About the Book
Competency-based learning for the academic
classroom.
Developed for academic courses, MICROSOFT®
WINDOWS® 2000 NETWORK INFRASTRUCTURE ADMINISTRATION helps students
build the skills they need on the job and for MCP Exam 70-216—a core requirement
on the Windows 2000 MCSE track. The textbook delivers Microsoft courseware
adaptable for either a full 16-week semester or a 6-week, 8-week, or 10-week
course. The book is filled with competency-based practice exercises that
students complete on their own, while the companion lab manual features
additional skill-building activities ideal for your classroom’s computer
lab.
Along with the textbook and lab manual,
students get a Student CD-ROM containing study aids, simulation video clips
that demonstrate common procedures, an electronic version of the textbook,
and detailed information on how to begin a career in Information Technology.
An Instructor CD-ROM containing a complete
set of instructor support materials—including lecture outlines, teaching
tips, PowerPointâ slides, test banks, and an instructor lab manual—is
also available.
An electronic version of this book is available
on the companion CD.
Related Books
ALS Designing a Microsoft® Windows®
2000 Directory Services Infrastructure
ALS Microsoft® Windows® 2000 Server
ALS Networking Essentials Plus, Third
Edition
Table of Contents
About This Book
i
Intended Audience xv
Prerequisites xvi
Reference Materials xvi
About the CD-ROM xvi
Features of This Book xvi
Notes xvii
Conventions xvii
Chapter and Appendix Overview
xviii
Finding the Best Starting
Point for You xx
Where to Find Specific Skills
in This Book xxi
Getting Started xxiv
Hardware Requirements xxiv
Software Requirements xxv
Setup Instructions xxv
The Microsoft Certified
Professional Program xxxiv
Microsoft Certification
Benefits xxxv
Requirements for Becoming
a Microsoft Certified Professional xxxvi
Technical Training for Computer
Professionals xxxvii
Technical Support xxxviii
Chapter 1 Designing a Windows
2000 Network 1
About This Chapter 1
Before You Begin 1
Lesson 1: Network Services Overview 2
TCP/IP 2
Domain Name System 2
Dynamic Host Configuration Protocol 3
Windows Internet Name Service 4
Remote Access Overview 4
Network Address Translator 6
Certificate Services 7
Lesson Summary 8
Lesson 2: Developing a Network Implementation Plan 9
Operating System Considerations 9
Phases of Deployment 11
Hardware Considerations 12
Interaction with Legacy Systems 12
Network Protocol Considerations 12
Lesson Summary 13
Lesson 3: Common Protocols Supported by Windows 2000 14
Transmission Control Protocol/Internet Protocol 14
NWLink 18
NetBEUI 19
AppleTalk 19
Data Link Control 19
Infrared Data Association 19
Lesson Summary 20
Review 21
Chapter 2 Implementing TCP/IP
23
About This Chapter 23
Before You Begin 23
Lesson 1: TCP/IP Overview 24
Benefits of TCP/IP 24
Architectural Overview of the TCP/IP Protocol Suite 26
Transmission Control Protocol 29
Internet Protocol (IP) 29
User Datagram Protocol 30
Lesson Summary 30
Lesson 2: Internet Protocol Addressing 31
The IP Address 31
Dotted-Decimal Notation 33
IP Address Conversion from Binary to Decimal 33
Address Classes 34
IP Address Guidelines 35
Lesson Summary 36
Lesson 3: Microsoft TCP/IP Installation and Configuration 37
Installing TCP/IP 37
Practice: Installing the TCP/IP Protocol 37
Configuring TCP/IP 38
Testing TCP/IP with Ipconfig and PING 41
Configuring Packet Filters 43
Practice: Implementing IP Packet Filters 43
Lesson Summary 44
Lesson 4: Basic Concepts of IP Routing 45
Overview of Routing 45
Static and Dynamic IP Routing 47
Practice: Updating a Windows 2000-Based Routing Table 47
