Administrating Windows server 2012(70-411)
Deploy, Manage, and Maintain Servers (17%)
Deploy and manage server images.
This objective may include but is not limited to: Install the Windows Deployment Services (WDS) role; configure and manage boot, install, and discover images; update images with patches, hotfixes, and drivers; install features for offline images
Implement patch management.
This objective may include but is not limited to: Install and configure the Windows Server Update Services (WSUS) role; configure group policies for updates; configure client-side targeting; configure WSUS synchronization; configure WSUS groups
Monitor servers.
This objective may include but is not limited to: Configure Data Collector Sets (DCS); configure alerts; monitor real-time performance; monitor virtual machines (VMs); monitor events; configure event subscriptions; configure network monitoring
Configure File and Print Services (15%)
Configure Distributed File System (DFS).
This objective may include but is not limited to: Install and configure DFS namespaces; configure DFS Replication Targets; configure Replication Scheduling; configure Remote Differential Compression settings; configure staging; configure fault tolerance
Configure File Server Resource Manager (FSRM).
This objective may include but is not limited to: Install the FSRM role; configure quotas; configure file screens; configure reports
Configure file and disk encryption.
This objective may include but is not limited to: Configure Bitlocker encryption; configure the Network Unlock feature; configure Bitlocker policies; configure the EFS recovery agent; manage EFS and Bitlocker certificates including backup and restore
Configure advanced audit policies.
This objective may include but is not limited to: Implement auditing using Group Policy and AuditPol.exe; create expression-based audit policies; create removable device audit policies
Configure Network Services and Access (17%)
Configure DNS zones.
This objective may include but is not limited to: Configure primary and secondary zones; configure stub zones; configure conditional forwards; configure zone and conditional forward storage in Active Directory; configure zone delegation; configure zone transfer settings; configure notify settings
Configure DNS records.
This objective may include but is not limited to: Create and configure DNS Resource Records (RR) including A, AAAA, PTR, SOA, NS, SRV, CNAME, and MX records; configure zone scavenging; configure record options including Time To Live (TTL) and weight; configure round robin; configure secure dynamic updates
Configure VPN and routing.
This objective may include but is not limited to: Install and configure the Remote Access role; implement Network Address Translation (NAT); configure VPN settings; configure remote dial-in settings for users; configure routing
Configure DirectAccess.
This objective may include but is not limited to: Implement server requirements; implement client configuration; configure DNS for Direct Access; configure certificates for Direct Access
Configure a Network Policy Server Infrastructure (14%)
Configure Network Policy Server (NPS).
This objective may include but is not limited to: Configure multiple RADIUS server infrastructures; configure RADIUS clients; manage RADIUS templates; configure RADIUS accounting; configure certificates
Configure NPS policies.
This objective may include but is not limited to: Configure connection request policies; configure network policies for VPN clients (multilink and bandwidth allocation, IP filters, encryption, IP addressing); manage NPS templates; import and export NPS policies
Configure Network Access Protection (NAP).
This objective may include but is not limited to: Configure System Health Validators (SHVs); configure health policies; configure NAP enforcement using DHCP and VPN; configure isolation and remediation of non-compliant computers using DHCP and VPN; configure NAP client settings
Configure and Manage Active Directory (19%)
Configure service authentication.
This objective may include but is not limited to: Create and configure Service Accounts; create and configure Group Managed Service Accounts; create and configure Managed Service Accounts; configure Kerberos delegation; manage Service Principal Names (SPNs)
Configure Domain Controllers.
This objective may include but is not limited to: Configure Universal Group Membership Caching (UGMC); transfer and seize operations masters; install and configure a read-only domain controller (RODC); configure Domain Controller cloning
Maintain Active Directory.
This objective may include but is not limited to: Back up Active Directory and SYSVOL; manage Active Directory offline; optimize an Active Directory database; clean up metadata; configure Active Directory snapshots; perform object- and container-level recovery; perform Active Directory restore
Configure account policies.
This objective may include but is not limited to: Configure domain user password policy; configure and apply Password Settings Objects (PSOs); delegate password settings management; configure local user password policy; configure account lockout settings
Configure and Manage Group Policy (18%)
Configure Group Policy processing.
This objective may include but is not limited to: Configure processing order and precedence; configure blocking of inheritance; configure enforced policies; configure security filtering and WMI filtering; configure loopback processing; configure and manage slow-link processing; configure client-side extension (CSE) behavior
Configure Group Policy settings.
This objective may include but is not limited to: Configure settings including software installation, folder redirection, scripts, and administrative template settings; import security templates; import custom administrative template file; convert administrative templates using ADMX Migrator; configure property filters for administrative templates
Manage Group Policy objects (GPOs).
This objective may include but is not limited to: Back up, import, copy, and restore GPOs; create and configure Migration Table; reset default GPOs; delegate Group Policy management
Configure Group Policy preferences.
This objective may include but is not limited to: Configure Group Policy Preferences (GPP) settings including printers, network drive mappings, power options, custom registry settings, Control Panel settings, Internet Explorer settings, file and folder deployment, and shortcut deployment; configure item-level targeting
Deploy, Manage, and Maintain Servers (17%)
Deploy and manage server images.
