Print Version

Effective: Winter 2014

Advisory: Advisory: C S 60A, 60B.
Grade Type: Letter Grade, the student may select Pass/No Pass
Not Repeatable.
FHGE: Non-GE Transferable: CSU
4 hours lecture, 3 hours laboratory. (84 hours total per quarter)

Student Learning Outcomes -
  • THe student will be able to configure Network Load Balancing (NLB) and failover clustering
Description -
Introduction to configuring advanced services on Windows Server 2012. It provides both lecture and laboratory exercises to enable the student to deploy, manage, and maintain servers, configure file and print services, configure network services and access, configure a network policy server infrastructure, and configure and manage group policy.

Course Objectives -
The student will be able to:
  1. Deploy Advanced Network Services
  2. Describe Advanced File Services
  3. Discuss Dynamic Access Control
  4. Demonstrate Network Load Balancing
  5. Compare Failover Clustering with and without using Hyper-V
  6. Discuss Disaster Recovery
  7. Describe Distributed Active Directory Domain Services Deployments
  8. Demonstrate Active Directory Domain Services Sites and Replication
  9. Use Active Directory Certificate Services
  10. Describe Active Directory Rights Management Services
  11. Analyze and discuss when Active Directory Federation Services should be used
Special Facilities and/or Equipment -
Computer laboratory with Servers to support Microsoft Virtual Machines
Website or course management system with an assignment posting component (through which all lab assignments are to be submitted) and a forum component (where students can discuss course material and receive help from the instructor). This applies to all sections, including on-campus (i.e., face-to-face) offerings.
When taught via Foothill Global Access, a fully functional and maintained course management system through which the instructor and students can interact.
When taught via Foothill Global Access, students must have currently existing e-mail accounts and ongoing access to computers with internet capabilities.