Lesson Summary 50
Review 51
Chapter 3 Implementing NWLink
53
About This Chapter 53
Before You Begin 53
Lesson 1: Introducing NWLink 54
Interoperability with NetWare 54
NWLink and Windows 2000 55
NWLink Architecture 56
Lesson Summary 60
Lesson 2: Using Gateway Service for NetWare 61
Gateway Service for NetWare Overview 61
Understanding Gateway Service for NetWare and Gateways 61
Installing Gateway Service for NetWare 62
Creating a Gateway 64
Connecting Directly to NetWare Resources 66
Lesson Summary 66
Lesson 3: Using Client Service for NetWare 67
NetWare Connectivity 67
Choosing Between Client Service forNetWare and Gateway Service for NetWare
67
Configuring Client Service for NetWare 68
Lesson Summary 69
Lesson 4: Installing and Configuring NWLink 70
Windows 2000 Professional and NetWare Connectivity 70
Internal Network Number 71
Frame Type and Network Number 72
Configuring NWLink 74
Practice: Installing and Configuring NWLink 75
Lesson Summary 76
Review 77
Chapter 4 Monitoring Network
Activity b
About This Chapter 79
Before You Begin 79
Lesson 1: Introducing Network Monitor 80
Understanding Network Monitor 80
Practice: Installing Network Monitor 80
Lesson Summary 82
Lesson 2: Using Network Monitor 83
Examining Frames 83
Viewing Data 83
Using Display Filters 86
Reviewing Captured Data 87
Practice: Capturing Frames with Network Monitor 89
Network Monitor Performance Issues 89
Detecting Network Monitor 89
Lesson Summary 90
Lesson 3: Windows 2000 Administration Tools 91
Windows 2000 Administration Capabilities 91
Terminal Services 91
Simple Network Management Protocol (SNMP) 95
Lesson Summary 97
Review 98
Chapter 5 Implementing IPSec
99
About This Chapter 99
Before You Begin 99
Lesson 1: Introducing and Enabling IPSec 100
Internet Protocol Security 100
In-Depth Defense 101
Benefits of IPSec 101
IP Security Process 104
IPSec Architecture 104
Considerations for IPSec 107
Lesson Summary 108
Lesson 2: Configuring IPSec 109
Prerequisites for Implementing IPSec 109
How to Implement IPSec 109
Configuring IPSec Policies 109
Connection Types 110
Authentication Method 111
IP Packet Filtering 112
Filter Actions 115
Additional IPSec Tasks 116
Practice: Testing IPSec 117
Lesson Summary 118
Lesson 3: Customizing IPSec Policies and Rules 119
Policy-Based Security 119
IP Filters and Filter Specifications 120
Security Methods and Negotiation Policies 121
IPSec Through Firewalls 122
IPSec Through NAT and Proxies 122
Other IPSec Considerations 123
TCP/IP Properties 125
Practice: Building a Custom IPSec Policy 125
Lesson Summary 128
Lesson 4: Monitoring IPSec 129
IPSec Management and Troubleshooting Tools 129
Using Network Monitor 131
Practice: Using Network Monitor to View Clear Text Traffic 131
Practice: Using Network Monitor to View Encrypted Traffic 132
Practice: Using Diagnostic Aids 133
Lesson Summary 134
Review 135
Chapter 6 Resolving Network Host
Names b
About This Chapter 137
Before You Begin 137
Lesson 1: TCP/IP Naming Schemes 138
Windows 2000 Naming Schemes 138
Lesson Summary 139
Lesson 2: Host Names 140
Understanding Host Names 140
Purpose of Host Names 140
Host Name Resolution 141
Lesson Summary 145
Lesson 3: The Hosts File 146
Understanding the HOSTS File 146
Advantage of Using a HOSTS File 147
Practice: Working with the HOSTS File and DNS 147
Lesson Summary 148
Review 149
Chapter 7 Implementing Domain
Name System (DNS) 151
About This Chapter 151
Before You Begin 151
Lesson 1: Introducing DNS 152
DNS Origins 152
DNS and Windows 2000 152
How DNS Works 153
The Structure of DNS 154
Zones 155
Name Server Roles 156
Lesson Summary 157
Lesson 2: Name Resolution and DNS Files 158
