Print Version

Effective: Winter 2014

Advisory: Advisory: C S 60A
Grade Type: Letter Grade, the student may select Pass/No Pass
Not Repeatable.
FHGE: Non-GE Transferable: CSU
4 hours lecture, 3 hours laboratory. (84 hours total per quarter)

Student Learning Outcomes -
  • The student will be able to configure DNS zones, configure DNS zones, configure VPN and routing, and configure DirectAccess.
Description -
Introduction to administering Windows Server 2012 in an enterprise. It provides both lecture and laboratory exercises to enable the student to deploy, manage, and maintain servers, configure file and print services, configure network services and access, configure a network policy server infrastructure, and configure and manage group policy.

Course Objectives -
The student will be able to:
  1. Implement a Group Policy Infrastructure
  2. Manage User Desktops with Group Policy
  3. Manage User and Service Accounts
  4. Maintain Active Directory Domain Services
  5. Configure and Troubleshoot Domain Name System
  6. Configure and Troubleshoot Remote Access
  7. Install, Configure, and Troubleshoot the Network Policy Server Role
  8. Implement Network Access Protection
  9. Optimize File Services
  10. Configure Encryption and Advanced Auditing
  11. Deploy and Maintaining Server Images
  12. Implement Update Management
Special Facilities and/or Equipment -
Computer laboratory with VMware ESX Servers
Website or course management system with an assignment posting component (through which all lab assignments are to be submitted) and a forum component (where students can discuss course material and receive help from the instructor). This applies to all sections, including on-campus (i.e., face-to-face) offerings.
When taught via Foothill Global Access, a fully functional and maintained course management system through which the instructor and students can interact.
When taught via Foothill Global Access, students must have currently existing e-mail accounts and ongoing access to computers with internet capabilities.

