San Francisco • Paris • Düsseldorf • Soest • London

MCSE:
Windows

®

2000
Network Infrastructure Design
Study Guide

Bill Heldman
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com

Associate Publisher: Neil Edde
Contracts and Licensing Manager: Kristine O’Callaghan
Developmental Editor: Dann McDorman
Editor: Pete Gaughan
Production Editors: Molly Glover and Kylie Johnston
Technical Editors: Carl Dubler and Dave Plummer
Book Designer: Bill Gibson
Graphic Illustrator: Tony Jonick
Electronic Publishing Specialist: Nila Nichols

technically accurate content, based on sampling of text.
SYBEX is an independent entity from Microsoft Corporation, and not affiliated with Microsoft Corporation in any manner.
This publication may be used in assisting students to prepare for a Microsoft Certified Professional Exam. Neither Microsoft
Corporation, its designated review company, nor SYBEX warrants that use of this publication will ensure passing the rel-
evant exam. Microsoft is either a registered trademark or trademark of Microsoft Corporation in the United States and/or
other countries.
TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms
by following the capitalization style used by the manufacturer.
The author and publisher have made their best efforts to prepare this book, and the content is based upon final release soft-
ware whenever possible. Portions of the manuscript may be based upon pre-release versions supplied by software manu-
facturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness
or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchant-
ability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or
indirectly from this book.
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com

To Our Valued Readers:
In recent years, Microsoft’s MCSE program has established itself as the premier computer and net-
working industry certification. Nearly a quarter of a million IT professionals have attained MCSE sta-
tus in the NT 4 track. Sybex is proud to have helped thousands of MCSE candidates prepare for their
exams over these years, and we are excited about the opportunity to continue to provide people with
the skills they’ll need to succeed in the highly competitive IT industry.
For the Windows 2000 MCSE track, Microsoft has made it their mission to demand more of exam
candidates. Exam developers have gone to great lengths to raise the bar in order to prevent a paper-
certification syndrome, one in which individuals obtain a certification without a thorough under-
standing of the technology. Sybex welcomes this new philosophy as we have always advocated a com-
prehensive instructional approach to certification courseware. It has always been Sybex’s mission to

(the "Owner(s)"). You are hereby granted a single-user
license to use the Software for your personal, noncommercial
use only. You may not reproduce, sell, distribute, publish,
circulate, or commercially exploit the Software, or any por-
tion thereof, without the written consent of SYBEX and the
specific copyright owner(s) of any component software
included on this media.
In the event that the Software or components include specific
license requirements or end-user agreements, statements of
condition, disclaimers, limitations or warranties ("End-User
License"), those End-User Licenses supersede the terms and
conditions herein as to that particular Software component.
Your purchase, acceptance, or use of the Software will con-
stitute your acceptance of such End-User Licenses.
By purchase, use or acceptance of the Software you further
agree to comply with all export laws and regulations of the
United States as such laws and regulations may exist from
time to time.

Reusable Code in This Book

The authors created reusable code in this publication
expressly for reuse for readers. Sybex grants readers permis-
sion to reuse for any purpose the code found in this publica-
tion or its accompanying CD-ROM so long as all three
authors are attributed in any application containing the reus-
able code, and the code itself is never sold or commercially
exploited as a stand-alone product.

Software Support

with proof of purchase to:

SYBEX Inc.
Customer Service Department
1151 Marina Village Parkway
Alameda, CA 94501
(510) 523-8233
Fax: (510) 523-2373
e-mail:
WEB: HTTP://WWW.SYBEX.COM
After the 90-day period, you can obtain replacement media
of identical format by sending us the defective disk, proof of
purchase, and a check or money order for $10, payable to
SYBEX.

Disclaimer

SYBEX makes no warranty or representation, either
expressed or implied, with respect to the Software or its con-
tents, quality, performance, merchantability, or fitness for a
particular purpose. In no event will SYBEX, its distributors,
or dealers be liable to you or any other party for direct, indi-
rect, special, incidental, consequential, or other damages
arising out of the use of or inability to use the Software or its
contents even if advised of the possibility of such damage. In
the event that the Software includes an online update feature,
SYBEX further disclaims any obligation to provide this fea-
ture for any specific duration other than the initial posting.
The exclusion of implied warranties is not permitted by some
states. Therefore, the above exclusion may not apply to you.


