partition.[49]
random access
Any location in storage can be accessed at any moment in approximately the same amount of time, used for primary and secondary storage.[50]
PATA (Parallel ATA)
Another name for the ATA interface standard.[51]
ReFS (Resilient File System)
A new file system in Windows Server 2012 intended for file servers that improves on NTFS reliability and resilience.[52]
SAN (storage area network)
A dedicated network that provides access to consolidated, block level data storage and primarily used to make storage devices, such as disk arrays, tape libraries, and optical jukeboxes, accessible to servers so that the devices appear like locally attached devices to the operating system.[53]
SATA (Serial ATA)
A computer bus interface that connects host bus adapters to mass storage devices such as hard disk drives and optical drives, which replaced Parallel ATA.[54]
SCSI (Small Computer System Interface)
A set of standards for physically connecting and transferring data between computers and peripheral devices.[55]
sequential access
Locations in storage must be accessed in a serial order, one after the other, used for tertiary and offline storage.[56]
UEFI (Unified Extensible Firmware Interface)
A specification that defines a software interface between an operating system and platform firmware, meant to replace the Basic Input/Output System (BIOS) firmware interface present in all IBM PC-compatible personal computers.[57]
VHD (Virtual Hard Disk)
A file format which represents a virtual hard disk drive.[58]
volatile memory
Memory that requires constant power to maintain the stored information.[59]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Computer data storage, often called _____, is a technology consisting of _____ used to retain digital data.
    Computer data storage, often called storage or memory, is a technology consisting of computer components and recording media used to retain digital data.
  2. Primary storage _____, often referred to simply as _____, is the only one _____. It is typically implemented as _____ and is _____, with access time measured in _____.
    Primary storage (or main memory or internal memory), often referred to simply as memory, is the only one directly accessible to the CPU. It is typically implemented as Random Access Memory (RAM) and is volatile, with access time measured in nanoseconds.
  3. Secondary storage (also known as _____), differs from primary storage in that it _____. It is typically implemented using _____ and is _____, with access time measured in _____.
    Secondary storage (also known as external memory or auxiliary storage), differs from primary storage in that it is not directly accessible by the CPU. It is typically implemented using some type of hard disk drive and is non-volatile, with access time measured in milliseconds.
  4. Tertiary storage typically involves _____, with access time measured in _____.
    Tertiary storage typically involves a robotic mechanism which will mount (insert) and dismount removable mass storage media into a storage device according to system demands, with access time measured in seconds.
  5. Serial ATA replaced the older _____ standard (later referred to as _____) based on advantages of _____, _____, _____, and _____.
    Serial ATA replaced the older AT Attachment standard (ATA; later referred to as Parallel ATA or PATA) based on advantages of reduced cable size and cost (seven conductors instead of 40), native hot swapping, faster data transfer through higher signalling rates, and more efficient transfer through an (optional) I/O queuing protocol.
  6. Serial Attached SCSI (SAS) replaced the older _____ based on similar advantages of _____ and _____ and _____.
    Serial Attached SCSI (SAS) replaced the older parallel SCSI based on similar advantages of reduced cable size and costs and faster transfer rates.
  7. SAS controllers support _____ drives, but SAS drives cannot be used with _____ controllers.
    SAS controllers support SATA drives, but SAS drives cannot be used with SATA controllers.
  8. SAS supports greater _____, higher _____, and longer _____ when compared to SATA, making SAS more appropriate for _____ environments.
    SAS supports greater error recovery functionality, higher voltages, and longer cables when compared to SATA, making SAS more appropriate for server environments.
  9. Network-attached storage (NAS) is a _____ connected to a _____ and providing data access to _____.
    Network-attached storage (NAS) is a file-level computer data storage device connected to a computer network and providing data access to a heterogeneous group of clients.
  10. NAS devices typically provide access to files using a variety of network file sharing protocols including _____, _____, or _____.
    NAS devices typically provide access to files using a variety of network file sharing protocols including NFS, SMB/CIFS, or AFP.
  11. iSCSI (Internet Small Computer System Interface) is an _____ for _____ by _____ to _____.
    iSCSI (Internet Small Computer System Interface) is an IP-based storage networking standard for linking data storage facilities by carrying SCSI commands over IP networks to facilitate data transfers over intranets and manage storage over long distances.
  12. iSCSI clients are referred to as _____. iSCSI resources are referred to as _____.
    iSCSI clients are referred to as initiators. iSCSI resources are referred to as targets.
  13. RAID (redundant array of independent disks) is a storage technology that _____. Data is distributed across the drives in one of several ways called "RAID levels", depending on _____.
    RAID (redundant array of independent disks) is a storage technology that combines multiple disk drive components into a logical unit. Data is distributed across the drives in one of several ways called "RAID levels", depending on the level of redundancy and performance required.
  14. RAID 0 (_____) has _____redundancy. It provides _____ and _____ but no _____.
    RAID 0 (striping without parity) has no (or zero) redundancy. It provides improved performance and additional storage but no fault tolerance.
  15. RAID 1 (_____) has data written _____, thereby producing a "_____ set". Read requests may be processed by _____, potentially improving _____.
    RAID 1 (mirroring) has data written identically to two drives, thereby producing a "mirrored set". Read requests may be processed by either drive, potentially improving read performance.
  16. RAID 5 (_____) distributes _____ along with the data and requires _____ to operate. Upon _____ failure, any subsequent reads can be _____ such that the drive failure is masked from the end user. RAID 5 requires at least _____ disks.
    RAID 5 (striping with parity) distributes parity along with the data and requires all drives but one to be present to operate. Upon single drive failure, any subsequent reads can be calculated from the distributed parity such that the drive failure is masked from the end user. RAID 5 requires at least three disks.
  17. RAID 10 (_____) , often referred to as _____, has data is written _____ across _____ that have been _____ to secondary disks.
    RAID 10 (mirroring and striping) , often referred to as RAID 1+0, has data is written in stripes across primary disks that have been mirrored to secondary disks.
  18. RAID may be implemented either in _____ or by _____. Hardware-based RAID does not require _____.
    RAID may be implemented either in a hardware controller or by the operating system. Hardware-based RAID does not require system processor resources.
  19. Windows supports two types of disk structures: _____ disks and _____ disks. _____ disks have traditional _____ and are compatible with _____ but must reside on _____ and only support _____. _____ disks may contain _____ that span up to _____ and support _____, _____, _____, _____, and _____.
    Windows supports two types of disk structures: basic disks and dynamic disks. Basic disks have traditional primary or extended partitions and are compatible with other operating systems but must reside on a single physical disk and only support simple volumes. Dynamic disks may contain volumes that span up to 32 physical disks and support simple, spanned, striped, mirrored, and RAID-5 volumes.
  20. Windows supports two types of partition tables: _____ and _____. _____ supports drives _____. _____ supports larger drive sizes, but requires _____. Only 64-bit versions of Windows support ___.
    Windows supports two types of partition tables: MBR and GPT. MBR supports drives 2 TB or less. GPT supports larger drive sizes, but requires a UEFI-based system rather than one based on a traditional BIOS. Only 64-bit versions of Windows support GPT.
  21. Windows supports _____, _____, _____ and _____ file systems, with _____ only supported in Windows Server 2012.
    Windows supports FAT, NTFS, exFAT and ReFS file systems, with ReFS only supported in Windows Server 2012.
  22. Virtual hard disks can be mounted in Windows using _____. VHD files may be _____, _____, _____, and _____.
    Virtual hard disks can be mounted in Windows using the Microsoft Management Console Disk Management snap-in. VHD files may be created, initialized, mounted, and unmounted.
  23. Distributed File System (DFS) is a set of client and server services that allow _____ to organize _____ into _____. DFS provides _____ and _____ to improve _____ in the face of _____ by allowing _____.
    Distributed File System (DFS) is a set of client and server services that allow an organization using Microsoft Windows servers to organize many distributed SMB file shares into a distributed file system. DFS provides location transparency and redundancy to improve data availability in the face of failure or heavy load by allowing shares in multiple different locations to be logically grouped under one folder, or DFS root.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.
  1. Microsoft: Windows Server Administration Fundamentals Exam Details
  2. Wikipedia: Computer data storage
  3. Wikipedia: Computer data storage
  4. Wikipedia: Computer data storage
  5. Wikipedia: Computer data storage
  6. Wikipedia: Serial ATA
  7. Wikipedia: Serial attached SCSI
  8. Wikipedia: Serial attached SCSI
  9. Wikipedia: Serial attached SCSI
  10. Wikipedia: Network-attached storage
  11. Wikipedia: Network-attached storage
  12. Wikipedia: iSCSI
  13. Wikipedia: iSCSI
  14. Wikipedia: RAID
  15. Wikipedia: RAID
  16. Wikipedia: RAID
  17. Wikipedia: RAID
  18. Wikipedia: RAID
  19. Wikipedia: RAID
  20. Wikipedia: Logical Disk Manager
  21. Basic and Dynamic Disks
  22. Wikipedia: Logical Disk Manager
  23. Wikipedia: Master Boot Record
  24. Wikipedia: GUID Partition Table
  25. Wikipedia: File system
  26. How to create and set up a virtual hard disk on Windows 10
  27. Wikipedia: Distributed File System (Microsoft)
  28. Wikipedia: Parallel ATA
  29. Wikipedia: Parallel ATA
  30. Wikipedia: Cyclic redundancy check
  31. Wikipedia: Data compression
  32. Wikipedia: Encryption
  33. Wikipedia: exFAT
  34. Wikipedia: File Allocation Table
  35. Wikipedia: Fibre Channel
  36. Wikipedia: Fibre Channel switch
  37. Wikipedia: GUID Partition Table
  38. Wikipedia: Host adapter
  39. Wikipedia: Hot spare
  40. Wikipedia: Parallel ATA
  41. Wikipedia: iSCSI
  42. Wikipedia: Logical unit number
  43. Wikipedia: Master boot record
  44. Wikipedia: NTFS volume mount point
  45. Wikipedia: Network File System
  46. Wikipedia: Computer data storage
  47. Wikipedia: NTFS
  48. Wikipedia: Optical disc
  49. Wikipedia: Disk partitioning
  50. Wikipedia: Computer data storage
  51. Wikipedia: Parallel ATA
  52. Wikipedia: Windows_Server_2012#ReFS
  53. Wikipedia: Storage area network
  54. Wikipedia: Serial ATA
  55. Wikipedia: SCSI
  56. Wikipedia: Computer data storage
  57. Wikipedia: Unified Extensible Firmware Interface
  58. Wikipedia: VHD (file format)
  59. Wikipedia: Computer data storage

Lesson 5 - Roles and Features

edit

This lesson covers key Windows Server roles and features. Activities include installing and testing several roles and features.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Roles portion of Windows Server Administration Fundamentals certification are covered in detail later in the course. This lesson helps you:

  • Understand server roles and features

Readings

edit
  1. Wikipedia: Windows Server 2016#Features
  2. Wikipedia: Windows Server 2019#Features

Multimedia

edit
  1. YouTube: Windows Server 2019 - Add Roles and Features - Server Manager
  2. YouTube: Implementing DNS on Windows Server 2016 (Step by Step guide)
  3. DNS Zones explained in details
  4. YouTube: Setting Up DHCP (2016 Server)
  5. YouTube: Setting Up DHCP (2019 Server)

Activities

edit
  1. Review Install or Uninstall Roles, Role Services, or Features. Add the DNS server role. Configure the server to use itself as its DNS server.
  2. Review Windows server Installing roles and features in different ways. Add the DHCP role. Configure DHCP to use the server for DNS. Test the DHCP configuration with a DHCP client.
  3. Review My top 5 Features in Windows Server 2019. Review System Insights and run some analytics against your server.
  4. Review My top 5 Features in Windows Server 2019. Review the new features. Also look at the doc on Linux on Windows Server 2019 and add Linux to your Windows server.
  5. Review My top 5 Features in Windows Server 2019. Review the Admin Center. What are some of the things that can be done here? Compare and contrast it to Server Manager.
  6. Review Windows server Installing roles and features in different ways. Scroll down to the area "Installing a Windows Feature with PowerShell" and install the telnet feature.

Lesson Summary

edit
  • The Active Directory Domain Services role enables the server to be configured as a domain controller to centrally manage, authenticate, and authorize users, groups, and computers on the network.[1]
  • The DHCP Server role allows the server to provide IP addresses and other settings to network clients.[1]
  • The DNS Server role allows the server to provide host name to IP address resolution for Internet names, as well as hosting name resolution for local domains.[1]
  • The File and Storage Services role supports sharing files, managing and storing documents and files on a server..[1]
  • The Hyper-V role supports Server Virtualization which is the ability to host and manage virtual machines, including both Windows and non-Windows guests..[1]
  • The Network Policy and Access Services role supports RADIUS authentication, routing, and remote access through VPNs.[1]
  • The Print and Document Services role provides central printing and remote scanning services.[1]
  • The Remote Access role supports Seamless connectivity and Always on or manager experience with DirectAccess, VPN and Web application proxy.[1]
  • The Windows Server Update Services role allows the server to deploy regular security and bug fixes to clients.[1]
  • The Windows Deployment Services role supports network-based installation of Windows and other operating systems through PXE boot.[1]
  • The Group Policy Management feature allows administration of Group Policy objects through the Group Policy Management Console.[2]
  • The .NET Framework 3.5.1 feature installs support for .NET 2.0 and .NET 3.0 applications through the .NET Framework.[3]
  • The Remote Assistance feature supports requesting and offering GUI-based remote assistance.[4]
  • The Remote Server Administration Tools feature supports remote administration of Windows servers from another server such as managing the Domain, DNS, DHCP and other roles and features..[5]
  • The Telnet Client feature installs a Telnet client, useful for both connecting to Telnet servers (including routers and switches), and testing text-based network services such as HTTP and SMTP.[6]
  • The Windows PowerShell Integrated Scripting Environment feature installs a GUI for developing, testing, and running PowerShell scripts.[7]
  • The Windows Server Backup feature installs a Microsoft Management Console snap-in, comnand-line tools, and PowerShell cmdlets to support backup and recovery of Windows servers.[8]
  • The Windows Admin Center allows you to manage the server with a comprehensive set of tools including Certificates, Devices, Events, Processes, Roles and Features, Updates, Virtual Machines and more. [9]