Course Content (Body of knowledge) -
  1. Implementing a Group Policy Infrastructure
    1. Introducing Group Policy
      1. What Is Configuration Management?
      2. Overview of Group Policies
      3. Benefits of Using Group Policy
      4. Group Policy Objects
      5. GPO Scope
      6. Group Policy Client and Client-Side Extensions
      7. How to Create a GPO and Configure GPO Settings
    2. Implementing and Administering GPOs
      1. Domain-Based GPOs
      2. GPO Storage
      3. Starter GPOs
      4. Common GPO Management Tasks
      5. Delegating Administration of Group Policies
    3. Managing Group Policy Scope
      1. GPO Links
      2. How to Link GPOs
      3. Group Policy Processing Order
      4. Configuring GPO Inheritance and Precedence
      5. Using Security Filtering to Modify Group Scope
      6. What Are WMI Filters?
      7. How to Filter Policies
      8. Enable of Disable GPOs and GPO Nodes
      9. Loopback Policy Processing
    4. Group Policy Processing
      1. Considerations for Slow Links and Disconnected Systems
      2. Identifying When Settings Become Effective
    5. Troubleshooting the Application of GPOs
      1. Resultant Set of Policy
      2. Generate RSoP Reports
      3. How to Perform What-If Analysis with the Group Policy Modeling Wizard
      4. Examine Policy Event Logs
  2. Managing User Desktops with Group Policy
    1. Implementing Administrative Templates
      1. What Are Administrative Templates?
      2. What Are ADM and ADMX Files?
      3. The Central Store
      4. Practical Uses of Administrative Templates
      5. Configuring Settings with Administrative Templates
    2. Configuring Folder Redirection and Scripts
      1. What Are ADM and ADMX Files?
      2. The Central Store
      3. Practical Uses of Administrative Templates
      4. Configuring Settings with Administrative Templates
      5. What Are Administrative Templates?
    3. Configuring Group Policy Preferences
      1. What Are Group Policy Preferences?
      2. Comparing Group Policy Preferences and GPO Settings
      3. Features of Group Policy Preferences
      4. Configuring Group Policy Preferences
    4. Managing Software with Group Policy
      1. How Group Policy Software Distribution Helps to Address the Software Lifecycle
      2. How Windows Installer Enhances Software Distribution
      3. Assigning and Publishing Software
      4. Managing Software Upgrades by Using Group Policy
  3. Managing User and Service Accounts
    1. Automating User Account Management
      1. Exporting Users Accounts with CSVDE
      2. Importing User Accounts with CSVDE
      3. Importing User Accounts with LDIFDE
      4. Importing User Accounts with Windows PowerShell
    2. Configuring Password-Policy and User-Account Lockout Settings
      1. Understanding User-Account Policies
      2. Configuring User Account Policies
      3. What Are Password Settings Objects?
      4. Configuring Password Settings Objects
    3. Configuring Managed Service Accounts
      1. What Are The Challenges Of Using Standard User Accounts For Services?
      2. What Is A Managed Service Account?
      3. Configuring Managed Service Accounts by Using Windows PowerShell
      4. What Are Group Managed Service Accounts?
  4. Maintaining AD DS
    1. Implementing Virtualized Domain Controllers
      1. Understanding Cloned Virtualized Domain Controllers
      2. Deploying a Cloned Virtualized Domain Controller
      3. Managing Virtualized Domain Controllers
    2. Implementing Read-Only Domain Controllers
      1. Considerations for Implementing RODCs
      2. Managing RODC Credential Caching
      3. Managing Local Administration for RODCs
    3. Administering AD DS
      1. Overview of the Active Directory Administration Snap-ins
      2. Overview of the Active Directory Administrative Center
      3. Demonstration: Managing AD DS by Using Management Tools
      4. Overview of the Active Directory Module for Windows PowerShell
      5. Managing Operations Master Roles
      6. Managing AD DS Backup and Recovery
    4. Managing the AD DS Database
      1. Understanding the AD DS Database
      2. What Is NTDSUtil?
      3. Understanding Restartable AD DS
      4. Demonstration: Performing AD DS Database Maintenance
      5. Creating AD DS Snapshots
      6. Understanding How to Restore Deleted Objects
      7. Configuring the Active Directory Recycle Bin?
  5. Configuring and Troubleshooting DNS
    1. Installing the DNS Server Role
      1. Overview of the DNS Role
      2. Overview of the DNS Namespace
      3. Integrating AD DS and DNS
      4. Determining Whether to Use Split DNS
      5. Installing the DNS Server Role
      6. Considerations for Deploying the DNS Server Role
    2. Configuring the DNS Server Role
      1. What Are the Components of a DNS Solution?
      2. What Are DNS Queries?
      3. DNS Resource Records
      4. What Are Root Hints?
      5. What Is Forwarding?
      6. How DNS Server Caching Works
      7. Configuring the DNS Server Role
    3. Configuring DNS Zones
      1. What Is a DNS Zone?
      2. What Are the DNS Zone Types?
      3. What Are Forward and Reverse Lookup Zones?
      4. Overview of Stub Zones
      5. Creating Zones
      6. DNS Zone Delegation
    4. Configuring DNS Zone Transfer
      1. What Is a DNS Zone Transfer?
      2. Configuring Zone Transfer Security
      3. Configuring DNS Zone Transfers
    5. Managing and Troubleshooting DNS
      1. What Is TTL, Aging, and Scavenging?
      2. Managing DNS Records
      3. Testing the DNS Server Configuration
      4. Monitoring DNS by Using the DNS Event Log
      5. Monitoring DNS by Using Debug Logging
  6. Configuring and Troubleshooting Remote Access
    1. Configuring Network Access
      1. Components of a Network Access Services Infrastructure
      2. What Is the Network Policy and Access Services Role?
      3. What Is the Remote Access Role?
      4. Network Authentication and Authorization
      5. Authentication Methods
      6. Integrating DHCP with Routing and Remote Access
    2. Configuring VPN Access
      1. What Is a VPN Connection?
      2. Tunneling Protocols for VPN Connections
      3. What Is VPN Reconnect?
      4. Configuration Requirements
      5. How to Configure VPN Access
      6. Completing Additional Configuration Tasks
      7. What Is the Connection Manager Administration Kit?
      8. How to Create a Connection Profile
    3. Overview of Network Policies
      1. What Is a Network Policy?
      2. Network Policy Processing