Acknowledgments

T

hanks to the excellent Sybex crew involved on this book: Dann
McDorman, Pete Gaughan, Kylie Johnston, Molly Glover, Nila Nichols,
Tony Jonick, and a special thanks to Neil Edde for giving me the chance to
“vent the spleen” one more time. Also thanks to the Sybex art and layout
crews, who remain nameless behind the scenes but whose work is so very
important. Readers should know that the editorial staff at Sybex consists of
very patient, extremely diligent, and hard-working souls who strive to make
the books that get published the best quality computer books on the shelves.
Thanks to my technical editors: Carl Dubler, whose sense of humor is
truly original, and Dave Plummer, whose job was doubly hard because he
had to read the final galleys and make changes when the book was just about
ready to ship.
I’d also like to thank God for giving me the ability to write and for creat-
ing the circumstances where I could find a publisher who would let me do so.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com

Introduction

M

icrosoft’s new Microsoft Certified Systems Engineer (MCSE) track
for Windows 2000 is the premier certification for computer industry profes-
sionals. Covering the core technologies around which Microsoft’s future will
be built, the new MCSE certification is a powerful credential for career

administrators. Consider that Windows NT 4 has about 12 million lines of
code, while Windows 2000 has more than 35 million! Much of this code is
needed to deal with the wide range of functionality that Windows 2000
offers.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com

xxx

Introduction

Windows 2000 actually consists of several different versions:

Windows 2000 Professional

The client edition of Windows 2000,
which is comparable to Windows NT Workstation 4, but also includes
the best features of Windows 98 and many new features.

Windows 2000 Server/Windows 2000 Advanced Server

A server edi-
tion of Windows 2000 for small to mid-sized deployments. Advanced
Server supports more memory and processors than Server does.

Windows 2000 Datacenter Server

A server edition of Windows 2000
for large, wide-scale deployments and computer clusters. Datacenter
Server supports the most memory and processors of the three versions.

www.sybex.com

Introduction

xxxi

What Does This Book Cover?

This book contains detailed explanations, hands-on exercises, and review
questions to test your knowledge.
Think of this book as your complete guide to Windows 2000 network
infrastructure design. It begins by covering the most basic concepts, some of
which are more business-oriented in nature—things like how to determine
whether your shop is centralized or decentralized, what its IT makeup is, and
so forth. But we also cover technical material such as routing, DHCP, DNS,
WINS, RRAS, and many more rich features of Windows 2000. We’ll talk a
lot about infrastructure design components, such as:


Installing VPN servers


Configuring RADIUS as a backbone to your VPN deployment


How to install devices on the screened subnet (the DMZ)


How to implement Windows 2000 routing



The topics covered in this book map directly to Microsoft’s official exam
objectives. Each exam objective is covered completely. Because Microsoft
developed similar exam objectives for the three design exams, there is a
degree of overlap between the Sybex books covering these exams. However,
it is important to work through each book in its entirety, viewing any repeated
material as a reminder and a chance to reinforce your understanding of Win-

dows 2000.

How Do You Become an MCSE?

Attaining MCSE certification has always been a challenge. However, in the
past, individuals could acquire detailed exam information—even most of the
exam questions—from online “brain dumps” and third-party “cram”
books or software products. For the new MCSE exams, this simply will not
be the case.
To avoid the “paper-MCSE syndrome” (a devaluation of the MCSE cer-
tification because unqualified individuals manage to pass the exams),
Microsoft has taken strong steps to protect the security and integrity of the
new MCSE track. Prospective MSCEs will need to complete a course of
study that provides not only detailed knowledge of a wide range of topics,
but true skills derived from working with Windows 2000 and related soft-
ware products.
In the new MCSE program, Microsoft is heavily emphasizing hands-on
skills. Microsoft has stated, “Nearly half of the core required exams’ content
demands that the candidate have troubleshooting skills acquired through
hands-on experience and working knowledge.”
Fortunately, if you are willing to dedicate time and effort with Win-
dows 2000, you can prepare for the exams by using the proper tools. If you

MCSE: Windows 2000 Network Infrastructure Design Study Guide


MCSE: Windows 2000 Directory Services Design Study Guide

There are also study guides available from Sybex on additional MCSE
electives.

Exam Requirements

Successful candidates must pass a minimum set of exams that measure tech-
nical proficiency and expertise:


Candidates for MCSE certification must pass seven exams, including
four core operating system exams, one design exam, and two electives.


Candidates who have already passed three Windows NT 4 exams (70-
067, 70-068, and 70-073) may opt to take an “accelerated” exam plus
one core design exam and two electives.

If you do not pass the accelerated exam after one attempt, you must pass the

five core requirements and two electives.

The following table shows the exams a new certification candidate must
pass

. All

of these exams are required:

Exam
#
Title Requirement Met

70-215 Installing, Configuring, and
Administering Microsoft®
Windows® 2000 Server
Core (Operating
System)
70-217 Implementing and Administering a
Microsoft® Windows® 2000
Directory Services Infrastructure
Core (Operating
System)

Exam
#
Title Requirement
Met

70-219 Designing a Microsoft® Windows® 2000
Directory Services Infrastructure
Core (Design)
70-220 Designing Security for a Microsoft®
Windows® 2000 Network
Core (Design)
70-221 Designing a Microsoft® Windows® 2000
Network Infrastructure


For a more detailed description of the Microsoft certification programs,
including a list of current MCSE electives, check Microsoft’s Training and Cer-

tification Web site at

www.microsoft.com/trainingandservices

.