Recursive Queries 158
Iterative Queries 158
Inverse Queries 159
Caching and Time to Live 160
DNS Configuration Files 160
The Reverse Lookup File 161
The Cache File 162
The Boot File 162
Lesson Summary 163
Lesson 3: Planning a DNS Implementation 164
DNS Considerations 164
Registering with the Parent Domain 164
Practice: Implementing DNS 165
Lesson Summary 171
Lesson 4: Installing DNS 172
Practice: Installing the DNS Server Service 172
Troubleshooting DNS with NSLOOKUP 174
Lesson Summary 176
Lesson 5: Configuring DNS 177
Configuring DNS Server Properties 177
Adding DNS Domains and Zones 179
Practice: Configuring a DNS Server 180
Adding Resource Records 181
Configuring Reverse Lookup 182
Lesson Summary 182
Review 183
Chapter 8 Using Windows 2000
Domain Name Service 185
About This Chapter 185
Before You Begin 185
Lesson 1: Working with Zones 186
Delegating Zones 186
Configuring Zones for Dynamic Update 189
Practice: Enabling Dynamic Updates 190
Lesson Summary 191
Lesson 2: Working with Servers 192
Overview of DNS Servers and Caching 192
Implementing a Caching-Only Server 192
Monitoring DNS Server Performance 194
Practice: Testing a Simple Query on a DNS Server 194
Lesson Summary 196
Review 197
Chapter 9 Implementing Windows
Internet Name Service (WINS).. 199
About This Chapter 199
Before You Begin 199
Lesson 1: Introduction to WINS 200
Name Resolution with NetBIOS 200
WINS Overview 203
WINS and Windows 2000 204
Lesson Summary 205
Lesson 2: The WINS Resolution Process 206
Resolving NetBIOS Names with WINS 206
Name Registration 207
Name Renewal 208
Name Release 209
Name Query and Name Response 210
Lesson Summary 211
Lesson 3: Implementing WINS 212
When to Use WINS 212
Considerations for WINS Servers 213
WINS Requirements 213
Using Static Mappings 214
Practice: Configuring a WINS Client 216
Troubleshooting WINS 217
Managing and Monitoring WINS 219
Lesson Summary 219
Lesson 4: Configuring WINS Replication 220
Replication Overview 220
Configuring a WINS Server as a Push or Pull Partner 220
Configuring Database Replication 221
Practice: Performing WINS Database Replication 222
Backing Up the WINS Database 224
Lesson Summary 225
Review 226
Chapter 10 Implementing Dynamic
Host Configuration Protocol (DHCP).. 227
About This Chapter 227
Before You Begin 227
Lesson 1: Introducing and Installing DHCP 228
DHCP Overview 228
How DHCP Works 229
Installing a DHCP Server 233
Ipconfig 234
DHCP Relay Agent 236
Lesson Summary 236
Lesson 2: Configuring DHCP 237
Using DHCP on a Network 237
Installing and Configuring a DHCP Server 238
Implementing Multiple DHCP Servers 243
Lesson Summary 244
Lesson 3: Integrating DHCP with Naming Services 245
DNS and DHCP 245
Lesson Summary 248
Lesson 4: Using DHCP with Active Directory 249
Windows 2000 Integrated IP Management 249
Rogue DHCP Server Detection Feature 250
Lesson Summary 250
Lesson 5: Troubleshooting DHCP 251
Preventing DHCP Problems 251
Troubleshooting DHCP Clients 252
Troubleshooting DHCP Servers 255
Moving the DHCP Server Database 257
Lesson Summary 258
Review 259
Chapter 11 Providing Your Clients
Remote Access Service (RAS).. 261
About This Chapter 261
Before You Begin 261
Lesson 1: Introducing Remote Access Service 262
Overview of Remote Access Service 262
Routing and Remote Access Features 263
Enabling Routing and Remote Access 265
Practice: Installing a Routing and Remote Access Server 266
Remote Access Versus Remote Control 267
Lesson Summary 269
Lesson 2: Configuring a Routing and Remote Access Server 270
Allowing Inbound Connections 270
Creating a Remote Access Policy (RAP) 271
Practice: Creating a New Remote Access Policy 274
Configuring a Remote Access Profile 275