Key Terms

edit
Background Intelligent Transfer Service (BITS)
A component of Microsoft Windows operating systems that facilitates prioritized, throttled, and asynchronous transfer of files between machines using idle network bandwidth, most commonly used to deliver software updates to clients.[10]
BitLocker Drive Encryption
A full disk encryption feature included with the business editions of Windows Vista and later operating systems.[11]
Common Language Runtime (CLR)
The virtual machine component of Microsoft's .NET framework responsible for managing the execution of .NET programs.[12]
.NET Framework
A software framework developed by Microsoft that includes a large library supporting a variety of user interface, data access, database connectivity, cryptography, web application development, numeric algorithms, and network communications functions.[13]
RADIUS (Remote Authentication Dial In User Service)
A networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service.[14]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. The Active Directory Domain Services role enables _____.
    The Active Directory Domain Services role enables the server to be configured as a domain controller to centrally manage, authenticate, and authorize users, groups, and computers on the network.
  2. The DHCP Server role allows the server to _____.
    The DHCP Server role allows the server to provide IP addresses and other settings to network clients.
  3. The DNS Server role allows the server to _____.
    The DNS Server role allows the server to provide host name to IP address resolution for Internet names, as well as hosting name resolution for local domains.
  4. The File and Storage Services role supports _____.
    The File and Storage Services role supports sharing files, managing and storing documents and files on a server.
  5. The Hyper-V role supports _____.
    The Hyper-V role supports Server Virtualization which is the ability to host and manage virtual machines, including both Windows and non-Windows guests.
  6. The Network Policy and Access Services role supports _____.
    The Network Policy and Access Services role supports RADIUS authentication, routing, and remote access through VPNs.
  7. The Print and Document Services role supports _____.
    The Print and Document Services role Provide central printing and remote scanning services.
  8. The Remote Access role supports _____.
    The Remote Access role supports Seamless connectivity and Always on or manager experience with DirectAccess, VPN and Web application proxy.
  9. The Windows Server Update Services role allows the server to _____.
    The Windows Server Update Services role allows the server to deploy regular security and bug fixes to clients.
  10. The Windows Deployment Services role supports _____.
    The Windows Deployment Services role supports network-based installation of Windows and other operating systems through PXE boot.
  11. The Group Policy Management feature allows _____.
    The Group Policy Management feature allows administration of Group Policy objects through the Group Policy Management Console.
  12. The .NET Framework 3.5.1 feature _____.
    The .NET Framework 3.5.1 feature installs support for .NET 2.0 and .NET 3.0 applications through the .NET Framework.
  13. The Remote Assistance feature supports _____.
    The Remote Assistance feature supports requesting and offering GUI-based remote assistance.
  14. The Remote Server Administration Tools feature supports _____.
    The Remote Server Administration Tools feature supports remote administration of Windows servers from another server such as managing the Domain, DNS, DHCP and other roles and features.
  15. The Telnet Client feature _____.
    The Telnet Client feature installs a Telnet client, useful for both connecting to Telnet servers (including routers and switches), and testing text-based network services such as HTTP and SMTP.
  16. The Windows PowerShell Integrated Scripting Environment feature _____.
    The Windows PowerShell Integrated Scripting Environment feature installs a GUI for developing, testing, and running PowerShell scripts.
  17. The Windows Server Backup feature _____.
    The Windows Server Backup feature installs a Microsoft Management Console snap-in, comnand-line tools, and PowerShell cmdlets to support backup and recovery of Windows servers.
  18. The _____________________ allows you to manage the server with a comprehensive set of tools including Certificates, Devices, Events, Processes, Roles and Features, Updates, Virtual Machines and more.
    The Windows Admin Center allows you to manage the server with a comprehensive set of tools including Certificates, Devices, Events, Processes, Roles and Features, Updates, Virtual Machines and more.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 6 - Active Directory

edit

This lesson covers Active Directory. Activities include creating and managing domains, user accounts, and groups.

Objectives and Skills

edit

Objectives and skills for the Understanding Active Directory portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand accounts and groups: domain accounts; local accounts; user profiles; group types; group scopes; group nesting; AGDLP
  • Understand organizational units and containers: purpose of organizational units; purpose of containers; delegation; default
  • Understand Active Directory infrastructure: domain controllers; forests; operation masters roles; domain vs. workgroup; child domains; trusts; functional levels; namespace; sites; replication

Readings

edit
  1. Wikipedia: Windows domain
  2. Wikipedia: Active Directory
  3. Active Directory: Guide to Terminology, Definitions & Fundamentals!
  4. Wikipedia: Organizational Unit
  5. Wikipedia: AGDLP
  6. Microsoft: Forests - basic explanation
  7. Active Directory Forest – What is AD Forest?
  8. Microsoft: Domain Trees

Multimedia

edit
  1. YouTube: Learn Microsoft Active Directory
  2. YouTube: Setting up Active Directory in Windows Server 2019 (Step By Step Guide)
  3. YouTube: Windows Active Directory Users and Groups
  4. YouTube: Active Directory forest and trees

Activities

edit
  1. Review How to Setup a New Active Directory 2016 or 2019 Forest/Domain. Add the Active Directory Domain Services role and create a new forest.
  2. Review How to Add a Child Domain on Windows Server 2016. If you have a second server available, add the Active Directory Domain Services role and add a child domain to the forest. This should be the same steps if using Windows Server 2019.
  3. Review Wikipedia: Organizational unit (computing). Create organizational units.
  4. Review How to Delegate Control in Active Directory Users and Computers. Delegate control of an organizational unit.
  5. Review Security Account Manager. Create user accounts in the organizational units.
  6. Review Naming Conventions in Active Directory. Create global groups to organize user accounts. Add users to the groups. Create domain local groups to organize resources. Add global groups to the domain local groups. Add the domain local groups to resources.

Lesson Summary

edit
  • Active Directory (AD) is a directory service implemented by Microsoft for Windows domain networks. An AD domain controller authenticates and authorizes all users and computers in a Windows domain network, assigning and enforcing security policies for all computers and installing or updating software.[2]
  • A schema defines the types of objects and the characteristics and information that the objects represent which can be stored in an Active Directory database.[3]
  • A forest is a collection of one or more trees that share a common global catalog, directory schema, logical structure, and directory configuration.[4]
  • A tree is a collection of one or more domains in a contiguous namespace, linked in a transitive trust hierarchy.[5]
  • A domain is defined as a logical group of objects (computers, users, devices) that share the same Active Directory database.[6]
  • Domains are identified by their DNS name structure, the namespace used for Active Directory.[7]
  • Trusts allow users in one domain to access resources in another domain.[8]
  • Trusts between a parent and child domain are automatically created when the child domain is created.[9]
  • Domain controllers are servers that have the Active Directory Domain Services role installed and host an Active Directory database for a given domain.[10]
  • Sites are collections of well-connected subnets in a given geographic location.[11]
  • Replication copies changes on one domain controller to all other domain controllers hosting the same Active Directory database (meaning within in the same domain).[12]
  • The Knowledge Consistency Checker (KCC) service creates a replication topology of site links using the defined sites to manage traffic.[13]
  • Intrasite replication is frequent and automatic as a result of change notification, which triggers domain controllers to begin a pull replication cycle.[14]
  • Intersite replication intervals are typically less frequent and based on elapsed time rather than change notification.[15]
  • Although most domain changes can be made on any domain controller, certain operations are supported only on a single server. These servers are designated operation masters (originally Flexible Single Master Operations or FSMOs). The operation master roles are Schema Master, Domain Naming Master, PDC Emulator, RID Master, and Infrastructure Master.[16]
  • The functional level of a domain or forest controls which advanced features are available in the forest or domain. Separate functional levels are available for Windows Server 2016 and 2019. Forests and domains should be set to the highest functional level all domain controllers support.[17]
  • Containers are used to group Active Directory objects for administrative purposes. The default containers include the domain itself, Builtin, Users, Computers, and Domain Controllers.[18]
  • Organizational Units (OUs) are object containers that support both administrative delegation and the application of Group Policy objects and are used to provide an administrative hierarchy to a domain.[19]
  • In a domain, the Active Directory database is used to authenticate users and computers for all computers and users in the domain. The alternative configuration is a workgroup, in which each computer is responsible for authenticating its own users.[20]
  • Domain accounts are stored in the Active Directory database and available to all computers in the domain. Local accounts are stored in the Security Account Manager (SAM) database on each local computer and available only to that computer.[21]
  • Active Directory supports two types of user groups: distribution groups and security groups. Distribution groups are used for email applications such as with Microsoft Exchange. Security groups are used to group user accounts for applied rights and permissions.[22]
  • Active Directory groups may be created with Universal, Global, or Domain Local scope. Universal groups can contain any account in the forest and can be assigned to any resource in the forest. Global groups can contain any account in the domain and can be assigned to any resource in the forest. Domain local groups can contain any account in the forest and can be assigned to any resource in the domain.[23]
  • Universal groups can contain other universal groups and global groups from the forest. Global groups can contain other global groups from the same domain. Domain local groups can contain universal and global groups from the forest and other domain local groups from the same domain.[24]
  • The Microsoft-recommended approach to account and resource management is to use global groups to organize users and domain local groups to organize resources. That is, to place accounts into global groups, place global groups into domain local groups, and give domain local groups permissions to access resources, also referred to as AGDLP.[25]

Key Terms

edit
access control
The selective restriction of access to a place or resource.[26]
authentication
The act of confirming the truth of an attribute of a datum or entity, such as a person's identity.[27]
authorization
The function of specifying access rights to resources, which is related to information security and computer security in general and to access control in particular.[28]
Kerberos
A computer network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.[29]
Lightweight Directory Access Protocol (LDAP)
An application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.[30]
member server
A server that is a member of an Active Directory domain and is not a domain controller.[31]
multi-master replication
A method of database replication which allows data to be stored by a group of computers, and updated by any member of the group.[32]
resource
An object that security principals may be authorized to access, such as files, folders, and printers.[33]
Samba
A free software re-implementation of the SMB/CIFS networking protocol that is included with most Unix and Linux operating systems and allows them to connect with Microsoft Windows file and print services.[34]
security principals
An entity that can be authenticated by a computer system or network, such as users, groups, and computers.[35]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Active Directory (AD) is a directory service implemented by Microsoft for _____. An AD _____ authenticates and authorizes all _____ and _____ in a _____ network, assigning and enforcing _____ for all _____ and installing or updating _____.
    Active Directory (AD) is a directory service implemented by Microsoft for Windows domain networks. An AD domain controller authenticates and authorizes all users and computers in a Windows domain network, assigning and enforcing security policies for all computers and installing or updating software.
  2. A schema defines the _____ which can be stored in an Active Directory database.
    A schema defines the types of objects and the characteristics and information that the objects represent which can be stored in an Active Directory database.
  3. A forest is a _____ that share a common _____, _____, _____, and _____.
    A forest is a collection of one or more trees that share a common global catalog, directory schema, logical structure, and directory configuration.
  4. A tree is a _____ in a _____, linked in a _____ hierarchy.
    A tree is a collection of one or more domains in a contiguous namespace, linked in a transitive trust hierarchy.
  5. A domain is defined as a _____ that share the same _____.
    A domain is defined as a logical group of objects (computers, users, devices) that share the same Active Directory database.
  6. Domains are identified by their _____, the _____ used for Active Directory.
    Domains are identified by their DNS name structure, the namespace used for Active Directory.
  7. Trusts allow users in _____ to _____.
    Trusts allow users in one domain to access resources in another domain.
  8. Trusts between a parent and child domain are _____.
    Trusts between a parent and child domain are automatically created when the child domain is created.
  9. Domain controllers are servers that have _____ and host _____.
    Domain controllers are servers that have the Active Directory Domain Services role installed and host an Active Directory database for a given domain.
  10. Sites are _____ in a _____.
    Sites are collections of well-connected subnets in a given geographic location.
  11. Replication copies _____ to _____ hosting _____.
    Replication copies changes on one domain controller to all other domain controllers hosting the same Active Directory database (meaning within in the same domain).
  12. The Knowledge Consistency Checker (KCC) service creates _____ of _____ using _____ to _____.
    The Knowledge Consistency Checker (KCC) service creates a replication topology of site links using the defined sites to manage traffic.
  13. Intrasite replication is _____ and _____ as a result of _____, which triggers domain controllers to begin a _____ replication cycle.
    Intrasite replication is frequent and automatic as a result of change notification, which triggers domain controllers to begin a pull replication cycle.
  14. Intersite replication intervals are typically _____ and based on _____ rather than _____.
    Intersite replication intervals are typically less frequent and based on elapsed time rather than change notification.
  15. Although most domain changes can be made on any domain controller, certain operations are supported only on a single server. These servers are designated _____ (originally _____ or _____). The _____ roles are _____, _____, _____, _____, and _____.
    Although most domain changes can be made on any domain controller, certain operations are supported only on a single server. These servers are designated operation masters (originally Flexible Single Master Operations or FSMOs). The operation master roles are Schema Master, Domain Naming Master, PDC Emulator, RID Master, and Infrastructure Master.
  16. The functional level of a domain or forest controls which _______ ________ are available in the forest or domain. Separate functional levels are available for _______ ________ _____ and _______ _______ _________. Forests and domains should be set to the ________ functional level all domain controllers support.
    The functional level of a domain or forest controls which advanced features are available in the forest or domain. Separate functional levels are available for Windows Server 2016 and Windows Server 2019. Forests and domains should be set to the highest functional level all domain controllers support.
  17. Containers are used to group _____ for _____. The default containers include _____, _____, _____, _____, and _____.
    Containers are used to group Active Directory objects for administrative purposes. The default containers include the domain itself, Builtin, Users, Computers, and Domain Controllers.
  18. Organizational Units (OUs) are object containers that support both _____ and _____ and are used to provide _____ to a domain.
    Organizational Units (OUs) are object containers that support both administrative delegation and the application of Group Policy objects and are used to provide an administrative hierarchy to a domain.
  19. In a domain, the Active Directory database is used to authenticate _____ for all computers and users in the domain. The alternative configuration is a _____, in which each computer is _____.
    In a domain, the Active Directory database is used to authenticate users and computers for all computers and users in the domain. The alternative configuration is a workgroup, in which each computer is responsible for authenticating its own users.
  20. Domain accounts are stored in _____ and available to all computers in the domain. Local accounts are stored in _____ on each local computer and available only to that computer.
    Domain accounts are stored in the Active Directory database and available to all computers in the domain. Local accounts are stored in the Security Account Manager (SAM) database on each local computer and available only to that computer.
  21. Active Directory supports two types of user groups: _____ and _____. _____ groups are used for email applications such as with Microsoft Exchange. _____ groups are used to group user accounts for _____.
    Active Directory supports two types of user groups: distribution groups and security groups. Distribution groups are used for email applications such as with Microsoft Exchange. Security groups are used to group user accounts for applied rights and permissions.
  22. Active Directory groups may be created with _____, _____, or _____ scope. _____ groups can contain any account in the forest and can be assigned to any resource in the forest. _____ groups can contain any account in the domain and can be assigned to any resource in the forest. _____ groups can contain any account in the forest and can be assigned to any resource in the domain.
    Active Directory groups may be created with Universal, Global, or Domain Local scope. Universal groups can contain any account in the forest and can be assigned to any resource in the forest. Global groups can contain any account in the domain and can be assigned to any resource in the forest. Domain local groups can contain any account in the forest and can be assigned to any resource in the domain.
  23. Universal groups can contain _____. Global groups can contain _____. Domain local groups can contain _____.
    Universal groups can contain other universal groups and global groups from the forest. Global groups can contain other global groups from the same domain. Domain local groups can contain universal and global groups from the forest and other domain local groups from the same domain.
  24. The Microsoft-recommended approach to account and resource management is to use global groups to _____ and domain local groups to organize _____. That is, to place accounts into _____, place _____ into _____, and give _____ permissions to access _____, also referred to as _____.
    The Microsoft-recommended approach to account and resource management is to use global groups to organize users and domain local groups to organize resources. That is, to place accounts into global groups, place global groups into domain local groups, and give domain local groups permissions to access resources, also referred to as AGDLP.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 7 - Group Policy

edit

This lesson covers Group Policy. Activities include creating and testing Group Policy objects.