Course Content (Body of knowledge) -
  1. Implementing Advanced Network Services
    1. Configuring Advanced DHCP Features
      1. Overview of DHCP Components
      2. Configuring DHCP Interaction With DNS
      3. Configuring Advanced DHCP Scope Designs
      4. DHCP Integration With IPv6
      5. What Is DHCP Name Protection?
      6. What Is DHCP Failover?
    2. Configuring Advanced DNS Settings
      1. Managing DNS Services
      2. Optimizing DNS Name Resolution
      3. What Is the GlobalName Zone?
      4. Options for Implementing DNS Security
      5. How DNSSEC Works
      6. New DNSSEC Features for Windows Server 2012
  2. Implementing Advanced File Services
    1. Configuring iSCSI Storage
      1. What Is iSCSI?
      2. iSCSI Target Server and iSCSI Initiator
      3. Options for Implementing High Availability for iSCSI
      4. iSCSI Security Options
      5. Demonstration: Configuring an iSCSI Target
      6. Demonstration: Connecting to the iSCSI Storage
      7. Considerations for Implementing iSCSI Storage
    2. Configuring BranchCache
      1. How Does BranchCache Work?
      2. BranchCache Requirements
      3. Configuring BranchCache Server Settings
      4. Configuring BranchCache Client Settings
      5. Monitoring BranchCache
    3. Optimizing Storage Usage
      1. What Is File Server Resource Manager?
      2. What Is File Classification?
      3. What Are Classification Rules?
      4. Demonstration: Configuring File Classification
      5. Options for Storage Optimization in Windows Server 2012
  3. Implementing Dynamic Access Control
    1. Overview of Dynamic Access Control
      1. Foundation Technologies for Dynamic Access Control
      2. Dynamic Access Control vs. Alternative Permissions Technologies
      3. What Is Identity?
      4. What Is a Claim?
      5. What Is a Central Access Policy?
    2. Planning for Dynamic Access Control
      1. Reasons for Implementing Dynamic Access Control
      2. Planning for Central Access Policy
      3. Planning File Classifications
      4. Planning File Access Auditing
      5. Planning Access Denied Assistance
    3. Deploying Dynamic Access Control
      1. Prerequisites for Implementing Dynamic Access Control
      2. Enabling Support in AD DS for Dynamic Access Control
      3. Implementing Claims and Resource Property Objects
      4. Implementing Central Access Rules and Policies
      5. Implementing File Access Auditing
      6. Implementing Access Denied Assistance
      7. Implementing File Classifications
      8. Implementing Central Access Policy Changes
  4. Implementing Network Load Balancing
    1. Overview of NLB
      1. What Is NLB?
      2. How NLB Works
      3. How NLB Works with Server Failures and Recovery
      4. NLB Features in Windows Server 2012
    2. Configuring an NLB Cluster
      1. Deployment Requirements for NLB
      2. Demonstration: Deploying NLB
      3. Configuration Options for NLB
      4. Demonstration: Configuring NLB Affinity and Port Rules
      5. Network Considerations for NLB
    3. Planning an NLB Implementation
      1. Designing Applications and Storage Support for NLB
      2. Considerations for Deploying an NLB Cluster on Virtual Machines
      3. Considerations for Securing NLB
      4. Considerations for Scaling NLB
      5. Considerations for Upgrading NLB Clusters
  5. Implementing Failover Clustering
    1. Overview of Failover Clustering
      1. What Is High Availability?
      2. Failover Clustering in Windows Server 2012
      3. Failover Cluster Components
      4. What Are CSVs?
      5. What Are Failover and Failback?
      6. What Is a Quorum?
      7. Quorum Modes in Windows Server 2012 Failover Clustering
      8. Failover Cluster Networks
      9. Failover Cluster Storage
    2. Implementing a Failover Cluster
      1. Preparing for Failover Cluster Implementation
      2. Hardware Requirements for Failover Cluster Implementation
      3. Network Requirements for Failover Cluster Implementation
      4. Infrastructure Requirements for Failover Cluster Implementation
      5. Software Requirements for Failover Cluster Implementation
      6. Migrating Failover Clusters
    3. Configuring Highly Available Applications and Services on a Failover Cluster
      1. Identifying Cluster Resources and Services
      2. Process for Clustering Server Roles
      3. Demonstration: Clustering a File Server Role
      4. Configuring Failover Cluster Properties
      5. Managing Cluster Nodes
      6. Configuring Application Failover Settings
    4. Maintaining a Failover Cluster
      1. Monitoring Failover Clusters
      2. Backing Up and Restoring Failover Cluster Configuration
      3. Maintaining and Troubleshooting Failover Clusters
      4. What Is Cluster-Aware Updating?
      5. Demonstration: Configuring CAU
    5. Implementing a Multi-Site Failover Cluster
