Windows Server 2008, Enterprise Administrator Exam 70-647

Course Objectives:

• Planning network and application services
• Designing core identity and access management components
• Designing support identity and access management components
• Designing for business continuity and data availability

Planning network and application services

• Plan for name resolution and IP addressing. May include but is not limited to: internal and external naming strategy, naming resolution support for legacy clients, naming resolution for directory services, IP addressing scheme, TCP/IP version coexistence
• Design for network access. May include but is not limited to: network access policies, remote access strategy, perimeter networks, server and domain isolation
• Plan for application delivery. May include but is not limited to: application virtualization, presentation virtualization, locally installed software, Web-based applications
• Plan for Remote Desktop Services. May include but is not limited to: Terminal Services licensing, Remote Desktop Services infrastructure
  

Designing core identity and access management components

• Design Active Directory forests and domains. May include but is not limited to: forest structure, forest and domain functional levels, intra-organizational authorization and authentication, schema modifications
• Design the Active Directory physical topology. May include but is not limited to: placement of servers, site and replication topology, printer location policies
• Design the Active Directory administrative model. May include but is not limited to: delegation, group strategy, compliance auditing, group administration, organizational structure
• Design the enterprise-level group policy strategy. May include but is not limited to: group policy hierarchy and scope filtering, control device installation, authentication and authorization
  

Designing support identity and access management components

• Plan for domain or forest migration, upgrade, and restructuring. May include but is not limited to: cross-forest authentication, backward compatibility, object migration, migration planning, implementation planning, environment preparation
• Design the branch office deployment. May include but is not limited to: authentication strategy, server security
• Design and implement public key infrastructure. May include but is not limited to: certificate services, PKI operations and maintenance, certificate life cycle management
• Plan for interoperability. May include but is not limited to: inter-organizational authorization and authentication, application authentication interoperability, cross-platform interoperability

Designing for business continuity and data availability

• Plan for business continuity. May include but is not limited to: service availability, directory service recovery
• Design for software updates and compliance management. May include but is not limited to: patch management and patch management compliance, Microsoft Update and Windows Update, security baselines, system health models
• Design the operating system virtualization strategy. May include but is not limited to: server consolidation, application compatibility, virtualization management, placement of servers
• Design for data management and data access.