This objective may include but is not limited to: Install the Windows Deployment Services (WDS) role; configure and manage boot, install, and discover images; update images with patches, hotfixes, and drivers; install features for offline images
Implement patch management.
This objective may include but is not limited to: Install and configure the Windows Server Update Services (WSUS) role; configure group policies for updates; configure client-side targeting; configure WSUS synchronization; configure WSUS groups
Monitor servers.
This objective may include but is not limited to: Configure Data Collector Sets (DCS); configure alerts; monitor real-time performance; monitor virtual machines (VMs); monitor events; configure event subscriptions; configure network monitoring
Configure File and Print Services (15%)
Configure Distributed File System (DFS).
This objective may include but is not limited to: Install and configure DFS namespaces; configure DFS Replication Targets; configure Replication Scheduling; configure Remote Differential Compression settings; configure staging; configure fault tolerance
Configure File Server Resource Manager (FSRM).
This objective may include but is not limited to: Install the FSRM role; configure quotas; configure file screens; configure reports
Configure file and disk encryption.
This objective may include but is not limited to: Configure Bitlocker encryption; configure the Network Unlock feature; configure Bitlocker policies; configure the EFS recovery agent; manage EFS and Bitlocker certificates including backup and restore
Configure advanced audit policies.
This objective may include but is not limited to: Implement auditing using Group Policy and AuditPol.exe; create expression-based audit policies; create removable device audit policies
Configure Network Services and Access (17%)
Configure DNS zones.
This objective may include but is not limited to: Configure primary and secondary zones; configure stub zones; configure conditional forwards; configure zone and conditional forward storage in Active Directory; configure zone delegation; configure zone transfer settings; configure notify settings
Configure DNS records.
This objective may include but is not limited to: Create and configure DNS Resource Records (RR) including A, AAAA, PTR, SOA, NS, SRV, CNAME, and MX records; configure zone scavenging; configure record options including Time To Live (TTL) and weight; configure round robin; configure secure dynamic updates
Configure VPN and routing.
This objective may include but is not limited to: Install and configure the Remote Access role; implement Network Address Translation (NAT); configure VPN settings; configure remote dial-in settings for users; configure routing
Configure DirectAccess.
This objective may include but is not limited to: Implement server requirements; implement client configuration; configure DNS for Direct Access; configure certificates for Direct Access
Configure a Network Policy Server Infrastructure (14%)
Configure Network Policy Server (NPS).
This objective may include but is not limited to: Configure multiple RADIUS server infrastructures; configure RADIUS clients; manage RADIUS templates; configure RADIUS accounting; configure certificates
Configure NPS policies.
This objective may include but is not limited to: Configure connection request policies; configure network policies for VPN clients (multilink and bandwidth allocation, IP filters, encryption, IP addressing); manage NPS templates; import and export NPS policies
Configure Network Access Protection (NAP).
This objective may include but is not limited to: Configure System Health Validators (SHVs); configure health policies; configure NAP enforcement using DHCP and VPN; configure isolation and remediation of non-compliant computers using DHCP and VPN; configure NAP client settings
Configure and Manage Active Directory (19%)
Configure service authentication.
This objective may include but is not limited to: Create and configure Service Accounts; create and configure Group Managed Service Accounts; create and configure Managed Service Accounts; configure Kerberos delegation; manage Service Principal Names (SPNs)
Configure Domain Controllers.
This objective may include but is not limited to: Configure Universal Group Membership Caching (UGMC); transfer and seize operations masters; install and configure a read-only domain controller (RODC); configure Domain Controller cloning
Maintain Active Directory.
This objective may include but is not limited to: Back up Active Directory and SYSVOL; manage Active Directory offline; optimize an Active Directory database; clean up metadata; configure Active Directory snapshots; perform object- and container-level recovery; perform Active Directory restore
Configure account policies.
This objective may include but is not limited to: Configure domain user password policy; configure and apply Password Settings Objects (PSOs); delegate password settings management; configure local user password policy; configure account lockout settings
Configure and Manage Group Policy (18%)
Configure Group Policy processing.
This objective may include but is not limited to: Configure processing order and precedence; configure blocking of inheritance; configure enforced policies; configure security filtering and WMI filtering; configure loopback processing; configure and manage slow-link processing; configure client-side extension (CSE) behavior
Configure Group Policy settings.
This objective may include but is not limited to: Configure settings including software installation, folder redirection, scripts, and administrative template settings; import security templates; import custom administrative template file; convert administrative templates using ADMX Migrator; configure property filters for administrative templates
Manage Group Policy objects (GPOs).
This objective may include but is not limited to: Back up, import, copy, and restore GPOs; create and configure Migration Table; reset default GPOs; delegate Group Policy management
Configure Group Policy preferences.
This objective may include but is not limited to: Configure Group Policy Preferences (GPP) settings including printers, network drive mappings, power options, custom registry settings, Control Panel settings, Internet Explorer settings, file and folder deployment, and shortcut deployment; configure item-level targeting