      1. What Is a Multi-Site Failover Cluster?
      2. Prerequisites for Implementing a Multi-Site Failover Cluster
      3. Synchronous and Asynchronous Replication
      4. Selecting a Quorum Mode for Multi-Site Clusters
      5. Process for Configuring a Multi-Site Failover Cluster
      6. Challenges for Implementing a Multi-Site Cluster
  6. Implementing Failover Clustering with Hyper-V
    1. Overview of Integrating Hyper-V with Failover Clustering
      1. Options for Making Virtual Machines Highly Available
      2. How Does a Failover Cluster Work with Hyper-V Nodes?
      3. What Is New in Failover Clustering for Hyper-V in Windows Server 2012
      4. Best Practices for Implementing High Availability in a Virtual Environment
    2. Implementing Hyper-V Virtual Machines on Failover Clusters
      1. Components of Hyper-V Clusters
      2. Prerequisites for Implementing Hyper-V Clusters
      3. Implementing Failover Clustering for Hyper-V Virtual Machines
      4. Configuring CSVs
      5. Implementing Highly Available Virtual Machines on an SMB 3.0 File Share
      6. Demonstration: Implementing Virtual Machines on Clusters (optional)
      7. Considerations for Implementing Hyper-V Clusters
    3. Implementing Hyper-V Virtual Machine Movement
      1. Virtual Machine Migration Options
      2. How Does Virtual Machine and Storage Migration Work?
      3. How Does Live Migration Work?
      4. How Does Hyper-V Replica Work?
      5. Configuring Hyper-V Replica
    4. Managing Hyper-V Virtual Environments by Using VMM
      1. What Is System Center 2012 - Virtual Machine Manager?
      2. Prerequisites for Installing VMM 2012
      3. Private Cloud Infrastructure Components in VMM
      4. Managing Hosts, Host Clusters, and Host Groups with VMM
      5. Deploying Virtual Machines with VMM
      6. What Are Services and Service Templates?
      7. P2V and V2V Migrations
      8. Considerations for Deploying a Highly Available Virtual Machine Manager Server
  7. Implementing Disaster Recovery
    1. Overview of Disaster Recovery
      1. Identifying Disaster Recovery Requirements
      2. What Are Service Level Agreements?
      3. Overview of Enterprise Disaster Recovery Strategies
      4. Disaster Mitigation Strategies
      5. Best Practices for Implementing a Disaster Recovery
    2. Implementing Windows Server Backup
      1. What Needs to be Backed Up?
      2. Backup Types
      3. Backup Technologies
      4. Planning Backup Capacity
      5. Planning Backup Security
      6. What Is Windows Server Backup?
      7. What Is Online Backup?
      8. Considerations for an Enterprise Backup Solution
      9. What Is Data Protection Manager?
    3. Implementing Server and Data Recovery
      1. Back up full server (all volumes)
      2. Back up selected volumes
      3. Back up selected items for backup
      4. Perform a bare-metal recovery
      5. Perform a system state
      6. Back up individual files and folders
      7. Exclude selected files or file types during backup
      8. Select from more storage locations for the backup
      9. Use the Microsoft Online Backup Service
  8. Implementing Distributed Active Directory Domain Services Deployments
    1. Overview of Distributed AD DS Deployments
      1. Overview of AD DS Components
      2. Overview of Domain and Forest Boundaries in an AD DS Structure
      3. Why Implement Multiple Domains?
      4. Why Implement Multiple Forests?
      5. DNS Requirements for Complex AD DS Environments
      6. Options for Upgrading and Coexistence with Previous AD DS Versions
    2. Deploying a Distributed AD DS Environment
      1. Installing a Domain Controller in a New Domain in a Forest
      2. AD DS Domain Functional Levels
      3. AD DS Forest Functional Levels
      4. Upgrading a Previous Version of AD DS to Windows Server 2012
      5. Migrating to Windows Server 2012 AD DS from a Previous Version
      6. Considerations for Implementing a Complex AD DS Environment
    3. Configuring AD DS Trusts
      1. Overview of Different AD DS Trust Types
      2. How Trusts Work Within a Forest
      3. How Trusts Work Between Forests
      4. Configuring Advanced AD DS Trust Settings
  9. Implementing Active Directory Domain Services Sites and Replication
    1. Overview of AD DS Replication
      1. What Are AD DS Partitions?
      2. Characteristics of AD DS Replication
      3. How AD DS Replication Works Within a Site
      4. Resolving Replication Conflicts
      5. How Replication Topology Is Generated
      6. How RODC Replication Works
      7. How SYSVOL Replication Works
    2. Configuring AD DS Sites
      1. What Are AD DS Sites?
      2. Why Implement Additional Sites?
      3. How Replication Works Between Sites
      4. What Is the Inter-Site Topology Generator?