The Windows 2000 Network Infrastructure Design Exam

The Windows 2000 Network Infrastructure Design exam covers concepts
and skills required for the support of Windows 2000 computers. It empha-
sizes the following areas of Windows 2000 support:


Standards and terminology


Planning


Implementation


Troubleshooting
This exam focuses on the business aspects and technical requirements for
creating a functional Windows 2000 network infrastructure. It can be par-
ticular about how administrative tasks are performed in the operating sys-

chased the right third-party exam preparation products, you could even be
quite familiar with the pool of questions you might be asked. As mentioned
earlier, all of this is changing.
In an effort to both refine the testing process and protect the quality of its
certifications, Microsoft has introduced adaptive testing, as well as some
new exam elements. You will not know in advance which type of format you
will see on your exam. These innovations make the exams more challenging,
and they make it much more difficult for someone to pass an exam after simply
“cramming” for it.

Microsoft will be accomplishing its goal of protecting the exams by regularly
adding and removing exam questions, limiting the number of questions that
any individual sees in a beta exam, limiting the number of questions delivered

to an individual by using adaptive testing, and adding new exam elements.

Exam questions may be in multiple-choice or case study–based formats.
You may also find yourself taking an adaptive format exam. Let’s take a
look at the exam question types and adaptive testing, so you can be prepared
for all of the possibilities.

Multiple-Choice Questions

Multiple-choice questions include two main types of questions. One is a
straightforward type that presents a question, followed by several possible
answers, of which one or more is correct.
The other type of multiple-choice question is more complex. This type
presents a set of desired results along with a proposed solution. You must
then decide which results would be achieved by the proposed solution.


Microsoft certification exams. Conventional tests are static, containing a
fixed number of questions. Adaptive tests change, or “adapt,” depending on
your answers to the questions presented.
The number of questions presented in your adaptive test will depend on
how long it takes the exam to ascertain your level of ability (according to the
statistical measurements on which the exam questions are ranked). To deter-
mine a test-taker’s level of ability, the exam presents questions in increasing
or decreasing order of difficulty.

Unlike the previous test format, the adaptive format will

not

allow you to go
back to see a question again. The exam only goes forward. Once you enter
your answer, that’s it—you cannot change it. Be very careful before enter-
ing your answer. There is no time limit for each individual question (only for
the exam as a whole.) Your exam may be shortened by correct answers (and
lengthened by incorrect answers), so there is no advantage to rushing

through questions.

HOW ADAPTIVE EXAMS DETERMINE ABILITY LEVELS

As an example of how adaptive testing works, suppose that you know three
people who are taking the exam: Herman, Sally, and Rashad. Herman
doesn’t know much about the subject, Sally is moderately informed, and
Rashad is an expert.
Herman answers his first question incorrectly, so the exam presents him
with a second, easier question. He misses that, so the exam gives him a few

It saves time by focusing only on the questions needed to determine a
test-taker’s abilities. An exam that might take an hour and a half in the
conventional format could be completed in less than half that time
when presented in adaptive format. The number of questions in an
adaptive exam may be far fewer than the number required by a con-
ventional exam.


It protects the integrity of the exams. By exposing a fewer number of
questions at any one time, it makes it more difficult for individuals to
collect the questions in the exam pools with the intent of facilitating
exam "cramming."


It saves Microsoft and/or the test-delivery company money by reduc-
ing the amount of time it takes to deliver a test.

We recommend that you try the Edge Test Adaptive Exam, which is included

on the CD that accompanies this study guide.

Exam Question Development

Microsoft follows an exam-development process consisting of eight manda-
tory phases. The process takes an average of seven months and involves more
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com

Introduction


tive. These contributors may be past MCP candidates, appropriately
skilled exam development volunteers, or Microsoft employees. Based on
the contributors’ input, the objectives are prioritized and weighted. The
actual exam items are written according to the prioritized objectives.
Contributors are queried about how they spend their time on the job. If
a contributor doesn’t spend an adequate amount of time actually per-
forming the specified job function, his or her data is eliminated from the
analysis. The blueprint survey phase helps determine which objectives to
measure, as well as the appropriate number and types of items to include
on the exam.

Phase 4: Item Development

A pool of items is developed to measure the
blueprinted objective domain. The number and types of items to be writ-
ten are based on the results of the blueprint survey.

Phase 5: Alpha Review and Item Revision

During this phase, a panel of
technical and job-function experts reviews each item for technical accu-
racy, then answers each item, reaching a consensus on all technical issues.
Once the items have been verified as technically accurate, they are edited
to ensure that they are expressed in the clearest language possible.