Objectives and Skills

edit

Objectives and skills for the Understanding Active Directory portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand group policy: group policy processing; Group Policy Management Console; computer policies; user policies; local policies

Readings

edit
  1. Wikipedia: Group Policy
  2. What is Group Policy and How Does it work?
  3. Wikipedia: Folder redirection
  4. Using Folder Redirection in Group Policy
  5. Configure folder redirection to OneDrive
  6. Wikipedia: Roaming user profile
  7. Deploying Roaming User Profiles

Multimedia

edit
  1. YouTube: Introduction to Group Policy in Windows Server 2016
  2. YouTube: Group Policy (Part 2 of 4) - Group Policy Desktop Settings
  3. YouTube: How to Deploy Software (MSI Packages) Via Group Policy (GPO) | Windows Server 2019
  4. YouTube: How to Enable Roaming User Profiles on Windows Server 2019
  5. YouTube: Deploy Folder Redirection in Windows Server 2019
  6. YouTube: How To Map Network Drives Using Logon Script GPO in Windows Server 2019
  7. YouTube: How to change screensaver and timeouts in Group Policy Windows Server 2019

Activities

edit
  1. Review Wikipedia: Group Policy and Password Policy in the Default Domain Policy. Configure essential security settings, including Password Policy and Account Lockout Policy.
  2. Review Step by Step How to Configure Folder Redirection in Windows Server 2016. Configure and test folder redirection.
  3. Review How to Configure Roaming Profile in Windows Environment Step by Step Procedures Configure and test roaming user profiles. Compare and contrast roaming user profiles with folder redirection.

Lesson Summary

edit
  • Group Policy provides centralized management and configuration of operating systems, applications, and users' settings in an Active Directory environment.[2]
  • Policy settings are defined separately for computers and for users. Computer policies are processed at computer startup. User policies are processed at user logon.[3]
  • Group Policy objects are processed in the following order: local, site, domain, then organizational unit (OU). Policy settings are inherited from one level to the next unless overridden.[4]
  • Policy inheritance can be blocked at a lower level. But higher level policies can be set as enforced, preventing both the blocking of inheritance and override.[5]
  • Group Policy objects are created and maintained using the Group Policy Management Console.[6]
  • Local policies may be set on individual computers using the Microsoft Management Console Local Security Policy snap-in.[7]
  • By default, Microsoft Windows refreshes its policy settings every 90 - 120 minutes on workstations and member servers and every five minutes on domain controllers. However, some settings are only applied during startup or user logon.[8]
  • Group Policy settings can be refreshed manually using the gpupdate command.[9]
  • The gpresult command may be used to display the Resultant Set of Policy (RSoP) settings for a given computer or user.[10]
  • Folder Redirection provides the ability to automatically reroute file operations from standard local folders (directories) to storage located elsewhere on a network.[11]
  • Folder Redirection allows the saving of user data to centralized network server locations for easier sharing, backup, and recovery.[12]
  • Folder Redirection separates user data from profile data, decreasing the amount of time required to log on when profile data is also stored on a server (roaming profile).[13]
  • Folder Redirection is most often implemented using Group Policy settings.[14]
  • The following user folders may be redirected through Folder Redirection: AppData/Roaming, Contacts, Desktop, Downloads, Favorites, Links, Music, Documents, Pictures, Saved Games, Searches, Start Menu, and Videos..[15]
  • Active Directory supports three types of user profiles: local profiles, roaming profiles, and mandatory profiles. Local profiles are created automatically on each computer where a user logs on. Roaming profiles are copied to a server share and downloaded to the local computer when users log on. Mandatory profiles are implemented as read-only roaming profiles.[16]

Key Terms

edit
Windows Management Instrumentation (WMI)
A set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification.[17]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Group Policy provides _____ of _____, _____, and _____ in an Active Directory environment.
    Group Policy provides centralized management and configuration of operating systems, applications, and users' settings in an Active Directory environment.
  2. Policy settings are defined separately for _____ and for _____. _____ policies are processed at computer startup. _____ policies are processed at user logon.
    Policy settings are defined separately for computers and for users. Computer policies are processed at computer startup. User policies are processed at user logon.
  3. Group Policy objects are processed in the following order: _____, _____, _____, then _____. Policy settings are inherited from one level to the next unless overridden.
    Group Policy objects are processed in the following order: local, site, domain, then organizational unit (OU). Policy settings are inherited from one level to the next unless overridden.
  4. Policy inheritance can be _____ at a lower level. But higher level policies can be set as _____, preventing both the _____ of inheritance and _____.
    Policy inheritance can be blocked at a lower level. But higher level policies can be set as enforced, preventing both the blocking of inheritance and override.
  5. Group Policy objects are created and maintained using the _____.
    Group Policy objects are created and maintained using the Group Policy Management Console.
  6. Local policies may be set on individual computers using the _____.
    Local policies may be set on individual computers using the Microsoft Management Console Local Security Policy snap-in.
  7. By default, Microsoft Windows refreshes its policy settings every _____ minutes on workstations and member servers and every _____ minutes on domain controllers. However, some settings are only applied during _____ or _____.
    By default, Microsoft Windows refreshes its policy settings every 90 - 120 minutes on workstations and member servers and every five minutes on domain controllers. However, some settings are only applied during startup or user logon.
  8. Group Policy settings can be refreshed manually using the _____ command.
    Group Policy settings can be refreshed manually using the gpupdate command.
  9. The _____ command may be used to display the Resultant Set of Policy (RSoP) settings for a given _____ or _____.
    The gpresult command may be used to display the Resultant Set of Policy (RSoP) settings for a given computer or user.
  10. Folder Redirection provides the ability to automatically _____ file operations from _____ to _____.
    Folder Redirection provides the ability to automatically reroute file operations from standard local folders (directories) to storage located elsewhere on a network.
  11. Folder Redirection allows the saving of user data to _____ for easier _____, _____, and _____.
    Folder Redirection allows the saving of user data to centralized network server locations for easier sharing, backup, and recovery.
  12. Folder Redirection separates _____ data from _____ data, decreasing the amount of time required to log on when _____ data is also stored on a server.
    Folder Redirection separates user data from profile data, decreasing the amount of time required to log on when profile data is also stored on a server (roaming profile).
  13. Folder Redirection is most often implemented using _____.
    Folder Redirection is most often implemented using Group Policy settings.
  14. The following user folders may be redirected through Folder Redirection: _____, _____, _____, _____, _____, _____, _____, _____, _____, _____, _____, _____, and _____.
    The following user folders may be redirected through Folder Redirection: AppData/Roaming, Contacts, Desktop, Downloads, Favorites, Links, Music, Documents, Pictures, Saved Games, Searches, Start Menu, and Videos.
  15. Active Directory supports three types of user profiles: _____ profiles, _____ profiles, and _____ profiles. _____ profiles are created automatically on each computer where a user logs on. _____ profiles are copied to a server share and downloaded to the local computer when users log on. _____ profiles are implemented as _____ profiles.
    Active Directory supports three types of user profiles: local profiles, roaming profiles, and mandatory profiles. Local profiles are created automatically on each computer where a user logs on. Roaming profiles are copied to a server share and downloaded to the local computer when users log on. Mandatory profiles are implemented as read-only roaming profiles.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 8 - File and Print Services

edit

This lesson covers File and Print services. Activities include configuring and testing file and print servers.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Roles portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand the file and print services: local printers; network printers; printer pools; web printing; web management; driver deployment; file, folder, and share permissions vs. rights; auditing; print job management

Readings

edit
  1. Wikipedia: File server
  2. Overview of file sharing using the SMB 3 protocol in Windows Server
  3. What's new in Storage in Windows Server
  4. Wikipedia: Print server
  5. Wikipedia: Line Printer Daemon protocol
  6. Wikipedia: Internet Printing Protocol
  7. Wikipedia: Information technology security audit

Multimedia

edit
  1. YouTube: How to Install and Configure File Server on Windows Server 2019
  2. YouTube: Windows Server 2019 How to create a shared folder
  3. YouTube: Setup Share Folders with NTFS Permission in Windows Server 2019
  4. YouTube: Install and Configure DFS Namespaces in Windows Server 2019
  5. YouTube: How to Install and Configure Print Server on Windows Server 2019
  6. YouTube: Configure Quotas with File Server Resource Manager
  7. YouTube: MCITP 70-640: Windows Auditing
  8. YouTube: MCITP 70-640: Windows File Auditing

Activities

edit
  1. Review Windows Server 2019 : File Server : Install : Server World and Share a folder with Windows Server. Add the file server role and share folders.
  2. Review NTFS and Share Permissions in Server 2019. Apply and test both approaches.
  3. Review How to setup DFS on Server 2019. Install DFS, add a namespace and some target folders]
  4. Review File Server Resource Manager (FSRM) overview. Configure a quota and test it.
  5. Review Print Server Deployment on Windows Server 2019. Add the print server role and configure shared printers. Publish one through Active Directory
  6. Review Enable File and Folder Access Auditing on Windows Server. Configure auditing of access to specific folders.

Lesson Summary

edit
  • A file server is a computer attached to a network that has the primary purpose of providing a location for shared disk access to workstations on the network.[2]
  • Access to file server resources is based on user or group credentials.[3]
  • Access permissions define the operations that can be performed on network resources.[4]
  • User rights define the privileges set for specific administrative tasks.[5]
  • Share permissions are applied to network shares. NTFS permissions are applied to files and folders. When accessing files and folders through a network share, both shared folder permissions and NTFS permissions are applied, with the most restrictive permission being the effective permission.[6]
  • Server Message Block (SMB), also known as Common Internet File System (CIFS), is the application-layer network protocol used for providing shared access to files and printers with Windows File and Print services.[7]
  • Samba is a free SMB/CIFS implementation for Unix-like clients, which includes Linux and macOS.[8]
  • SMB was originally based on NetBIOS names and used WINS for name resolution. This approach has been deprecated in favor of host names and the use of DNS for name resolution.[9]
  • SMB is also a fabric protocol used by software-defined data center (SDDC) solutions such as Storage Spaces Direct, Storage Replica, and others. SMB version 3.0 was introduced with Windows Server 2012 and has been incrementally improved in subsequent releases.[10]
  • DFS stands for Distributed File System, and it provides the ability to consolidate multiple shares on different servers into a common namespace.[11]
  • With DFS, the storage administrator creates a hierarchical namespace of links that point to his company’s file shares. These shares can be hosted by any SMB-compatible device, including Windows Servers, network-attached storage devices from numerous vendors, and even Samba shares.[12]
  • System Insights is a predictive analytics feature that locally analyzes Windows Server system data and provides insight into the functioning of the server. It comes with a number of built-in capabilities, but we've added the ability to install additional capabilities via Windows Admin Center, starting with disk anomaly detection. Disk anomaly detection is a new capability that highlights when disks are behaving differently than usual.[13]
  • Storage Spaces are virtual disks created from a storage pool, which is a collection of physical disks. [14]
  • A storage space appears to the Windows operating system as a regular disk from which you can create formatted volumes. When you create a virtual disk through the File and Storage Services user interface, you can configure the resiliency type (simple, mirror, or parity), the provisioning type (thin or fixed), and the size. [15]
  • File Server Resource Manager (FSRM) is a role service in Windows Server that enables you to manage and classify data stored on file servers. You can use File Server Resource Manager to automatically classify files, perform tasks based on these classifications, set quotas on folders, and create reports monitoring storage usage.[16]
  • A print server is a device that connects printers to client computers over a network by accepting print jobs from the computers and sending the jobs to the appropriate printers, queuing the jobs locally to accommodate the fact that work may arrive more quickly than the printer can actually handle it.[17]
  • Windows Print services support printing through SMB, LPD, IPP, and other protocols.[18]
  • Local printers are physically attached to the print server. Network printers are connected to the network and accessed through the printer driver loaded on the server.[19]
  • A printer pool is a single logical printer on the print server connected to multiple physical local or network printers. All printers in the pool must use the same printer driver.[20]
  • Printers and print jobs are managed using the Microsoft Management Console Print Management snap-in.[21]
  • Windows Print services supports installation of both 32-bit and 64-bit print drivers, allowing network clients to pull drivers from the print server when printing.[22]
  • The Internet Printing Protocol (IPP) provides a standard network protocol for remote printing and managing print jobs with support for access control, authentication, and encryption.[23]
  • A computer security audit is a manual or systematic measurable technical assessment of a system or application.[24]
  • In Windows, auditing may be configured on files, folders, and printers to monitor access and usage.[25]