      5. Overview of SRV Records for Domain Controllers
      6. How Client Computers Locate Domain Controllers Within Sites
    3. Configuring and Monitoring AD DS Replication
      1. What Are AD DS Site Links?
      2. What Is Site Link Bridging?
      3. What Is Universal Group Membership Caching?
      4. Controlling Intersite Replication
      5. Options for Configuring Password Replication Policies for RODCs
      6. Tools for Monitoring and Managing Replication
  10. Implementing Active Directory Certificate Services
    1. PKI Overview
      1. What Is PKI?
      2. Components of a PKI Solution
      3. What Are CAs?
      4. Overview of the AD CS Server Role in Windows Server 2012
      5. What is New in AD CS in Windows Server 2012
      6. Public vs. Private CAs
      7. What Is a Cross-Certification Hierarchy?
    2. Deploying CAs
      1. Options for Implementing CA Hierarchies
      2. Standalone vs. Enterprise CAs
      3. Considerations for Deploying a Root CA
      4. Considerations for Deploying a Subordinate CA
      5. How to Use the CAPolicy.inf File for Installation
    3. Deploying and Managing Certificate Templates
      1. What Are Certificate Templates?
      2. Certificate Template Versions in Windows Server 2012
      3. Configuring Certificate Template Permissions
      4. Configuring Certificate Template Settings
      5. Options for Updating a Certificate Template
    4. Implementing Certificate Distribution and Revocation
      1. Options for Certificate Enrollment
      2. How Does Autoenrollment Work?
      3. What Is the Restricted Enrollment Agent?
      4. Demonstration: Configuring the Restricted Enrollment Agent
      5. What Is Network Device Enrollment Service?
      6. How Does Certificate Revocation Work?
      7. Considerations for Publishing AIAs and CDPs
      8. What Is an Online Responder?
    5. Managing Certificate Recovery
      1. Overview of Key Archival and Recovery
      2. Configuring Automatic Key Archival
      3. Recovering a Lost Key
  11. Implementing Active Directory Rights Management Services
    1. AD RMS Overview
      1. What Is AD RMS?
      2. Usage Scenarios for AD RMS
      3. Overview of the AD RMS Components
      4. AD RMS Certificates and Licenses
      5. How AD RMS Works
    2. Deploying and Managing an AD RMS Infrastructure
      1. AD RMS Deployment Scenarios
      2. Configuring the AD RMS Cluster
      3. Demonstration: Installing the First Server of an AD RMS Cluster
      4. AD RMS Client Requirements
      5. Implementing an AD RMS Backup and Recovery Strategy
      6. Decommissioning and Removing AD RMS
    3. Configuring AD RMS Content Protection
      1. What Are Rights Policy Templates?
      2. Providing Rights Policy Templates for Offline Use
      3. What Are Exclusion Policies?
      4. AD RMS Super Users Group
    4. Configuring External Access to AD RMS
      1. Options for Enabling External Users to Access AD RMS
      2. Implementing TUD
      3. Implementing TPD
      4. Sharing AD RMS–Protected Documents by Using Windows Live ID
      5. Considerations for Implementing External User Access to AD RMS
  12. Implementing Active Directory Federation Services
    1. Overview of AD FS
      1. What Is Identity Federation?
      2. What Is Claims-Based Identity?
      3. Web Services Overview
      4. What Is AD FS?
      5. How AD FS Enables SSO in a Single Organization
      6. How AD FS Enables SSO in a Business-to-Business Federation
      7. How AD FS Enables SSO with Online Services
    2. Deploying AD FS
      1. AD FS Components
      2. AD FS Prerequisites
      3. PKI and Certificate Requirements
      4. Federation Server Roles
    3. Implementing AD FS for a Single Organization
      1. What Are AD FS Claims?
      2. What Are AD FS Claim Rules?
      3. What Is a Claims Provider Trust?
      4. What Is a Relying Party Trust?
    4. Deploying AD FS in a B2B Federation Scenario
      1. Configuring an Account Partner
      2. Configuring a Resource Partner
      3. Configuring Claims Rules for B2B Scenarios
      4. How Home Realm Discovery Works
Methods of Evaluation -
  1. Tests and quizzes
  2. Written laboratory assignments which include configuration specifications, sample runs and documentation.
  3. Final examination
Representative Text(s) -
Warren, Andrew. Microsoft Official Curriculum 20411A Installing and Configuring Windows Server® 2012. Redmond, WA: Microsoft Corporation, 2012

Disciplines -
Computer Science
Method of Instruction -
  1. Lectures
  2. On-line labs (for all sections, including those meeting face-to-face/on campus) consisting of
    1. A Lab assignment web-page located on a college-hosted course management system or other department-approved Internet environment. Here, the students will review the specification of each lab assignment and submit their completed lab work.