      3. Process for Creating and Configuring a Network Policy
      4. How to Create a Network Policy
    4. Troubleshooting Routing and Remote Access
      1. Configuring Remote Access Logging
      2. Configuring Remote Access Tracing
      3. Resolving General VPN Problems
      4. Troubleshooting Other Issues
    5. Configuring DirectAccess
      1. Complexities of Managing VPNs
      2. What Is DirectAccess?
      3. Components of DirectAccess
      4. What Is the Name Resolution Policy Table?
      5. How DirectAccess Works for Internal Clients
      6. How DirectAccess Works for External Clients
      7. Prerequisites for Implementing DirectAccess
      8. Configuring DirectAccess
  7. Installing, Configuring, and Troubleshooting the Network Policy Server Role
    1. Installing and Configuring a Network Policy Server
      1. What Is a Network Policy Server?
      2. Installing the Network Policy Server Role
      3. Tools for Configuring a Network Policy Server
      4. Configuring General NPS Settings
    2. Configuring RADIUS Clients and Servers
      1. What Is a RADIUS Client?
      2. What Is a RADIUS Proxy?
      3. Configuring a RADIUS Client
      4. What Is a Connection Request Policy?
      5. Configuring Connection-Request Processing
      6. Creating a Connection Request Policy
    3. NPS Authentication Methods
      1. Password-Based Authentication Methods
      2. Using Certificates for Authentication
      3. Required Certificates for Authentication
      4. Deploying Certificates for PEAP and EAP
    4. Monitoring and Troubleshooting a Network Policy Server
      1. Methods Used to Monitor NPS
      2. Logging NPS Accounting
      3. Configuring SQL Server Logging
      4. Configuring NPS Events to Record in the Event Viewer
  8. Implementing Network Access Protection
    1. Overview of Network Access Protection
      1. What Is Network Access Protection?
      2. NAP Scenarios
      3. NAP Enforcement Methods
      4. NAP Platform Architecture
    2. Overview of NAP Enforcement Processes
      1. NAP Enforcement Processes
      2. IPsec Enforcement
      3. 802.1x Enforcement
      4. VPN Enforcement
      5. DHCP Enforcement
    3. Configuring NAP
      1. What Are System Health Validators?
      2. What Is a Health Policy?
      3. What Are Remediation Server Groups?
      4. NAP Client Configuration
      5. Configuring NAP
    4. Monitoring and Troubleshooting NAP
      1. What Is NAP Tracing?
      2. Configuring NAP Tracing
      3. Troubleshooting NAP
      4. Troubleshooting NAP with Event Logs
  9. Optimizing File Services
    1. Overview of FSRM
      1. Understanding Capacity Management Challenges
      2. What Is FSRM?
      3. How to Install and Configure FSRM
    2. Using FSRM to Manage Quotas, File Screens, and Storage Reports
      1. What Is Quota Management?
      2. What Are Quota Templates?
      3. Monitoring Quota Usage
      4. What Is File Screening Management?
      5. What Are File Groups?
      6. What Are a File Screen Templates and File Screen Exceptions?
      7. What Are Storage Reports?
      8. What Is a Report Task?
      9. How to Use FSRM to Manage Quotas, File Screens, and Generate On-Demand Storage Reports
    3. Implementing Classification and File Management Tasks
      1. What Is Classification Management?
      2. What Are Classification Properties?
      3. What Is a Classification Rule?
      4. How to Configure Classification Management
      5. Considerations for Using File Classification
      6. What Are File Management Tasks?
      7. How to Configure File Management Tasks
    4. Overview of DFS
      1. What Is DFS?
      2. What Is a DFS Namespace?
      3. What Is DFS Replication?
      4. How DFS-N and DFS-R Work
      5. DFS Scenarios
      6. How to Install the DFS Role
    5. Configuring DFS Namespaces
      1. Deploying Namespaces to Publish Content
      2. Permissions Required to Create and Manage a Namespace
      3. How to Create Namespaces
      4. Optimizing a Namespace
    6. Configuring and Troubleshooting DFS-R
      1. Replication Groups and Replicated Folders
      2. Initial Replication Process
      3. How to Configure DFS-R
      4. Troubleshooting DFS
  10. Configuring Encryption and Advanced Auditing
    1. Encrypting Files by Using Encrypting File System
      1. What Is EFS?
      2. How EFS Works
      3. Recovering EFS–Encrypted Files
      4. Encrypting a File by Using EFS
    2. Configuring Advanced Auditing
      1. Overview of Audit Policies
      2. Specifying Auditing Settings on a File or Folder
      3. Enabling Audit Policy
      4. Evaluating Events in the Security Log
      5. Advanced Audit Policies
      6. Configuring Advanced Auditing
  11. Deploying and Maintaining Server Images
    1. Overview of Windows Deployment Services
      1. What Is Windows Deployment Services?
      2. Windows Deployment Services Components
      3. Why Use Windows Deployment Services?
      4. Discussion: How to Use Windows Deployment Services
    2. Implementing Deployment with Windows Deployment Services
      1. Understanding Windows Deployment Services Components
      2. Installing and Configuring Windows Deployment Services
      3. Managing Deployments with Windows Deployment Services
    3. Administering Windows Deployment Services
      1. Common Administration Tasks
      2. How to Administer Images
      3. Automating Deployments
      4. How to Configure Multicast Transmission
  12. Implementing Update Management
    1. Overview of WSUS
      1. What Is WSUS?
      2. The WSUS Update Management Process
      3. Server Requirements for WSUS
    2. Deploying Updates with WSUS
      1. Configuring Automatic Updates
      2. WSUS Administration
      3. What Are Computer Groups?
      4. Approving Updates
  13. Monitoring Windows Server 2012
    1. Monitoring Tools
      1. Overview of Task Manager
      2. Overview of Performance Monitor
      3. Overview of Resource Monitor
      4. Overview of Event Viewer
    2. Using Performance Monitor
      1. Baseline, Trends, and Capacity Planning
      2. What Are Data Collector Sets?
      3. Capturing Counter Data with a Data Collector Set
      4. Configuring an Alert
      5. Viewing Reports in Performance Monitor
      6. Monitoring Network Infrastructure Services
      7. Considerations for Monitoring Virtual Machines
    3. Monitoring Event Logs
      1. What Is a Custom View?
      2. Creating a Custom View
      3. What Are Event Subscriptions?
      4. Configuring an Event Subscription