Key Terms

edit
cache
A component that transparently stores data so that future requests for that data can be served faster.[26]
CIFS (Common Internet File System)
Another name for the Server Message Block (SMB) protocol.[27]
JetDirect
The name of a technology and products sold by Hewlett-Packard that allows computer printers to be directly attached to a Local Area Network.[28]
Line Printer Daemon (LPD)
A network protocol for submitting print jobs to a remote printer.[29]
NetBIOS (Network Basic Input/Output System)
Provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network.[30]
print job
A file or set of files that has been submitted to be printed.[31]
queue
A collection in which the entities in the collection are kept in order and processed sequentially as First-In-First-Out.[32]
Spool
An acronym for simultaneous peripheral operations on-line, most commonly used for print spooling.[33]
Windows Internet Name Service (WINS)
Microsoft's implementation of NetBIOS Name Service (NBNS), a name server and service for NetBIOS computer names, providing a central mapping of NetBIOS names to network addresses in the same way that DNS provides a central mapping of host names to network addresses.[34]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. A file server is a computer attached to a network that has the primary purpose of _____.
    A file server is a computer attached to a network that has the primary purpose of providing a location for shared disk access to workstations on the network.
  2. Access to file server resources is based on _____.
    Access to file server resources is based on user or group credentials.
  3. Access permissions define _____.
    Access permissions define the operations that can be performed on network resources.
  4. User rights define _____.
    User rights define the privileges set for specific administrative tasks.
  5. Share permissions are applied to _____. NTFS permissions are applied to _____. When accessing files and folders through a network share, _____ permissions are applied, with the _____ permission being the effective permission.
    Share permissions are applied to network shares. NTFS permissions are applied to files and folders. When accessing files and folders through a network share, both shared folder permissions and NTFS permissions are applied, with the most restrictive permission being the effective permission.
  6. _____, also known as _____, is the application-layer network protocol used for providing shared access to files and printers with Windows File and Print services.
    Server Message Block (SMB), also known as Common Internet File System (CIFS), is the application-layer network protocol used for providing shared access to files and printers with Windows File and Print services.
  7. Samba is a free SMB/CIFS implementation for _____ clients, which includes _____.
    Samba is a free SMB/CIFS implementation for Unix-like clients, which includes Linux and macOS.
  8. SMB was originally based on _____ names and used _____ for name resolution. This approach has been deprecated in favor of _____ names and the use of _____ for name resolution.
    SMB was originally based on NetBIOS names and used WINS for name resolution. This approach has been deprecated in favor of host names and the use of DNS for name resolution.
  9. SMB is also a fabric protocol used by software-defined data center (SDDC) solutions such as _______ ______ ______, _______ ______, and others. SMB version ____ was introduced with Windows Server 2012 and has been incrementally improved in subsequent releases
    SMB is also a fabric protocol used by software-defined data center (SDDC) solutions such as Storage Spaces Direct, Storage Replica, and others. SMB version 3.0 was introduced with Windows Server 2012 and has been incrementally improved in subsequent releases
  10. DFS stands for ___________ ____ ______, and it provides the ability to consolidate multiple ______ on different _______ into a common _________.
    DFS stands for Distributed File System, and it provides the ability to consolidate multiple shares on different servers into a common namespace.
  11. With ___, the storage administrator creates a hierarchical _________ of links that point to his company’s file shares. These shares can be hosted by any SMB-compatible device, including Windows Servers, network-attached storage devices from numerous vendors, and even Samba shares.
    With DFS, the storage administrator creates a hierarchical namespace of links that point to his company’s file shares. These shares can be hosted by any SMB-compatible device, including Windows Servers, network-attached storage devices from numerous vendors, and even Samba shares.
  12. ______ ________ is a __________ analytics feature that locally analyzes Windows Server system data and provides insight into the functioning of the server. It comes with a number of built-in capabilities, but we've added the ability to install additional capabilities via Windows Admin Center, starting with disk anomaly detection. ____ _______ detection is a new capability that highlights when disks are behaving differently than usual.
    System Insights is a predictive analytics feature that locally analyzes Windows Server system data and provides insight into the functioning of the server. It comes with a number of built-in capabilities, but we've added the ability to install additional capabilities via Windows Admin Center, starting with disk anomaly detection. Disk anomaly detection is a new capability that highlights when disks are behaving differently than usual.
  13. _______ ______ are virtual disks created from a _______ ____, which is a collection of ________ disks.
    Storage Spaces are virtual disks created from a storage pool, which is a collection of physical disks.
  14. A _______ _____ appears to the Windows operating system as a regular disk from which you can create formatted volumes. When you create a virtual disk through the File and Storage Services user interface, you can configure the __________ type (simple, mirror, or parity), the ____________ type (thin or fixed), and the ____.
    A storage space appears to the Windows operating system as a regular disk from which you can create formatted volumes. When you create a virtual disk through the File and Storage Services user interface, you can configure the resiliency type (simple, mirror, or parity), the provisioning type (thin or fixed), and the size.
  15. ____ ______ ________ _______ (____) is a role service in Windows Server that enables you to manage and classify data stored on file servers. You can use File Server Resource Manager to automatically classify files, perform tasks based on these classifications, set ______ on folders, and create _______ monitoring storage usage.
    File Server Resource Manager (FSRM) is a role service in Windows Server that enables you to manage and classify data stored on file servers. You can use File Server Resource Manager to automatically classify files, perform tasks based on these classifications, set quotas on folders, and create reports monitoring storage usage.
  16. A print server is a device that connects _____ over a network by accepting _____ and sending _____, first _____.
    A print server is a device that connects printers to client computers over a network by accepting print jobs from the computers and sending the jobs to the appropriate printers, first queuing the jobs locally to accommodate the fact that work may arrive more quickly than the printer can actually handle it.
  17. Windows Print services support printing through _____, _____, _____, and other protocols.
    Windows Print services support printing through SMB, LPD, IPP, and other protocols.
  18. Local printers are physically attached to _____. Network printers are connected to _____ and accessed through _____.
    Local printers are physically attached to the print server. Network printers are connected to the network and accessed through the printer driver loaded on the server.
  19. A printer pool is _____. All printers in the pool must _____.
    A printer pool is a single logical printer on the print server connected to multiple physical local or network printers. All printers in the pool must use the same printer driver.
  20. Printers and print jobs are managed using _____.
    Printers and print jobs are managed using the Microsoft Management Console Print Management snap-in.
  21. Windows Print services supports installation of both _____ and _____ print drivers, allowing network clients to _____.
    Windows Print services supports installation of both 32-bit and 64-bit print drivers, allowing network clients to pull drivers from the print server when printing.
  22. The Internet Printing Protocol (IPP) provides _____ for _____ and _____ with support for _____, _____, and _____.
    The Internet Printing Protocol (IPP) provides a standard network protocol for remote printing and managing print jobs with support for access control, authentication, and encryption.
  23. A computer security audit is _____ of a _____ or _____.
    A computer security audit is a manual or systematic measurable technical assessment of a system or application.
  24. In Windows, auditing may be configured on _____, _____, and _____ to monitor _____ and _____.
    In Windows, auditing may be configured on files, folders, and printers to monitor access and usage.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 9 - Web Services

edit

This lesson covers web services. Activities include installing and configuring Internet Information Services (IIS) with web sites and virtual directories, SSL/TLS encryption, and FTP publishing.


Objectives and Skills

edit

Objectives and skills for the Understanding Server Roles portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand Web services: IIS, WWW, and FTP; separate worker processes; adding components; sites; ports; SSL; certificates

Readings

edit
  1. Wikipedia: Web server
  2. Wikipedia: Hypertext Transfer Protocol
  3. Wikipedia: HTTP Secure
  4. Wikipedia: Transport Layer Security
  5. Wikipedia: Public key certificate
  6. Wikipedia: File Transfer Protocol
  7. Wikipedia: Internet Information Services

Multimedia

edit
  1. YouTube: How to Setup or Configure IIS(Web Server) Server in Windows Server 2019
  2. YouTube: Website configuration for beginners in Windows Server 2019
  3. YouTube: Web Server 2019 – IIS 10 - Hosting Single Website on IIS Server
  4. YouTube: How to create an IIS virtual directory website in Windows Server 2019
  5. YouTube: How to Install & Configure FTP Server on Windows Server 2019
  6. YouTube: PKI Bootcamp - What is a PKI?

Activities

edit
  1. Review Install and Configure IIS Web Server on Windows Server 2019. Add the web server role and configure web and FTP services.
  2. Add a web site.
  3. Review How To Configure Virtual Directory on Windows IIS Server 2019 Add a virtual directory to the web site.
  4. Add a second web site and configure host headers so that both sites are active.
  5. Configure access security on the second web site so that it is only available as an intranet web site.
  6. Use a web browser to view certificate information for an HTTPS connection.
  7. Use the Internet to search for SSL certificate vendors and compare prices and certificate options.
  8. Use IIS to build a certificate request for a secure web site.
  9. Configure FTP access to publish content to one of the web sites.

Lesson Summary

edit
  • The term web server may refer to either the hardware (the computer) or the software (the computer application) that helps deliver web content that can be accessed through the Internet.[2]
  • The primary function of a web server is to process client requests for web pages using the Hypertext Transfer Protocol (HTTP).[3]
  • Web server content may come from either static files on the server or dynamic content generated from databases.[4]
  • Web servers also support receiving content from clients through submission of web forms and uploading of files.[5]
  • The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems, and is the foundation of data communication for the World Wide Web.[6]
  • Hypertext Transfer Protocol Secure (HTTPS) is a widely used communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the Secure Sockets Layer / Transport Layer Security (SSL/TLS) protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications.[7]
  • HTTP URLs begin with "http://" and use port 80 by default. HTTPS URLs begin with "https://" and use port 443 by default.[8]
  • Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet.[9]
  • SSL/TLS uses asymmetric cryptography for authentication of key exchange, symmetric encryption for confidentiality and message authentication codes for message integrity.[10]
  • Public key certificates (also known as a digital certificate or identity certificate) use a digital signature to bind a public key with an identity to verify that a public key belongs to an individual. The digital signature is provided by a trusted certificate authority.[11]
  • FTP uses either clear-text authentication or anonymous connections.[12]
  • FTP has two connection modes: active and passive. Both modes use TCP port 21 for communication. Active mode uses a separate port for data transfer. Only passive mode works through most default firewall configurations.[13]
  • Internet Information Services (IIS) is Microsoft's web server software application and supported extension modules for use on Windows platforms.[14]
  • IIS components are added and removed through Server Manager - Add or Remove Roles or Features.[15]
  • IIS has a modular architecture. Modules, also called extensions, can be added or removed individually so that only modules required for specific functionality need to be installed.[16]
  • IIS supports application pools that allow web sites and web applications to be assigned to separate worker processes to improve reliability and manageability.[17]

Key Terms

edit
Active Server Pages (ASP)
Microsoft's first server-side script engine for dynamically generated web pages.[18]
File Transfer Protocol (FTP)
A standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet.[19]
hyperlink
A reference to data that the reader can directly follow, or that is followed automatically.[20]
HyperText Markup Language (HTML)
The main markup language for creating web pages and other information that can be displayed in a web browser.[21]
Hypertext Transfer Protocol (HTTP)
An application protocol for distributed, collaborative, hypermedia information systems, and the foundation of data communication for the World Wide Web.[22]
PHP
An open-source, server-side scripting language designed for web development but also used as a general-purpose programming language.[23]
proxy server
A server that acts as an intermediary for requests from clients seeking resources from other servers.[24]
server-side scripting
A technique used in website design which involves embedding scripts in HTML source code which results in a user's (client's) request to the server website being handled by a script running server-side before the server responds to the client's request.[25]
style sheet
A file that defines the visual layout (style) for a web page, separate from the markup (i.e., HTML or XHTML) of the page's semantic content and structure.[26]
Uniform Resource Locator (URL)
A specific character string that constitutes a reference to a resource, also known as a web address.[27]
user agent
Software that is acting on behalf of a user, such as a web browser.[28]
virtual hosting
A method for hosting multiple domain names, with separate handling of each name, on a single server or pool of servers.[29]
web cache
A mechanism for the temporary storage (caching) of web documents, such as HTML pages and images, to reduce bandwidth usage, server load, and perceived lag.[30]
web crawler
An Internet robot that systematically browses the World Wide Web, typically for the purpose of Web indexing.[31]
website
A set of related web pages served from a single web domain.[32]
World Wide Web (WWW)
A system of interlinked hypertext documents accessed via the Internet.[33]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. The term web server may refer to either _____ or _____ that helps deliver web content that can be accessed through the Internet.
    The term web server may refer to either the hardware (the computer) or the software (the computer application) that helps deliver web content that can be accessed through the Internet.
  2. The primary function of a web server is to _____ using the _____ (protocol).
    The primary function of a web server is to process client requests for web pages using the Hypertext Transfer Protocol (HTTP).
  3. Web server content may come from either static _____ or dynamic _____.
    Web server content may come from either static files on the server or dynamic content generated from databases.
  4. Web servers also support receiving content from clients through _____ and _____.
    Web servers also support receiving content from clients through submission of web forms and uploading of files.
  5. The Hypertext Transfer Protocol (HTTP) is an application protocol for _____, and is the foundation of data communication for _____.
    The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems, and is the foundation of data communication for the World Wide Web.
  6. Hypertext Transfer Protocol Secure (HTTPS) is a widely used communications protocol for _____, with especially wide deployment on _____. Technically, it is not a protocol in itself; rather, it is the result of _____, thus adding the security capabilities of _____ to _____.
    Hypertext Transfer Protocol Secure (HTTPS) is a widely used communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the Secure Sockets Layer / Transport Layer Security (SSL/TLS) protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications.
  7. HTTP URLs begin with _____ and use port _____ by default. HTTPS URLs begin with _____ and use port _____ by default.
    HTTP URLs begin with "http://" and use port 80 by default. HTTPS URLs begin with "https://" and use port 443 by default.
  8. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are _____ protocols that provide _____.
    Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet.
  9. SSL/TLS uses _____ cryptography for authentication of key exchange, _____ encryption for confidentiality and _____ for message integrity.
    SSL/TLS uses asymmetric cryptography for authentication of key exchange, symmetric encryption for confidentiality and message authentication codes for message integrity.
  10. Public key certificates (also known as a digital certificate or identity certificate) use _____ to bind a public key with an identity to verify that a public key belongs to an individual. The _____ is provided by _____.
    Public key certificates (also known as a digital certificate or identity certificate) use a digital signature to bind a public key with an identity to verify that a public key belongs to an individual. The digital signature is provided by a trusted certificate authority.
  11. FTP uses either _____ authentication or _____ connections.
    FTP uses either clear-text authentication or anonymous connections.
  12. FTP has two connection modes: _____ and _____. Both modes use TCP port _____ for communication. _____ mode uses a separate port for data transfer. Only _____ mode works through most default firewall configurations.
    FTP has two connection modes: active and passive. Both modes use TCP port 21 for communication. Active mode uses a separate port for data transfer. Only passive mode works through most default firewall configurations.
  13. Internet Information Services (IIS) is Microsoft's _____.
    Internet Information Services (IIS) is Microsoft's web server software application and supported extension modules for use on Windows platforms.
  14. IIS components are added and removed through _____.
    IIS components are added and removed through Server Manager - Add or Remove Roles or Features.
  15. IIS has a modular architecture. Modules, also called _____, can be added or removed individually so that only modules required for specific functionality need to be installed.
    IIS has a modular architecture. Modules, also called extensions, can be added or removed individually so that only modules required for specific functionality need to be installed.
  16. IIS supports _____ that allow web sites and web applications to be assigned to separate worker processes to improve _____.
    IIS supports application pools that allow web sites and web applications to be assigned to separate worker processes to improve reliability and manageability.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 10 - Remote Access

edit

This lesson covers remote access using Windows Remote Assistance, Remote Desktop Services, and virtual private networks. Activities include using Windows Remote Assistance, Remote Desktop, and Remote Server Administration Tools.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Roles portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand remote access: remote assistance; remote administration tools; Remote Desktop Services; licensing; RD Gateway; VPN; application virtualization; multiple ports

Readings

edit
  1. Wikipedia: Quick Assist
  2. Wikipedia: Remote desktop software
  3. Wikipedia: Remote administration
  4. Wikipedia: Remote Desktop Services
  5. Wikipedia: Application virtualization
  6. Wikipedia: Virtual private network

Multimedia

edit
  1. YouTube: How to use Windows 10 Quick Assist to Remotely Troubleshoot PC problems
  2. YouTube: Enable Remote Desktop Protocol (RDP) on Windows Server 2019
  3. YouTube: How to Use Remote Desktop Connection Windows 10
  4. YouTube: How to install Remote Server Administration Tools (RSAT) on Windows 10
  5. YouTube: How to install Remote Server Administrator Tools in Windows 10
  6. YouTube: Install and Configure Remote Desktop Services RDS on Windows Server 2019
  7. What is a VPN?]

Activities

edit
  1. Review Installing a Windows Role/Feature with Server Manager. Add Remote Assistance
  2. Review How to Enable Remote Assistance Using Group Policy. Configure Remote assistance and initiate remote assistance to another user.
  3. Review How To Enable Remote Desktop In Windows Server 2019. Enable Remote Desktop. Use Windows Firewall to verify that Remote Desktop is enabled. Use another computer to access the server remotely using Remote Desktop.
  4. Review Install or Uninstall Roles, Role Services, or Features. Add a role or feature with the gui and one with PowerShell
  5. Review Manage a Server Core server. Remotely administer a Server Core server and install a role by Server Manager, RSAT on Windows 10 or PowerShell.
  6. Review Remote Desktop Services. Click on the "Supported configurations for Remote Desktop Services in Windows Server 2016 and discuss some of the best practices and architectures.
  7. Review Microsoft Remote Desktop Clients. Install Remote Desktop Client on your Android or iOS tablet or smartphone and use the app to connect to the Remote Desktop server.
  8. Review License your RDS deployment with client access licenses (CALs). Use your preferred software license vendor to determine the cost per license for RDP CALs.
  9. Review Microsoft Application Virtualization.
  10. Review Deploy Always On VPN. Configure and test a an Always on VPN server.
  11. Review How to Install VPN using RRAS. Configure your server with RRAS for VPN connections. See if you can connect to it.