Phase 6: Beta Exam

The reviewed and edited items are collected into
beta exams. Based on the responses of all beta participants, Microsoft per-
forms a statistical analysis to verify the validity of the exam items and to

Phase 8: Live Exam

As the final phase, the exams are given to candi-
dates. MCP exams are administered by Sylvan Prometric and Virtual Uni-
versity Enterprises (VUE).

Microsoft will regularly add and remove questions from the exams. This is
called item

seeding

. It is part of the effort to make it more difficult for individuals

to merely memorize exam questions passed along by previous test-takers.

Tips for Taking the Windows 2000 Network Infrastructure
Design Exam

Here are some general tips for taking the exam successfully:


Arrive early at the exam center so you can relax and review your study
materials. During your final review, you can look over tables and lists
of exam-related information.

Read the questions carefully. Don’t be tempted to jump to an early
conclusion. Make sure you know exactly what the question is asking.

Answer all questions. Remember that the adaptive format will not
allow you to return to a question. Be very careful before entering your

two hours before test time.
You may also register for your exams online at www.sylvanprometric.com or
www.vue.com.
When you schedule the exam, you will be provided with instructions
regarding appointment and cancellation procedures, ID requirements, and
information about the testing center location. In addition, you will receive a
registration and payment confirmation letter from Sylvan Prometric or VUE.
Microsoft requires certification candidates to accept the terms of a non-
disclosure agreement before taking certification exams.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com
xlii Introduction
What’s on the CD?
With this new book in our best-selling MCSE study guide series, we are
including quite an array of training resources. On the CD are numerous sim-
ulations, practice exams, and flashcards to help you study for the exam. Also
included are the entire contents of the study guide. These resources are
described in the following sections.
The Sybex Ebook for Windows 2000 Network Infrastructure
Design
Many people like the convenience of being able to carry their whole study
guide on a CD. They also like being able to search the text to find specific
information quickly and easily. For these reasons, we have included the
entire contents of this study guide on a CD, in PDF format. We’ve also
included Adobe Acrobat Reader, which provides the interface for the con-
tents, as well as the search capabilities.
The Sybex MCSE Edge Tests
The Edge Tests are a collection of multiple-choice questions that can help
you prepare for your exam. There are three sets of questions:


1.
Study each chapter carefully. Do your best to fully understand the
information.
2.
Answer the review questions at the end of each chapter. If you would
prefer to answer the questions in a timed and graded format, install
the Edge Tests from the CD that accompanies this book and answer
the chapter questions there instead of in the book.
3.
Note which questions you did not understand and study the corre-
sponding sections of the book again.
4.
Make sure you complete the entire book.
5.
Before taking the exam, go through the training resources included on
the CD that accompanies this book. Try the adaptive version that is
included with the Sybex MCSE Edge Test. Review and sharpen your
knowledge with the MCSE Flashcards.
To learn all of the material covered in this book, you will need to study
regularly and with discipline. Try to set aside the same time every day to
study and select a comfortable and quiet place in which to do it. If you work
hard, you will be surprised at how quickly you learn this material. Good luck!
Contacts and Resources
To find out more about Microsoft Education and Certification materials and
programs, to register with Sylvan Prometric or VUE, or to get other useful
information, check the following resources.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction xlv
Microsoft Certification Development Team

Contact Sylvan Prometric to register to take an MCP exam at any of more
than 800 Sylvan Prometric Testing Centers around the world.
Virtual University Enterprises (VUE)
www.vue.com
(888) 837-8616
Contact the VUE registration center to register to take an MCP exam at
one of the VUE Testing Centers.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com

Assessment Questions

1.

Which routing protocols can be configured with auto-static updating?
Choose all correct answers.

A.

RIP for IP

B.

IGMP

C.

RIP for IPX

D.

stragglers may stay behind. What could be the problem?

A.

Bob has a second DHCP server on the network.

B.

The machines are configured with static IP addresses.

C.

There’s a problem with LMHOSTS.

D.

DNS is not configured correctly.

4.

You’re planning on using a VPN setup for your dial-up telecommuters
to access your private network via their ISP and the Internet. You
want to use L2TP. What encryption protocol should you use?

A.

PGP

B.



Change provisioning

D.

Change implementation

6.

Your main headquarters site is in Chicago and you have two smaller
sites, one in Omaha and one in Cheyenne. Both of the smaller sites are
connected to you by fractional T1 lines, and there is a small work-
group server at each site. In thinking about this setup, where is the
most likely single point of failure (SPOF) going to be?

A.

Server at hub site

B.

Server at central site

C.

Router

D.

Frame relay connection

B.

Domain-based roots can be replicated through AD.

C.

Clients of various platforms can host Dfs links.

D.

You can interlink one Dfs link to another.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com