Methods of Evaluation -
  1. Tests and quizzes
  2. Written laboratory assignments which include configuration specifications, sample runs and documentation.
  3. Final examination
Representative Text(s) -
Warren, Andrew. Microsoft Official Curriculum 20411A Installing and Configuring Windows Server® 2012, Redmond, WA: Microsoft Corporation, 2012

Disciplines -
Computer Science
Method of Instruction -
  1. Lectures
  2. On-line labs (for all sections, including those meeting face-to-face/on campus) consisting of
    1. A labartory assignment web-page located on a college-hosted course management system or other department-approved Internet environment. Here, the students will review the specification of each lab assignment and submit their completed lab work.
    2. A discussion web-page located on a college hosted course management system or other department-approved Internet environment. Here, students can request assistance from the instructor and interact publically with other class members.
  3. In person or on-line discussion which engages students and instructor in an ongoing dialog pertaining to all aspects of designing, implementing and analyzing programs.
  4. When course is taught fully on-line:
    1. Instructor-authored lecture materials, handouts, syllabus, assignments, tests, and other relevant course material will be delivered through a college hosted course management system or other department-approved Internet environment.
    2. Additional instructional guidelines for this course are listed in the attached addendum of CS department on-line practices.

Lab Content -
  1. Implementing a Group Policy Infrastructure
    1. Creating and Configuring GPO
    2. Managing GPO Scope
  2. Managing User Desktops with Group Policy
    1. Implementing Settings by Using Group Policy Preferences
    2. Configuring Folder Redirection
  3. Managing User and Service Accounts
    1. Configuring Password-Policy and Account-Lockout Settings
    2. Creating and Associating an MSA
  4. Maintaining AD DS
    1. Installing and Configuring a RODC
    2. Configuring AD DS snapshots
    3. Configuring the Active Directory Recycle Bin
  5. Configuring and Troubleshooting DNS
    1. Configuring DNS Resource Records
    2. Configuring DNS Conditional Forwarding
    3. Installing and Configuring DNS Zones
  6. Configuring DirectAccess
    1. Configuring the DirectAccess Infrastructure
    2. Configuring the DirectAccess Clients
    3. Verifying the DirectAccess Configuration
  7. Installing and Configuring a Network Policy Server
    1. Installing and Configuring NPS to Support RADIUS
    2. Configuring and testing a RADIUS client
  8. Implementing Network Access Protection (NAP)
    1. Configuring NAP Components
    2. Configuring VPN Access
    3. Configuring the Client Settings to Support NAP
  9. Implementing DFS
    1. Installing the DFS role service
    2. Configuring a DFS Namespace
    3. Configuring DFS-R
  10. Configuring Encryption and Advanced Auditing
    1. Encrypting and Recovering Files
    2. Configuring Advanced Auditing
  11. Using Windows Deployment Services to Deploy Windows
    1. Installing and Configuring Windows Deployment Services
    2. Creating Operating System Images with Windows Deployment Services
    3. Configuring Custom Computer Naming
    4. Deploying Images with Windows Deployment Services
  12. Implementing Update Management
    1. Implementing the WSUS Server Role
    2. Configuring Update Settings
    3. Approving and Deploying an Update by Using WSUS
  13. Monitoring Windows Server 2012
    1. Establishing a Performance Baseline
    2. Identifying the Source of a Performance Problem
    3. Viewing and Configuring Centralized Event Logs
Types and/or Examples of Required Reading, Writing and Outside of Class Assignments -
  1. Textbook assigned reading averaging 30 pages per week.
  2. On-line resources as directed by instructor though links pertinent to networking.
  3. Library and reference material directed by instructor through course handouts.
  1. Technical prose documentation that supports and describes the laboratory exercises that are submitted for a grade.