Lesson Summary

edit
  • Windows Quick Assist allows a user to temporarily view or control a remote Windows computer over a network or the Internet to resolve issues without directly touching the unit.[2]
  • Windows Remote Assistance is based on the Remote Desktop Protocol.[3]
  • Windows Quick Assist is installed by default on Windows clients, but must be added manually on Windows Server 2019 servers using the Add Features Wizard in Server Manager.[4]
  • Remote assistance sessions may be initiated using the Windows Quick Assist application or by using the msra.exe command line interface.[5]
  • Remote desktop refers to a software or operating system feature that allows a personal computer's desktop environment to be run remotely on one system while being displayed on a separate client device.[6]
  • Common remote desktop approaches include open source VNC and Microsoft's RDP.[7] Of the two, RDP offers better performance.[8]
  • Remote Desktop connections are disabled by default, but may be enabled using System Properties.[9]
  • Remote administration refers to any method of controlling a computer from a remote location.[10]
  • Windows business clients and server editions may be remotely administered using the Microsoft Management Console, the Windows Registry Editor, and various command-line utilities, in addition to Remote Desktop connections.[11]
  • Remote Server Administration Tools for Windows 10 enables IT administrators to manage roles and features that are installed on remote computers that are running Windows Server 2019.[12]
  • Remote Desktop Services allows a user to access applications and data on a remote computer over a network, using the Remote Desktop Protocol (RDP).[13]
  • Remote Desktop clients may be full-fledged computers, thin clients, tablets or smartphones.[14]
  • In the client versions of Windows, Remote Desktop supports only one logged in user at a time, whereas in the server operating systems, concurrent remote sessions are allowed.[15]
  • With Remote Desktop Services, only the user interface of an application is presented to the client, while application execution takes place on the server. This is in contrast to application streaming systems like Microsoft Application Virtualization, in which the applications are streamed to the client and executed on the client machine.[16]
  • The Remote Desktop service listens on TCP port 3389, and supports low, medium or high encryption.[17]
  • Remote Desktop Licensing enables a server to manage Remote Desktop Services client access licenses (RDS CALs) that are required for each device or user to connect to a Remote Desktop Session Host server. RDS CALs are managed using the Remote Desktop Licensing Manager application.[18]
  • The Remote Desktop Gateway component, also known as RD Gateway, tunnels Remote Desktop Protocol sessions through an HTTPS connection, thus encapsulating the session with Transport Layer Security (TLS).[19]
  • A virtual private network (VPN) extends a private network across a public network, such as the Internet, and enables a computer to send and receive data as if it were directly connected to the private network.[20]
  • VPNs provide security by the use of tunneling protocols and through security procedures such as authentication and encryption.[21]
  • Windows Server 2019 VPN supports the following tunneling protocols: PPTP, L2TP, and SSTP.[22]
  • Windows Server 2019 VPN supports the following authentication methods: PAP, CHAP, MS-CHAP v2, and EAP.[23] EAP implemented with public key certificates is considered to be the most secure.[24]

Key Terms

edit
Apple Remote Desktop (ARD)
A Macintosh application produced by Apple Inc., that allows users to remotely control or monitor other Macintosh computers over a network.[25]
application virtualization
A software technology that encapsulates application software from the underlying operating system on which it is executed.[26]
Challenge-Handshake Authentication Protocol (CHAP)
An authentication protocol that uses an algorithm to generate a password challenge based on a known password without ever transmitting the actual password across the network, making it more secure than PAP.[27]
Citrix XenApp
An application virtualization product that allows users to connect to their corporate applications from a wide range of computer systems and mobile devices.[28]
Extensible Authentication Protocol (EAP)
An authentication framework providing for the transport and usage of keying material and parameters and supporting a wide variety of authentication methods.[29]
Generic Routing Encapsulation (GRE)
A tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol internetwork and identified as IP protocol type 47.[30]
Layer 2 Tunneling Protocol (L2TP)
A tunneling protocol used to support virtual private networks (VPNs).[31]
MS-CHAP
The Microsoft version of the Challenge-Handshake Authentication Protocol, CHAP.[32]
NAT traversal
A general term for techniques that establish and maintain Internet protocol connections traversing network address translation (NAT) gateways.[33]
Network Address Translation (NAT)
The process of modifying IP address information in IPv4 headers while in transit across a traffic routing device.[34]
Password Authentication Protocol (PAP)
An authentication protocol that uses a clear-text password.[35]
Peer Name Resolution Protocol (PNRP)
A peer-to-peer protocol designed by Microsoft that enables dynamic name publication and resolution, and requires IPv6.[36]
Point-to-Point Tunneling Protocol (PPTP)
A method for implementing virtual private networks using a TCP connection on port 1723 and a GRE tunnel to encapsulate PPP packets.[37]
RemoteApp
A special mode of Remote Desktop Services where the user interface for a remote application is rendered in a window on the local desktop, and is managed like any other window for local applications.[38]
RemoteFX
A set of Microsoft technologies that enhance the visual experience of the Remote Desktop Protocol (RDP).[39]
Secure Socket Tunneling Protocol (SSTP)
A form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel, allowing SSTP to pass through most firewalls and proxy servers.[40]
Terminal Services
The previous name for Microsoft's Remote Desktop Services.[41]
tunneling protocol
A network protocol (the delivery protocol) used to encapsulate a different payload protocol to carry a payload over an incompatible delivery-network or provide a secure path through an untrusted network.[42]
Virtual Network Computing (VNC)
An open source graphical desktop sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer.[43]
Wake-on-LAN
An Ethernet computer networking standard that allows a computer to be turned on or awakened by a network message.[44]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Windows Quick Assist allows a user to temporarily _____ to resolve issues without directly touching the unit.
    Windows Quick Assist allows a user to temporarily view or control a remote Windows computer over a network or the Internet to resolve issues without directly touching the unit.
  2. Windows Remote Assistance is based on the _____ protocol.
    Windows Remote Assistance is based on the Remote Desktop Protocol.
  3. Windows Quick Assist is installed by default on _____, but must be added manually on _____ using _____.
    Windows Quick Assist is installed by default on Windows clients, but Remote Assistance must be added manually on Windows Server 2019 servers using the Add Features Wizard in Server Manager.
  4. Remote assistance sessions may be initiated using the Windows Quick Assist application or by using the _____ command line interface.
    Remote assistance sessions may be initiated using the Windows Quick Assist application or by using the msra.exe command line interface.
  5. Remote desktop refers to a software or operating system feature that allows _____.
    Remote desktop refers to a software or operating system feature that allows a personal computer's desktop environment to be run remotely on one system while being displayed on a separate client device.
  6. Common remote desktop approaches include open source _____ and Microsoft's _____. Of the two, _____ offers better performance.
    Common remote desktop approaches include open source VNC and Microsoft's RDP. Of the two, RDP offers better performance.
  7. Remote Desktop connections are disabled by default, but may be enabled using _____.
    Remote Desktop connections are disabled by default, but may be enabled using System Properties.
  8. Remote administration refers to _____.
    Remote administration refers to any method of controlling a computer from a remote location.
  9. Windows business clients and server editions may be remotely administered using _____, _____, and _____, in addition to _____ connections.
    Windows business clients and server editions may be remotely administered using the Microsoft Management Console, the Windows Registry Editor, and various command-line utilities, in addition to Remote Desktop connections.
  10. Remote Server Administration Tools for Windows 10 enables IT administrators to _____.
    Remote Server Administration Tools for Windows 10 enables IT administrators to manage roles and features that are installed on remote computers that are running Windows Server 2019.
  11. Remote Desktop Services allows a user to _____, using the _____ protocol.
    Remote Desktop Services allows a user to access applications and data on a remote computer over a network, using the Remote Desktop Protocol (RDP).
  12. Remote Desktop clients may be _____, _____, _____ or _____.
    Remote Desktop clients may be full-fledged computers, thin clients, tablets or smartphones.
  13. In the client versions of Windows, Remote Desktop supports _____ at a time, whereas in the server operating systems, _____ remote sessions are allowed.
    In the client versions of Windows, Remote Desktop supports only one logged in user at a time, whereas in the server operating systems, concurrent remote sessions are allowed.
  14. With Remote Desktop Services, only _____ is presented to the client, while application execution takes place _____. This is in contrast to application streaming systems like _____, in which the applications are streamed to the client and _____.
    With Remote Desktop Services, only the user interface of an application is presented to the client, while application execution takes place on the server. This is in contrast to application streaming systems like Microsoft Application Virtualization, in which the applications are streamed to the client and executed on the client machine.
  15. The Remote Desktop service listens on _____ port _____, and supports _____ encryption.
    The Remote Desktop service listens on TCP port 3389, and supports low, medium or high encryption.
  16. Remote Desktop Licensing enables a server to manage _____ that are required for _____ to connect to a Remote Desktop Session Host server. RDS CALs are managed using the _____ application.
    Remote Desktop Licensing enables a server to manage Remote Desktop Services client access licenses (RDS CALs) that are required for each device or user to connect to a Remote Desktop Session Host server. RDS CALs are managed using the Remote Desktop Licensing Manager application.
  17. The Remote Desktop Gateway component, also known as RD Gateway, tunnels Remote Desktop Protocol sessions through _____, thus encapsulating the session with _____.
    The Remote Desktop Gateway component, also known as RD Gateway, tunnels Remote Desktop Protocol sessions through an HTTPS connection, thus encapsulating the session with Transport Layer Security (TLS).
  18. A virtual private network (VPN) _____, and enables a computer to _____.
    A virtual private network (VPN) extends a private network across a public network, such as the Internet, and enables a computer to send and receive data as if it were directly connected to the private network.
  19. VPNs provide security by the use of _____ and through security procedures such as _____ and _____.
    VPNs provide security by the use of tunneling protocols and through security procedures such as authentication and encryption.
  20. Windows Server 2019 VPN supports the following tunneling protocols: _____, _____, and _____.
    Windows Server 2019 VPN supports the following tunneling protocols: PPTP, L2TP, and SSTP.
  21. Windows Server 2019 VPN supports the following authentication methods: _____, _____, _____, and _____. _____ implemented with public key certificates is considered to be the most secure.
    Windows Server 2019 VPN supports the following authentication methods: PAP, CHAP, MS-CHAP v2, and EAP. EAP implemented with public key certificates is considered to be the most secure.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.
  1. Microsoft: Windows Server Administration Fundamentals Exam Details
  2. Wikipedia: Windows Remote Assistance
  3. Wikipedia: Windows Remote Assistance
  4. Wikipedia: Windows Remote Assistance
  5. Wikipedia: Windows Remote Assistance
  6. Wikipedia: Remote desktop software
  7. Wikipedia: Remote desktop software
  8. Wikipedia: Virtual Network Computing
  9. Microsoft: Remote Desktop Connection: frequently asked questions
  10. Wikipedia: Remote administration
  11. Wikipedia: Remote administration
  12. Wikipedia: Remote administration
  13. Wikipedia: Remote Desktop Services
  14. Wikipedia: Remote Desktop Services
  15. Wikipedia: Remote Desktop Services
  16. Wikipedia: Remote Desktop Services
  17. Wikipedia: Remote Desktop Services
  18. Wikipedia: Remote Desktop Services
  19. Wikipedia: Remote Desktop Services
  20. Wikipedia: Virtual private network
  21. Wikipedia: Virtual private network
  22. TechNet: VPN Tunneling Protocols
  23. TechNet: Authentication Methods
  24. Wikipedia: Point-to-Point Tunneling Protocol
  25. Wikipedia: Apple Remote Desktop
  26. Wikipedia: Application virtualization
  27. Wikipedia: Challenge-Handshake Authentication Protocol
  28. Wikipedia: Citrix XenApp
  29. Wikipedia: Extensible Authentication Protocol
  30. Wikipedia: Generic Routing Encapsulation
  31. Wikipedia: Layer 2 Tunneling Protocol
  32. Wikipedia: MS-CHAP
  33. Wikipedia: NAT traversal
  34. Wikipedia: Network address translation
  35. Wikipedia: Password authentication protocol
  36. Wikipedia: Peer Name Resolution Protocol
  37. Wikipedia: Point-to-Point Tunneling Protocol
  38. Wikipedia: Remote Desktop Services
  39. Wikipedia: RemoteFX
  40. Wikipedia: Secure Socket Tunneling Protocol
  41. Wikipedia: Remote Desktop Services
  42. Wikipedia: Tunneling protocol
  43. Wikipedia: Virtual Network Computing
  44. Wikipedia: Wake-on-LAN

Lesson 11 - Virtualization

edit

This lesson covers virtualization. Activities include adding the Hyper-V role, creating virtual machines. working with snapshots, and converting physical machines to virtual machines.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Roles portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand server virtualization: virtualization modes; VHDs; virtual memory; virtual networks; snapshots and saved states; physical to virtual; virtual to physical

Readings

edit
  1. Wikipedia: Virtualization
  2. Wikipedia: Hyper-V
  3. Hyper-V Technology Overview
  4. Top 7 Hyper-V Features in Windows Server 2019
  5. Wikipedia: VHD (file format)
  6. Wikipedia: Virtual memory
  7. Managing VM RAM better with Hyper-V dynamic memory
  8. Wikipedia: Virtual network
  9. Plan for Hyper-V networking in Windows Server
  10. Wikipedia: Snapshot (computer storage)
  11. Top 10 Facts About Hyper-V Snapshots
  12. Wikipedia: Physical-to-Virtual
  13. Run Hyper-V in a Virtual Machine with Nested Virtualization

Multimedia

edit
  1. YouTube: How to Install and Configure Hyper-V on Windows Server 2019
  2. YouTube: Create a Virtual Machine in Microsoft Hyper-V Manager
  3. YouTube: Implementing Windows Server 2019 Hyper-V : Virtual Hard Drive Formats and Types
  4. YouTube: CheckPoints in Hyper-V Server 2016

Activities

edit
  1. Review Hyper-V Technology Overview. Review how it works and some of its features
  2. Review Install the Hyper V Role. Add the Hyper-V role.
  3. Review Create a Virtual Machine. Create a Virtual Machine.
  4. Review Supported Guest Operating Systems . Review and report on the supported Operating Systems in Hyper V
  5. Review Create a virtual switch for Hyper V Create a virtual switch. Describe the different types of switches you can create.