    2. A discussion web-page located on a college hosted course management system or other department-approved Internet environment. Here, students can request assistance from the instructor and interact publically with other class members.
  3. In person or on-line discussion which engages students and instructor in an ongoing dialog pertaining to all aspects of designing, implementing and analyzing programs.
  4. When course is taught fully on-line:
    1. Instructor-authored lecture materials, handouts, syllabus, assignments, tests, and other relevant course material will be delivered through a college hosted course management system or other department-approved Internet environment.
    2. Additional instructional guidelines for this course are listed in the attached addendum of CS department on-line practices.
Lab Content -
  1. Implementing Advanced Network Services
    1. Configuring Advanced DHCP Features
    2. Configuring Advanced DNS Settings
    3. Configuring IP Address Management
  2. Implementing Advanced File Services
    1. Configuring iSCSI Storage
    2. Configuring the File Classification Infrastructure
    3. Configuring the Main Office Servers for BranchCache
    4. Configuring the Branch Office Servers for BranchCache
    5. Configuring Client Computers for BranchCache
  3. Implementing Dynamic Access Control
    1. Planning the Dynamic Access Control Implementation
    2. Configuring User and Device Claims
    3. Configuring Resource Property Definitions
    4. Configuring Central Access Rules and Central Access
    5. Validating and Remediating Dynamic Access Control
    6. Implementing new resource policies
  4. Implementing Network Load Balancing
    1. Implementing an NLB Cluster
    2. Configuring and Managing the NLB Cluster
    3. Validating High Availability for the NLB Cluster
  5. Implementing failover clustering
    1. Configuring a Failover Cluster
    2. Deploying and Configuring a Highly Available File Server
    3. Validating the Deployment of the Highly Available File Server
    4. Configuring Cluster-Aware Updating on the Failover Cluster
  6. Implementing Failover Clustering with Hyper-V
    1. Configuring Hyper-V Replicas
    2. Configuring a Failover Cluster for Hyper-V
    3. Configuring a Highly Available Virtual Machine
  7. Implementing Windows Server Backup and Restore
    1. Backing Up Data on a Windows Server 2012 Server
    2. Restoring Files Using Windows Server Backup
    3. Implementing Microsoft Online Backup and RestoreH. Implementing Complex AD DS Deployments
  8. Implementing Complex AD DS Deployments
    1. Implementing Child Domains in AD DS
    2. Implementing Forest Trusts
  9. Implementing AD DS Sites and Replication
    1. Modifying the Default Site
    2. Creating Additional Sites and Subnets
    3. Configuring AD DS Replication
  10. Implementing Active Directory Certificate Services
    1. Deploying a standalone root CA
    2. Deploying an Enterprise Subordinate CA
    3. Configuring Certificate Templates
    4. Configuring Certificate Enrollment
    5. Configuring Certificate Revocation
    6. Configuring Key Recovery
  11. Configuring AD Right Management Service (RMS)
    1. Installing and Configuring AD RMS
    2. Configuring AD RMS Templates
    3. Implementing the AD RMS Trust Policies
    4. Verifying the AD RMS Deployment
  12. Implementing AD Federation Services (FS)
    1. Configuring AD FS Prerequisites
    2. Installing and Configuring AD FS
    3. Configuring AD FS for a Single Organization
    4. Configuring AD FS for Federated Business Partners
Types and/or Examples of Required Reading, Writing and Outside of Class Assignments -
  1. Reading
    1. Textbook assigned reading averaging 50 pages per week.
    2. On-line resources as directed by instructor though links pertinent to networking.
    3. Library and reference material directed by instructor through course handouts.
  2. Writing
    1. Technical prose documentation that supports and describes the laboratory exercises that are submitted for a grade.