Practice: Creating a Policy Filter 276
Configuring Bandwidth Allocation Protocol (BAP) 277
Lesson Summary 278
Lesson 3: Implementing IP Routing on a Remote Access Server 279
Installing IP Routing 279
Practice: Enabling and Configuring a Routing and Remote Access Server 279
Updating the Routing Tables 280
Implementing Demand-Dial Routing 282
Lesson Summary 285
Lesson 4: Supporting Virtual Private Networks 286
Implementing a VPN 286
Integrating VPN in a Routed Environment 288
Integrating VPN Servers with the Internet 288
Practice: Creating VPN Interfaces 290
Lesson Summary 291
Lesson 5: Supporting Multilink Connections 292
Point-to-Point Protocol 292
Multilink PPP 292
Lesson Summary 293
Lesson 6: Using Routing and Remote Access with DHCP 295
Routing and Remote Access and DHCP 294
DHCP Relay Agent 294
Practice: Configuring the DHCP Relay Agent to Work over Routing and Remote
Access 295
Lesson Summary 295
Lesson 7: Managing and Monitoring Remote Access 296
Logging User Authentication and Accounting Requests 296
Accounting 298
Netsh Command-Line Tool 299
Network Monitor 300
Resource Kit Utilities 300
Lesson Summary 301
Review 302
Chapter 12 Supporting Network
Address Translation (NAT).. 303
About This Chapter 303
Before You Begin 303
Lesson 1: Introducing NAT 304
Network Address Translation 304
Public and Private Addresses 305
How NAT Works 307
NAT Processes in Windows 2000 Routing and Remote Access 309
Additional NAT Routing Protocol Components 312
Lesson Summary 313
Lesson 2: Installing Internet Connection Sharing 314
Internet Connection Sharing 314
Internet Connection Sharing and NAT 317
Troubleshooting Connection Sharing (NAT) 318
Lesson Summary 319
Lesson 3: Installing and Configuring NAT 320
Network Address Translation Design Considerations 320
Virtual Private Networks and NATs 324
Lesson Summary 325
Review 326
Chapter 13 Implementing Certificate
Services 327
About This Chapter 327
Before You Begin 327
Lesson 1: Introducing Certificates 328
Overview of Certificates 328
Enterprise and Stand-Alone CAs 330
Types of CAs 331
Lesson Summary 332
Lesson 2: Installing and Configuring Certificate Authority 333
Deploying a CA 333
Protecting a CA 334
Certificate Enrollment 334
Practice: Installing a Stand-Alone Subordinate CA 337
Certificate Renewal 339
Certificate and Key Recovery 339
Lesson Summary 341
Lesson 3: Managing Certificates 342
Revoked Certificates 342
Issued Certificates 342
Pending Requests 342
Failed Requests 342
How a Certificate Is Issued 343
Certificate Revocation 343
Practice: Revoking a Certificate 344
EFS Recovery Policy 344
Practice: Changing a Recovery Policy 345
Lesson Summary 346
Review 347
Chapter 14 Implementing Enterprise-Wide
Network Security 349
About This Chapter 349
Before You Begin 349
Lesson 1: Implementing Network Security 350
Planning for Network Security 350
Planning Distributed Network Security 353
Internet Connection Issues 354
Microsoft Proxy Server 355
Lesson Summary 356
Lesson 2: Configuring Routing and Remote Access Security 357
Overview of Remote Access 357
Configuring Protocols for Security 358
Practice: Using Security Protocols for a Virtual Private Network Connection
359
Creating Remote Access Policies 360
Using Encryption Protocols 361
Lesson Summary 363
Lesson 3: Monitoring Security Events 364
Monitoring Your Network Security 364
Using Event Viewer to Monitor Security 365
Practice: Recording Failed Logon Attempts 365
Practice: Viewing the Security Log 367
System Monitor 368
The IPSec Monitor Utility 369
Monitoring Security Overhead 370
Lesson Summary 371
Review 372
Appendix A Questions and Answers
375
Glossary 389
Index 415 |