Lesson Summary

edit
  • Virtualization is the simulation of a hardware platform, operating system, storage device, or network resources using software.[2]
  • In hardware virtualization, the host machine is the actual machine on which the virtualization takes place, and the guest machine is the virtual machine.[2]
  • The software or firmware that creates a virtual machine on the host hardware is called a hypervisor or virtual machine manager.[2]
  • Hyper-V is Microsoft's hypervisor, available in in two variants: a free stand-alone product called Hyper-V Server, and an installable role in Windows Server 2019 and later as well as the x64 edition of Windows 10 Pro.[3]
  • The Hyper-V role may be added to either full or server core installations.[3]
  • Hyper-V is a kernel mode (Ring 0)[4] hypervisor rather than a user mode (Ring 3) hypervisor, resulting in better virtual machine isolation and better performance.[3]
  • Hyper-V requires a minimum of 4 GB of RAM, but each virtual machine running on the Hyper-V server requires its own memory.[3]
  • Hyper-V uses the VHD (.vhd) virtual hard disk file format, with Windows Server 2012 and above also supporting the newer .vhdx format.[3]
  • The VHD file format may contain what is found on physical hard disk drives, such as disk partitions and file systems, which in turn can contain folders and files.[5]
  • VHD files have a maximum limit of 2 TB for the size of any dynamic or differencing VHD.[5]
  • Windows 10 and Windows 2019 operating systems support creating, mounting, and booting from VHD files.[5]
  • Virtual memory is a memory management technique developed for multitasking kernels that allows the operating system to use secondary storage as virtual memory address space and move memory pages between physical memory and virtual storage as needed.[6]
  • A virtual network is a computer network that consists, at least in part, of virtual rather than physical network links. The two most common forms of network virtualization are protocol-based virtual networks such as VLANs, and virtual device networks such as those connecting virtual machines inside a hypervisor.[7]
  • Basic networking in Hyper-V is fairly simple. It uses two parts - a virtual switch and a virtual networking adapter. [8]
  • Physical-to-Virtual ("P2V") describes the process of decoupling and migrating a physical server's operating system (OS), applications, and data from a physical server to a virtual machine guest hosted on a virtualized platform.[9]
  • Microsoft provides the SysInternals disk2vhd utility for manually creating virtual images of Windows computers, and System Center Virtual Machine Manager (SCVMM) for automated P2V capability.[9]
  • Dynamic memory is a Microsoft Hyper-V feature first introduced in Windows Server 2008 R2 SP1 and expanded in Windows Server 2012. This technology allows hypervisor to handle RAM consumption by host VMs in a flexible way, if possible. For example, hypervisor can dynamically add more RAM to a VM when the guest-OS needs it, or to reclaim excess back when a VM goes idle.[10]
  • Microsoft has added new features to Hyper V in Server 2019. One of these is the Windows Admin Center. Windows Admin Center is a server management solution which allows you to easily manage your servers as well as hyper-converged infrastructure from a single pane of glass.[11]
  • Nested virtualization is a feature that allows you to run Hyper-V inside of a Hyper-V virtual machine (VM). [12]

Key Terms

edit
autonomic computing
The self-managing characteristics of distributed computing resources, adapting to unpredictable changes while hiding intrinsic complexity to operators and users.[13]
guest machine
A virtual computer which is run by a host machine.[14]
host machine
A physical computer on which virtualization takes place.[14]
hypervisor
A piece of computer software, firmware or hardware that creates and runs virtual machines.[14]
link aggregation
Various methods of combining (aggregating) multiple network connections in parallel to increase throughput beyond what a single connection could sustain, and to provide redundancy in case one of the links fails.[15]
NIC teaming
Another name for link aggregation.[15]
snapshot
The state of a system at a particular point in time.[16]
thin client
A computer or computer program which depends heavily on some other computer (its server) to fulfill its computational roles.[17]
thrashing
A computer's virtual memory subsystem is in a constant state of paging, resulting in degraded system performance.[18]
virtual LAN (VLAN)
A single layer-2 network which is partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers.[19]
virtual machine (VM)
A software implemented abstraction of the underlying hardware which is presented to the application layer of the system.[20]
virtual machine monitor (VMM)
Another name for hypervisor.[14]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Virtualization is the simulation of _____ using software.
    Virtualization is the simulation of a hardware platform, operating system, storage device, or network resources using software.
  2. In hardware virtualization, the _____ is the actual machine on which the virtualization takes place, and the _____ is the virtual machine.
    In hardware virtualization, the host machine is the actual machine on which the virtualization takes place, and the guest machine is the virtual machine.
  3. The software or firmware that creates a virtual machine on the host hardware is called a _____ or _____.
    The software or firmware that creates a virtual machine on the host hardware is called a hypervisor or virtual machine manager.
  4. Hyper-V is Microsoft's _____, available in in two variants: a _____ called Hyper-V Server, and an _____ in Windows Server 2019 and later as well as the x64 edition of Windows 10 Pro.
    Hyper-V is Microsoft's hypervisor, available in in two variants: a free stand-alone product called Hyper-V Server, and an installable role in Windows Server 2008 and later as well as the x64 edition of Windows 8 Pro.
  5. The Hyper-V role may be added to either _____ or _____ installations.
    The Hyper-V role may be added to either full or server core installations.
  6. Hyper-V is a _____ mode (Ring 0) hypervisor rather than a _____ mode (Ring 3) hypervisor, resulting in better _____ and better _____.
    Hyper-V is a kernel mode (Ring 0) hypervisor rather than a user mode (Ring 3) hypervisor, resulting in better virtual machine isolation and better performance.
  7. Hyper-V requires a minimum of _____ of RAM, but each virtual machine running on the Hyper-V server requires its own memory.
    Hyper-V requires a minimum of 4 GB of RAM, but each virtual machine running on the Hyper-V server requires its own memory.
  8. Hyper-V uses the _____ file format, with Windows Server 2019 and above also supporting the newer _____ format.
    Hyper-V uses the VHD (.vhd) virtual hard disk file format, with Windows Server 2019 and above also supporting the newer .vhdx format.
  9. The VHD file format may contain what is found on physical hard disk drives, such as _____, which in turn can contain _____.
    The VHD file format may contain what is found on physical hard disk drives, such as disk partitions and file systems, which in turn can contain folders and files.
  10. VHD files have a maximum limit of _____ TB for the size of any dynamic or differencing VHD.
    VHD files have a maximum limit of 2 TB for the size of any dynamic or differencing VHD.
  11. Windows 10 and Windows 2019 operating systems support _____, _____, and _____ from VHD files.
    Windows 10 and Windows 2019 operating systems support creating, mounting, and booting from VHD files.
  12. Virtual memory is a memory management technique developed for _____ kernels that allows the operating system to use _____ as virtual memory address space and move memory pages between _____ and _____ as needed.
    Virtual memory is a memory management technique developed for multitasking kernels that allows the operating system to use secondary storage as virtual memory address space and move memory pages between physical memory and virtual storage as needed.
  13. A virtual network is a computer network that consists, at least in part, of _____ network links. The two most common forms of network virtualization are _____, and _____.
    A virtual network is a computer network that consists, at least in part, of virtual rather than physical network links. The two most common forms of network virtualization are protocol-based virtual networks such as VLANs, and virtual device networks such as those connecting virtual machines inside a hypervisor.
  14. Basic networking in Hyper-V is fairly simple. It uses two parts - a virtual ______ and a virtual _________ _______.
    Basic networking in Hyper-V is fairly simple. It uses two parts - a virtual switch and a virtual networking adapter.
  15. Physical-to-Virtual ("P2V") describes the process of _____.
    Physical-to-Virtual ("P2V") describes the process of decoupling and migrating a physical server's operating system (OS), applications, and data from a physical server to a virtual machine guest hosted on a virtualized platform.
  16. Microsoft provides the SysInternals _____ utility for manually creating virtual images of Windows computers, and _____ for automated P2V capability.
    Microsoft provides the SysInternals disk2vhd utility for manually creating virtual images of Windows computers, and System Center Virtual Machine Manager (SCVMM) for automated P2V capability.
  17. Dynamic memory is a Microsoft Hyper-V feature first introduced in Windows Server 2008 R2 SP1 and expanded in Windows Server 2012. This technology allows hypervisor to handle ___ consumption by host VMs in a flexible way, if possible. For example, hypervisor can ___________ add more RAM to a VM when the ________ needs it, or to reclaim excess back when a VM goes idle.
    Dynamic memory is a Microsoft Hyper-V feature first introduced in Windows Server 2008 R2 SP1 and expanded in Windows Server 2012. This technology allows hypervisor to handle RAM consumption by host VMs in a flexible way, if possible. For example, hypervisor can dynamically add more RAM to a VM when the guest-OS needs it, or to reclaim excess back when a VM goes idle.
  18. Microsoft has added new features to Hyper V in Server 2019. One of these is the Windows Admin Center. Windows Admin Center is a server management solution which allows you to easily manage your _______ as well as hyper-converged infrastructure from a single pane of glass.
    Microsoft has added new features to Hyper V in Server 2019. One of these is the Windows Admin Center. Windows Admin Center is a server management solution which allows you to easily manage your servers as well as hyper-converged infrastructure from a single pane of glass.
  19. Nested virtualization is a feature that allows you to run ________ inside of a Hyper-V virtual _______
    Nested virtualization is a feature that allows you to run Hyper-V inside of a Hyper-V virtual machine.

Flashcards

edit

See Also

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 12 - Application Servers

edit

This lesson covers application servers, including Microsoft Exchange, SQL Server, SharePoint, and Forefront Threat Management Gateway. Activities include reviewing application server documentation, researching application server licensing costs, and downloading and experimenting with pre-built application server virtual hard drives.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Roles portion of Windows Server Administration Fundamentals certification include:[1]

  • Identify application servers: mail servers; database servers; collaboration servers; monitoring servers; threat management

Readings

edit
  1. Wikipedia: Application server
  2. Wikipedia: Microsoft Exchange Server
  3. What's new in Exchange Server
  4. Wikipedia: Microsoft SQL Server
  5. Introducing SQL Server 2019
  6. Wikipedia: Microsoft SharePoint
  7. Wikipedia: System Center Operations Manager

Multimedia

edit
  1. YouTube: Exchange 2019 Architecture
  2. YouTube: Introducing SQL Server 2019
  3. YouTube: What is SharePoint and why Organizations use SharePoint?
  4. YouTube: What's new in System Center?

Activities

edit
  1. Review Exchange Server Archictecture. Summarize the architecture of Exchange and describe the different roles.
  2. Review Microsoft SQL Server. Using your preferred software vendor, identify costs for Microsoft SQL Server server and client licenses.
  3. Review Get started with SharePoint. Review the things that can be done in SharePoint. Using your preferred software vendor, identify costs for Microsoft SharePoint server and client licenses.
  4. Review Operations Manager. Using your preferred software vendor, identify costs for Microsoft System Center Operation Manager server and client licenses.
  5. Review Windows and Containers. What is a container? What is the difference between a Container and a Virtual Machine?
  6. Review How to Install Containers on Windows Server 2019 Install a Container, Docker, and test it.

Lesson Summary

edit
  • An application server can be either a software framework that provides a generalized approach to creating an application-server implementation or the server portion of a specific implementation instance.[2]
  • The Windows Application Server role includes Internet Information Services (IIS) to provide web server support, the .NET Framework to provide application support, ASP.NET to provide server side scripting, COM+ for application component communication, Message Queuing for multithreaded processing, and the Windows Communication Foundation (WCF) for application communication.[3]
  • Microsoft Exchange Server is a mail server, calendaring software and contact manager.[4]
  • Exchange Server supports SMTP for sending mail, POP3 and IMAP4 for accessing mail, and an HTTP/HTTPS interface known as Outlook Web Access for reading mail.[5]
  • Unlike other Office Server 2019 products such as SharePoint and Skype for Business, Exchange Server 2019 can only be deployed on Windows Server 2019. [6]
  • One of the key features of the new release is that Exchange Server 2019 can be deployed onto Windows Server Core for the first time. [7]
  • Exchange Server 2019 includes important changes to improve the security of client and server connections. The default configuration for encryption will enable TLS 1.2 only and disable support for older algorithms (namely, DES, 3DES, RC2, RC4 and MD5). [8]
  • Microsoft SQL Server is a relational database management system used to store and retrieve data as requested by other software applications.[9]
  • SQL Server's primary query languages are T-SQL and ANSI SQL.[10]
  • SQL Server 2017 introduced support for running on Linux Operating Systems. [11]
  • Microsoft SharePoint is a web application platform for web-based content and document collaboration and management.[12]
  • SharePoint uses Microsoft SQL Server for its data storage.[13]
  • Microsoft's hosted SharePoint is typically bundled in Microsoft 365 subscriptions, but can be licensed separately. SharePoint Online has the advantage of not needing to maintain one's own servers, but as a result lacks the customization options of a self-hosted installation of SharePoint. [14]
  • Microsoft System Center Operations Manager (SCOM) is a cross-platform data center management system for operating systems and hypervisors. It uses a single interface that shows state, health and performance information of computer systems and may generate alerts based on availability, performance, configuration or security situations.[15]
  • Containers are a technology for packaging and running Windows and Linux applications across diverse environments on-premises and in the cloud. [16]

Key Terms

edit
software framework
A universal, reusable software platform to develop applications, products and solutions.[17]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. An application server can be either _____ or _____.
    An application server can be either a software framework that provides a generalized approach to creating an application-server implementation or the server portion of a specific implementation instance.
  2. The Windows Application Server role includes _____ to provide web server support, _____ to provide application support, _____ to provide server side scripting, _____ for application component communication, _____ for multithreaded processing, and _____ for application communication.
    The Windows Application Server role includes Internet Information Services (IIS) to provide web server support, the .NET Framework to provide application support, ASP.NET to provide server side scripting, COM+ for application component communication, Message Queuing for multithreaded processing, and the Windows Communication Foundation (WCF) for application communication.
  3. Microsoft Exchange Server is a _____ server, _____ software and _____ manager.
    Microsoft Exchange Server is a mail server, calendaring software and contact manager.
  4. Exchange Server supports _____ for sending mail, _____ and _____ for accessing mail, and _____ known as Outlook Web Access for reading mail.
    Exchange Server supports SMTP for sending mail, POP3 and IMAP4 for accessing mail, and an HTTP/HTTPS interface known as Outlook Web Access for reading mail.
  5. Unlike other Office Server 2019 products such as __________ and Skype for Business, Exchange Server 2019 can only be deployed on Windows Server ____.
    Unlike other Office Server 2019 products such as SharePoint and Skype for Business, Exchange Server 2019 can only be deployed on Windows Server 2019.
  6. One of the key features of the new release is that Exchange Server 2019 can be deployed onto Windows Server ____ for the first time.
    One of the key features of the new release is that Exchange Server 2019 can be deployed onto Windows Server Core for the first time.
  7. Exchange Server 2019 includes important changes to improve the security of client and server connections. The default configuration for encryption will enable ___ ___ only and disable support for older algorithms (namely, DES, 3DES, RC2, RC4 and MD5).
    Exchange Server 2019 includes important changes to improve the security of client and server connections. The default configuration for encryption will enable TLS 1.2 only and disable support for older algorithms (namely, DES, 3DES, RC2, RC4 and MD5).
  8. Microsoft SQL Server is a _____ used to store and retrieve data as requested by other software applications.
    Microsoft SQL Server is a relational database management system used to store and retrieve data as requested by other software applications.
  9. SQL Server's primary query languages are _____ and _____.
    SQL Server's primary query languages are T-SQL and ANSI SQL.
  10. SQL Server 2017 introduced support for running on _____ Operating Systems.
    SQL Server 2017 introduced support for running on Linux Operating Systems.
  11. Microsoft SharePoint is a web application platform for _____.
    Microsoft SharePoint is a web application platform for web-based content and document collaboration and management.
  12. SharePoint uses _____ for its data storage.
    SharePoint uses Microsoft SQL Server for its data storage.
  13. Microsoft's hosted SharePoint is typically bundled in Microsoft 365 subscriptions, but can be licensed separately. SharePoint Online has the advantage of not needing to maintain one's own _______, but as a result lacks the _____________ options of a ____-______ installation of SharePoint.
    Microsoft's hosted SharePoint is typically bundled in Microsoft 365 subscriptions, but can be licensed separately. SharePoint Online has the advantage of not needing to maintain one's own servers, but as a result lacks the customization options of a self-hosted installation of SharePoint.
  14. Microsoft System Center Operations Manager (SCOM) is a _____. It uses a single interface that shows _____ of computer systems and may generate alerts based on _____.
    Microsoft System Center Operations Manager (SCOM) is a cross-platform data center management system for operating systems and hypervisors. It uses a single interface that shows state, health and performance information of computer systems and may generate alerts based on availability, performance, configuration or security situations.
  15. __________ are a technology for packaging and running Windows and _____ applications across diverse environments on-premises and in the cloud.
    Containers are a technology for packaging and running Windows and Linux applications across diverse environments on-premises and in the cloud.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 13 - Troubleshooting

edit

This lesson covers server troubleshooting. Activities include using Event Viewer, Safe Mode, and System Configuration to view and troubleshoot server issues.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Maintenance portion of Windows Server Administration Fundamentals certification include:[1]

  • Identify steps in the startup process: bios; boot sector; bootloader; MBR; boot.ini; bcdedit; POST; Safe Mode
  • Understand troubleshooting methodology: processes; procedures; best practices; systematic vs. specific approach; perfmon; Event Viewer; Resource Monitor; Information Technology Infrastructure Library; central logging; event filtering; default logs

Readings

edit
  1. Wikipedia: Troubleshooting
  2. Wikipedia: Upgrade
  3. Wikipedia: Power-on self-test
  4. Wikipedia: Booting
  5. Wikipedia: Windows NT 6 startup process
  6. Wikipedia: Safe mode
  7. Wikipedia: Windows Preinstallation Environment
  8. Wikipedia: MSConfig
  9. Wikipedia: Event Viewer
  10. Wikipedia: Information Technology Infrastructure Library

Multimedia

edit
  1. YouTube: How PC Boots | Explained in Detail
  2. YouTube: FIX The boot configuration data store could not be opened in PowerShell Windows 10
  3. YouTube: The Windows 10 Recovery Environment
  4. YouTube: Clean Windows 10 StartUp with MSConfig
  5. YouTube: Event Viewer & Windows Logs
  6. YouTube: How to use Event Viewer in Windows Admin Center website
  7. YouTube: Understanding Windows 10 boot and UEFI
  8. YouTube: Advanced troubleshooting for Windows 10 boot problems
  9. YouTube: Advanced Troubleshooting Windows 10 Startup Settings
  10. YouTube: How to boot Windows 10 into Recovery Mode using a DVD or flash drive
  11. YouTube: How to boot Windows 10 into "Startup Settings"

Activities

edit
  1. Review Event Viewer Filtering. Filter the System and Application logs for warnings or errors that occurred during the last 24 hours. Filter the Security log for audit failures that occurred during the last 24 hours.
  2. Review Understanding Troubleshooting. Research any warnings, errors, or audit failures you found above and then use the DETECT method to troubleshoot these issues.
  3. Review Recovering Windows Servers. Access the advanced boot options on your test server. Describe what you see and experiment with them.
  4. Review Windows Recovery Environment. Access the Windows Recovery Environment and review the options available.
  5. Review Check Windows System Configuration. Use System Configuration to view your current system startup settings. Investigate any services or startup items you are not familiar with.

Lesson Summary

edit
  • Troubleshooting is a logical, systematic search for the source of a problem so that it can be solved, and so the product or process can be made operational again. Troubleshooting requires identification of the malfunction(s) or symptoms within a system. Then, experience is commonly used to generate possible causes of the symptoms. Determining the most likely cause is a process of elimination - eliminating potential causes of a problem. Finally, troubleshooting requires confirmation that the solution restores the product or process to its working state.[2]
  • A basic principle in troubleshooting is to start from the simplest and most probable possible problems first.[3]
  • Serial substitution involves checking each component in a system one by one, substituting known good components for each potentially suspect one.[4]
  • Bisection involves separating a larger system into two or more subsystems to isolate and identify problems and causes.[5]
  • One of the core principles of troubleshooting is that reproducible problems can be reliably isolated and resolved.[6]
  • Intermittent problems are often the result of components that are thermally sensitive, because the resistance of a circuit varies with the temperature of the conductors in it.[7]
  • Troubleshooters must always consider the possibility that there is more than one fault causing a given system failure.[8]
  • One approach to troubleshooting is known as the DETECT method - Discover the problem, Evaluate the system, Track potential solutions, Execute a plan, Check results, and Take a proactive approach to prevent the problem from reoccurring.[9]
  • It may be necessary to modify BOIS settings or update or flash the BIOS or other firmware in order to troubleshoot operating system and driver installation issues.[10]
  • Upgrades of software introduce the risk that the new version (or patch) will contain a bug, causing the program to malfunction in some way or not to function at all.[11]
  • The current Windows boot sequence is to complete the Power-On Self Test and then load the Windows Boot Manager, winload.exe, ntoskrnl.exe, and then any required boot-class device drivers.[12]
  • Safe Mode starts Windows with a minimal set of drivers and services to troubleshoot startup problems. Safe mode is accessed by pressing the F8 key during the boot process.[13][14]
  • Advanced startup options available by pressing the F8 key during the boot process include Repair your computer, Safe mode, Safe mode with networking, Safe mode with command prompt, Enable boot logging, Enable low resolution video (640 × 480), Last Known Good Configuration (advanced), Directory services restore mode, Debugging mode, Disable automatic restart on system failure, Disable Driver Signature Enforcement, and Start Windows normally.[15]
  • Event Viewer is a Windows application that lets administrators and users view the event logs on a local or remote machine. Default Windows logs include System, Security, and Application.[16]
  • The Event Collector service can automatically forward event logs to other remote systems on a configurable schedule.[17]
  • Event logs may be filtered manually or through XML and may be filtered by time, level, source, event ID, category, key word, user, or computer.[18]
  • The Information Technology Infrastructure Library (ITIL) is a set of practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business. ITIL describes processes, procedures, tasks and checklists to be used by organizations for establishing integration with the organization's strategy, delivering value and maintaining a minimum level of competency. It allows the organization to establish a baseline from which it can plan, implement, measure, and demonstrate compliance.[19]
  • ITIL 4, which was released in 2019, maintains the same focus on automating processes, improving service management and integrating the IT department into the business. [20]

Key Terms

edit
Boot Configuration Data (BCD)
A firmware-independent database for boot-time configuration used by the Windows Boot Manager.[21]
BCDEdit
A command-line tool used to view and alter boot configuration data.[22]
boot.ini
A file containing the menu entries presented by NTLDR used in Windows XP, Windows Server 2003 and prior Windows NT-based operating systems.[23][24]
boot loader
A relatively small program and data stored in read-only memory (ROM) used to access nonvolatile device or devices from which the operating system programs and data can be loaded into RAM.[25]
boot sector
A region of a hard disk, floppy disk, optical disc, or other data storage device that contains machine code to be loaded into random-access memory (RAM) by a computer system's built-in firmware in order to allow the startup process of a computer to load a program stored on the same storage device.[26]
intermittent fault
A malfunction of a device or system that occurs at intervals, usually irregular, in a device or system that functions normally at other times.[27]
MSconfig (System Configuration)
A system utility used to troubleshoot the Microsoft Windows startup process.[28]
Power-On Self-Test (POST)
A set of routines which run immediately after many digital electronic devices are powered on to set an initial value for internal and output signals and to execute internal tests, as determined by the device manufacturer.[29]
safe mode
A diagnostic mode of a computer operating system (OS) with reduced functionality that provides access to utility and diagnostic programs so a user can troubleshoot what is preventing the operating system from working normally.[30]
System File Checker
A utility in Microsoft Windows that allows users to scan for and restore corruptions in Windows system files.[31]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Troubleshooting is a _____ search for the _____ of a problem so that it can be solved, and so the product or process can be made operational again. Troubleshooting requires _____ of the malfunction(s) or symptoms within a system. Then, _____ is commonly used to generate _____ of the symptoms. Determining the most likely cause is _____. Finally, troubleshooting requires _____ that the solution restores the product or process to its working state.
    Troubleshooting is a logical, systematic search for the source of a problem so that it can be solved, and so the product or process can be made operational again. Troubleshooting requires identification of the malfunction(s) or symptoms within a system. Then, experience is commonly used to generate possible causes of the symptoms. Determining the most likely cause is a process of elimination - eliminating potential causes of a problem. Finally, troubleshooting requires confirmation that the solution restores the product or process to its working state.
  2. A basic principle in troubleshooting is to start _____.
    A basic principle in troubleshooting is to start from the simplest and most probable possible problems first.
  3. Serial substitution involves _____.
    Serial substitution involves checking each component in a system one by one, substituting known good components for each potentially suspect one.
  4. Bisection involves _____.
    Bisection involves separating a larger system into two or more subsystems to isolate and identify problems and causes.
  5. One of the core principles of troubleshooting is that _____ problems can be reliably isolated and resolved.
    One of the core principles of troubleshooting is that reproducible problems can be reliably isolated and resolved.
  6. Intermittent problems are often the result of _____, because _____.
    Intermittent problems are often the result of components that are thermally sensitive, because the resistance of a circuit varies with the temperature of the conductors in it.
  7. Troubleshooters must always consider the possibility that _____ is causing a given system failure.
    Troubleshooters must always consider the possibility that more than one fault is causing a given system failure.
  8. One approach to troubleshooting is known as the DETECT method - _____ the problem, _____ the system, _____ potential solutions, _____ a plan, _____ results, and _____ a proactive approach to prevent the problem from reoccurring.
    One approach to troubleshooting is known as the DETECT method - Discover the problem, Evaluate the system, Track potential solutions, Execute a plan, Check results, and Take a proactive approach to prevent the problem from reoccurring.
  9. It may be necessary to modify _____ settings or update or flash _____ in order to troubleshoot operating system and driver installation issues.
    It may be necessary to modify BOIS settings or update or flash the BIOS in order to troubleshoot operating system and driver installation issues.
  10. The current Windows boot sequence is to complete _____ and then load _____, _____, _____, and then _____.
    The current Windows boot sequence is to complete the Power-On Self Test and then load the Windows Boot Manager, winload.exe, ntoskrnl.exe, and then any required boot-class device drivers.
  11. Safe Mode starts Windows with _____ to troubleshoot startup problems. Safe mode is accessed by pressing the _____ key during the boot process.
    Safe Mode starts Windows with a minimal set of drivers and services to troubleshoot startup problems. Safe mode is accessed by pressing the F8 key during the boot process.
  12. Advanced startup options available by pressing the F8 key during the boot process include _____.
    Advanced startup options available by pressing the F8 key during the boot process include Repair your computer, Safe mode, Safe mode with networking, Safe mode with command prompt, Enable boot logging, Enable low resolution video (640 × 480), Last Known Good Configuration (advanced), Directory services restore mode, Debugging mode, Disable automatic restart on system failure, Disable Driver Signature Enforcement, and Start Windows normally.
  13. Event Viewer is a Windows application that lets administrators and users _____. Default Windows logs include _____, _____, and _____.
    Event Viewer is a Windows application that lets administrators and users view the event logs on a local or remote machine. Default Windows logs include System, Security, and Application.
  14. The Event Collector service can automatically _____.
    The Event Collector service can automatically forward event logs to other remote systems on a configurable schedule.
  15. Event logs may be filtered _____ or through _____ and may be filtered by _____.
    Event logs may be filtered manually or through XML and may be filtered by time, level, source, event ID, category, key word, user, or computer.
  16. The Information Technology Infrastructure Library (ITIL) is _____ that focuses on _____. ITIL describes _____, _____, _____ and _____ to be used by organizations for establishing integration with the organization's strategy, delivering value and maintaining a minimum level of competency. It allows the organization to establish a _____ from which it can plan, implement, measure, and demonstrate compliance.
    The Information Technology Infrastructure Library (ITIL) is a set of practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business. ITIL describes processes, procedures, tasks and checklists to be used by organizations for establishing integration with the organization's strategy, delivering value and maintaining a minimum level of competency. It allows the organization to establish a baseline from which it can plan, implement, measure, and demonstrate compliance.
  17. ITIL 4, which was released in 2019, maintains the same focus on __________ _________, _________ _______ __________ and integrating the IT department into the business.
    ITIL 4, which was released in 2019, maintains the same focus on automating processes, improving service management and integrating the IT department into the business.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 14 - Performance

edit

This lesson covers server performance. Activities include using Task Manager, Resource Monitor, and Performance Monitor to monitor server performance.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Performance Management portion of Windows Server Administration Fundamentals certification include:[1]

  • Identify major server hardware components: memory; disk; processor; network; 32 / 64 bits; removable drives; graphic cards; cooling; power usage; ports
  • Understand performance monitoring: methodology; procedures; effect of network, CPU, memory and disk; creating a baseline; perfmon; resmon; Task Manager; performance counters
  • Understand logs and alerts: purpose of performance logs and alerts

Readings

edit
  1. Wikipedia: Computer performance
  2. Wikipedia: Windows Task Manager
  3. Wikipedia: Resource Monitor
  4. Wikipedia: System Monitor
  5. Wikipedia: Hardware performance counter
  6. Wikipedia: Performance tuning

Multimedia

edit
  1. YouTube: How to monitor server performance with Windows Admin Center
  2. System Insights overview
  3. YouTube: How and why to change the Paging File in Windows 10
  4. Microsoft: Windows Performance Analyzer
  5. YouTube: Windows Performance Analyzer - Tutorial

Activities

edit
  1. Review Testlimit v5.24. Download TestLimit to simulate performance issues and report on some of your results.
  2. Review Show disk performance metrics on Windows Server 2016 Task Manager. Use Windows Task Manager to monitor disk performance. This should be the same on Server 2019
  3. Review Introducing the new Performance Monitor for Windows Download and Install the Admin Center if not already installed. Create some graphs and report on the performance tools included.
  4. Review Windows Performance Monitor Overview. Use Resource Monitor to monitor server performance.
  5. Review New Performance Monitor for Windows Server. Use Performance Monitor to monitor server performance.
  6. Review Windows Performance Monitor Overview. Use Performance Monitor to monitor a remote server through the network.
  7. Review Windows Performance Monitor Overview. Use Performance Monitor to create a Data Collector set and record a performance baseline.
  8. Consider the impact on CPU and memory performance with performance monitoring.
  9. Consider the impact on disk performance with recording of performance logs.
  10. Consider the impact on network performance with remote performance monitoring.

Lesson Summary

edit
  • Computer performance is characterized by the amount of useful work accomplished by a computer system compared to the time and resources used.[2]
  • Performance monitoring measures how quickly a computer completes specific tasks.[3]
  • Overall system performance should be determined before monitoring individual applications and processes.[4]
  • As an extension of performance monitoring, performance analysis may be used for capacity planning.[5]
  • Task Manager (also known as taskman) shows realtime applications, processes, services, performance (CPU and memory) and network utilization, as well as logged-in users.[6]
  • Resource Monitor (also known as resmon) shows realtime processor (CPU), memory, disk, and network utilization.[7]
  • Performance Monitor (also known as System Monitor and perfmon) may be customized to display any available performance counter and can record performance log files for later viewing.[8]
  • Hardware performance counters are a set of special-purpose registers built into modern microprocessors to store the counts of hardware-related activities within computer systems. Software performance counters work similarly based on values stored in RAM.[9]
  • Performance tuning requires identifying potential bottlenecks, measuring existing performance, modifying the system to improve performance, then measuring the system after modification to verify improvement.[10]
  • Performance Monitor can record performance logs and trigger alerts based on performance counter values. Performance logs may also be used to record a performance baseline.[11]
  • Performance monitoring may itself impact performance by using processor, memory, disk, and network resources.[12]
  • System Insights is a new predictive analytics feature in Windows Server 2019.[13]
  • System Insights runs completely locally on Windows Server. Using new functionality introduced in Windows Server 2019, all of your data is collected, persisted, and analyzed directly on your machine, allowing you to realize predictive analytics capabilities without any cloud-connectivity.[14]

Key Terms

edit
bandwidth
A measurement of bit-rate of available or consumed data communication resources expressed in bits per second or multiples of it (bit/s, kbit/s, Mbit/s, Gbit/s, etc.).[15]
baseline
A single work product or set of work products that can be used as a logical basis for comparison and subsequent activity selection.[16]
bottleneck
A phenomenon where the performance or capacity of an entire system is limited by a single or limited number of components or resources.[17]
paging
A memory-management scheme by which a computer can store and retrieve data from secondary storage for use in main memory.[18]
response time
The time a system or functional unit takes to react to a given input.[19]
throughput
The average rate of successful message delivery over a communication channel.[20]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Computer performance is characterized by _____ accomplished by a computer system compared to _____.
    Computer performance is characterized by the amount of useful work accomplished by a computer system compared to the time and resources used.
  2. Performance monitoring measures _____.
    Performance monitoring measures how quickly a computer completes specific tasks.
  3. Overall system performance should be determined before _____.
    Overall system performance should be determined before monitoring individual applications and processes.
  4. As an extension of performance monitoring, _____ may be used for capacity planning.
    As an extension of performance monitoring, performance analysis may be used for capacity planning.
  5. Task Manager (also known as _____) shows _____.
    Task Manager (also known as taskman) shows realtime applications, processes, services, performance (CPU and memory) and network utilization, as well as logged-in users.
  6. Resource Monitor (also known as _____) shows _____.
    Resource Monitor (also known as resmon) shows realtime processor (CPU), memory, disk, and network utilization.
  7. Performance Monitor (also known as _____ and _____) may be customized to display _____ and can _____.
    Performance Monitor (also known as System Monitor and perfmon) may be customized to display any available performance counter and can record performance log files for later viewing.
  8. Hardware performance counters are _____ built into modern microprocessors to _____. Software performance counters work similarly based on _____.
    Hardware performance counters are a set of special-purpose registers built into modern microprocessors to store the counts of hardware-related activities within computer systems. Software performance counters work similarly based on values stored in RAM.
  9. Performance tuning requires _____, _____, _____, then _____.
    Performance tuning requires identifying potential bottlenecks, measuring existing performance, modifying the system to improve performance, then measuring the system after modification to verify improvement.
  10. Performance Monitor can record _____ and trigger _____ based on _____. Performance logs may also be used to _____.
    Performance Monitor can record performance logs and trigger alerts based on performance counter values. Performance logs may also be used to record a performance baseline.
  11. Performance monitoring may itself impact _____ by using _____.
    Performance monitoring may itself impact performance by using processor, memory, disk, and network resources.
  12. System Insights is a new __________ _________ feature in Windows Server 2019.
    System Insights is a new predictive analytics feature in Windows Server 2019.
  13. System Insights runs completely ________ on Windows Server. Using new functionality introduced in Windows Server 2019, all of your data is collected, persisted, and analyzed directly on your machine, allowing you to realize __________ ________ capabilities without any _____-connectivity.
    System Insights runs completely locally on Windows Server. Using new functionality introduced in Windows Server 2019, all of your data is collected, persisted, and analyzed directly on your machine, allowing you to realize predictive analytics capabilities without any cloud-connectivity.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.

Lesson 15 - Reliability

edit

This lesson covers server reliability through maintenance and business continuity practices. Activities include using Windows Server Backup, Active Directory Restore Mode, and Windows Server Update Services.

Objectives and Skills

edit

Objectives and skills for the Understanding Server Maintenance portion of Windows Server Administration Fundamentals certification include:[1]

  • Understand business continuity: backup and restore; disaster recovery; clustering; AD restore; folder redirection; data redundancy; uninterruptible power supply (UPS)
  • Understand updates: software; driver; operating systems; applications; Windows Update; Windows Server Update Service (WSUS)

Readings

edit
  1. Wikipedia: Backup
  2. Wikipedia: Backup rotation scheme
  3. Wikipedia: Shadow Copy
  4. Volume Shadow Copy Service
  5. Wikipedia: Disaster recovery
  6. Wikipedia: High-availability cluster
  7. Wikipedia: Directory Services Restore Mode
  8. Directory Services Restore Mode
  9. Enable Active Directory Recycle Bin in Windows server 2019
  10. Wikipedia: Windows Server Update Services

Multimedia

edit
  1. YouTube: Windows Server 2016 - Full Backups, Active Directory System State Backups And Restore
  2. YouTube: How to Backup Active Directory Database in Windows Server 2019
  3. YouTube: How to enable the Active Directory recycle bin in Windows Server 2019
  4. Youtube: Server 2016 And 2012 R2 - Volume Shadow Copies Setup
  5. YouTube: How to install and configure WSUS in Windows server 2019

Activities

edit
  1. Review Windows Server Backup: Installation, Features and Limitations. Install the Windows Server Backup role and create a backup. Delete one or more user files and then restore the files.
  2. Review Volume Shadow Copy Service Overview. Configure shadow copies and access previous versions of files.
  3. Review How to enable Active Directory Recycle Bin Enable the Recycle Bin in Active Directory and recover a deleted object.
  4. Review How to Restore Active Directory from a Backup?. Create one or more user accounts in Active Directory. Perform a System State backup. Delete the user accounts. Restart the server in Directory Services Restore Mode and restore Active Directory to restore the deleted user accounts.
  5. Review How to Install and Configure WSUS on Windows Server 2019. Add the Windows Server Update Service role. Configure the server to download updates for Windows clients. Use Group Policy to configure clients to retrieve updates from WSUS.

Lesson Summary

edit
  • Backing up refers to the copying and archiving of computer data so it may be used to restore the original after a data loss event.[2]
  • Backups are used to either recover data after loss or recover data from an earlier time.[3]
  • To protect against a disaster or other site-specific problem, an off-site backup should be maintained.[4]
  • Though backups represent a part of a disaster recovery plan, by themselves, backups should not alone be considered disaster recovery.[5]
  • A full backup contains a complete system image from a specific point in time. Restoring from a full backup requires access to the full backup.[6]
  • An incremental backup contains changes between points in time. An incremental backup strategy starts with a full backup. Restoring from an incremental backup requires access to the full backup and each incremental backup taken since the full backup.[7]
  • A differential backup contains changes made since the last full backup. A differential backup strategy starts with a full backup. Restoring from a differential backup requires access to the full backup and the last differential backup taken since the full backup.[8]
  • A backup rotation scheme is used to maintain multiple backup copies while minimizing the amount of removable storage media required. Backup rotation schemes include First In-First Out and Grandfather-Father-Son.[9]
  • A shadow copy, implemented through the Volume Snapshot Service (VSS), allows taking manual or automatic backup copies or snapshots of data on a specific volume at a specific point in time even with a usage lock on the data file. It is used both for Windows Server Backup and for providing previous versions of files in the Windows Explorer.[10]
  • The Volume Snapshot Service is managed using the vssadmin command to create, list or delete volume shadow copies and list installed shadow copy writers and providers.[11]
  • Disaster recovery is the process, policies and procedures that are related to preparing for recovery or continuation of technology infrastructure which are vital to an organization after a natural or human-induced disaster.[12]
  • A good disaster recover plan includes preventive measures, detective measures, and corrective measures that are documented and tested regularly.[13]
  • Preventive measures include data redundancy, surge protection, use of an uninterruptible power supply (UPS) and perhaps backup generator, fire prevention and surpression systems, and anti-virus software and other security measures.[14]
  • While most businesses would prefer zero data loss and zero time loss, the cost associated with that level of protection may make the desired high availability solutions impractical. A cost-benefit analysis often dictates which disaster recovery measures are implemented.[15]
  • High-availability clusters are groups of computers that support server applications with a minimum of down-time by detecting hardware/software faults, and immediately restarting the application on another system without requiring administrative intervention through a process known as failover.[16]
  • Cluster notes may be configured as Active-Active or Active-Passive. Active nodes provide load balancing. Passive nodes provide redundancy only.[17]
  • Directory Services Restore Mode is used to restart a domain controller and restore Active Directory from a domain controller System State backup.[18]
  • Active Directory provides the ability to managing objects including creation, deletion, and modification or granting permission on network resources. At the same time, there could be instances where these objects are deleted accidentally. Restoring such deleted objects can be a cumbersome task for the system administrators. Thus to enable easy recovery of deleted objects, Microsoft introduced Active Directory Recycle Bin in Windows 2008 R2 Server and since 2008 R2 it continues in later windows such as Windows 2012, Windows 2016 and now in windows 2019.[19]
  • Prior to the introduction of AD Recycle Bin feature, there were two ways to restore deleted objects, Authoritative Restore and Tombstone Reanimation (Both features still exist in current Windows Server).[20]
  • Windows Server Update Services (WSUS) is a server service developed by Microsoft that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS downloads these updates from the Microsoft Update website and then distributes them to computers on a network.[21]

Key Terms

edit
business continuity
The activities performed by an organization to ensure that critical business functions will be available, and performed daily to maintain service, consistency, and recoverability.[22]
computer cluster
A set of connected computers that work together so that in many respects they can be viewed as a single system, deployed to improve performance and availability over that of a single computer.[23]
data corruption
Errors in computer data that occur during writing, reading, storage, transmission, or processing, which introduce unintended changes to the original data.[24]
data retention
The policies of persistent data and records management for meeting legal and business data archival requirements.[25]
disaster recovery plan
A documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster.[26]
file locking
A mechanism that restricts access to a computer file by allowing only one user or process access at any specific time.[27]
high availability
A system design approach and associated service implementation that ensures a prearranged level of operational performance will be met during a contractual measurement period.[28]
hot site
A duplicate of the original site of the organization, with full computer systems as well as near-complete and near-current backups of user data.[29]
hot patch
A patch that can be applied without shutting down and restarting the system or program concerned to reduce unavailability of service.[30]
link aggregation
The combining of multiple network connections in parallel to increase throughput beyond what a single connection could sustain, and to provide redundancy in case one of the links fails.[31]
load balancing
A method for distributing workloads across multiple computers or a computer cluster, network links, central processing units, disk drives, or other resources.[32]
NIC teaming
Another name for link aggregation.[33]
patch
A patch is a piece of software designed to fix problems with, or update a computer program or its supporting data.[34]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. Backing up refers to _____ so it may be _____.
    Backing up refers to the copying and archiving of computer data so it may be used to restore the original after a data loss event.
  2. Backups are used to either _____ or _____.
    Backups are used to either recover data after loss or recover data from an earlier time.
  3. To protect against a disaster or other site-specific problem, _____.
    To protect against a disaster or other site-specific problem, an off-site backup should be maintained.
  4. Though backups represent a part of a disaster recovery plan, by themselves, backups _____.
    Though backups represent a part of a disaster recovery plan, by themselves, backups should not alone be considered disaster recovery.
  5. A full backup contains _____. Restoring from a full backup requires _____.
    A full backup contains a complete system image from a specific point in time. Restoring from a full backup requires access to the full backup.
  6. An incremental backup contains _____. An incremental backup strategy starts with _____. Restoring from an incremental backup requires _____.
    An incremental backup contains changes between points in time. An incremental backup strategy starts with a full backup. Restoring from an incremental backup requires access to the full backup and each incremental backup taken since the full backup.
  7. A differential backup contains _____. A differential backup strategy starts with _____. Restoring from a differential backup requires _____.
    A differential backup contains changes made since the last full backup. A differential backup strategy starts with a full backup. Restoring from a differential backup requires access to the full backup and the last differential backup taken since the full backup.
  8. A backup rotation scheme is used to _____ while _____. Backup rotation schemes include _____ and _____.
    A backup rotation scheme is used to maintain multiple backup copies while minimizing the amount of removable storage media required. Backup rotation schemes include First In-First Out and Grandfather-Father-Son.
  9. A shadow copy, implemented through _____, allows _____ on a specific volume at a specific point in time even with _____. It is used both for _____ and for providing _____.
    A shadow copy, implemented through the Volume Snapshot Service (VSS), allows taking manual or automatic backup copies or snapshots of data on a specific volume at a specific point in time even with a usage lock on the data file. It is used both for Windows Server Backup and for providing previous versions of files in the Windows Explorer.
  10. The Volume Snapshot Service is managed using the _____ command to _____, _____ or _____ volume shadow copies and list _____.
    The Volume Snapshot Service is managed using the vssadmin command to create, list or delete volume shadow copies and list installed shadow copy writers and providers.
  11. Disaster recovery is the _____ that are related to preparing for recovery or continuation of technology infrastructure which are vital to an organization after a natural or human-induced disaster.
    Disaster recovery is the process, policies and procedures that are related to preparing for recovery or continuation of technology infrastructure which are vital to an organization after a natural or human-induced disaster.
  12. A good disaster recover plan includes _____ measures, _____ measures, and _____ measures that are documented and tested regularly.
    A good disaster recover plan includes preventive measures, detective measures, and corrective measures that are documented and tested regularly.
  13. Preventive measures include _____, _____, use of _____, _____, and _____.
    Preventive measures include data redundancy, surge protection, use of an uninterruptible power supply (UPS) and perhaps backup generator, fire prevention and surpression systems, and anti-virus software and other security measures.
  14. While most businesses would prefer zero data loss and zero time loss, the _____ associated with that level of protection may make the desired high availability solutions impractical. A _____ often dictates which disaster recovery measures are implemented.
    While most businesses would prefer zero data loss and zero time loss, the cost associated with that level of protection may make the desired high availability solutions impractical. A cost-benefit analysis often dictates which disaster recovery measures are implemented.
  15. High-availability clusters are _____ that _____ with _____ by _____ without requiring _____ through a process known as _____.
    High-availability clusters are groups of computers that support server applications with a minimum of down-time by detecting hardware/software faults, and immediately restarting the application on another system without requiring administrative intervention through a process known as failover.
  16. Cluster notes may be configured as _____ or _____. Active nodes provide _____. Passive nodes provide _____.
    Cluster notes may be configured as Active-Active or Active-Passive. Active nodes provide load balancing. Passive nodes provide redundancy only.
  17. Active Directory provides the ability to managing objects including creation, deletion, and modification or granting permission on network resources. At the same time, there could be instances where these objects are deleted accidentally. Restoring such deleted objects can be a cumbersome task for the system administrators. Thus to enable easy recovery of deleted objects, Microsoft introduced Active Directory _______ ___in Windows ____ __ Server and it continues in later windows such as Windows 2012, Windows 2016 and now in windows 2019
    Active Directory provides the ability to managing objects including creation, deletion, and modification or granting permission on network resources. At the same time, there could be instances where these objects are deleted accidentally. Restoring such deleted objects can be a cumbersome task for the system administrators. Thus to enable easy recovery of deleted objects, Microsoft introduced Active Directory Recycle Bin in Windows 2008 R2 Server and it continues in later windows such as Windows 2012, Windows 2016 and now in windows 2019
  18. Prior to the introduction of AD Recycle Bin feature, there were two ways to restore deleted objects, _____________ _______ and _________ ___________ (Both features still exist in current Windows Server)
    Prior to the introduction of AD Recycle Bin feature, there were two ways to restore deleted objects, Authoritative Restore and Tombstone Reanimation (Both features still exist in current Windows Server)
  19. Directory Services Restore Mode is used to _____.
    Directory Services Restore Mode is used to restart a domain controller and restore Active Directory from a domain controller System State backup.
  20. Windows Server Update Services (WSUS) is _____. WSUS downloads these updates from _____ and then _____.
    Windows Server Update Services (WSUS) is a server service developed by Microsoft that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS downloads these updates from the Microsoft Update website and then distributes them to computers on a network.

Flashcards

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.