I N D E X 663monthly summaries, reports, 452 MSISAund.ini file, 91 multihomed systems, monitoring, Network Monitor, 441 multiple choice questions ExamGear, Training Guide Edition softwar
Trang 1I N D E X 663
monthly summaries, reports, 452 MSISAund.ini file, 91
multihomed systems, monitoring, Network Monitor, 441
multiple choice questions (ExamGear, Training Guide Edition software), 637
multiple clients, single computer, 411 Multipoint Control Unit (MCU), 211
N
name resolution, verifying, 63 NAT clients, SecureNAT clients, compared, 386 Netstat connections, detecting, 438-440
network adapters, minimum system requirments, 54 network connectivity, verification, 58
network cards, minimum system requirements, 55 network connections, configuring, 239
network interfaces, preconfiguring, 58-63 network load balancing, Enterprise ISA Server, 489 Network Load Balancing (NLB) See NLB
Network Monitor ports, testing, 440-442 network usage
monitoring, 423-435 troubleshooting, 436-442
networks
design, 47-57 planning, 47-57 size, 48
New Filter wizard, 314 NIC cards, IPSec, offloading, 56 NLB (Network Load Balancing), 339, 352-355 NTFS (NT File System), conversion, 78
O
object permissions, 137-141 objectives
access controls, configuring, 361 access problems, troubleshooting, 361-362
arrays, managing, 337 bandwidth policies, configuring, 361 client computers, deploying, 383 configure and troubleshoot outbound Internet access, 133-135
configuring firewalls, 309 client computer for SecureNAT, 399 client computer’s Web browser to use ISA Server
as HTTP proxy, 399 ISA Server hosting roles, 181 dial-on-demand connection troubleshooting, 235 dial-up connection access troubleshooting, 235 H.323 Gatekeeper, configuring for audio and video conferencing, 205
ISA Server analyzing, 449 installing, 71 versions, 71-72 Microsoft Proxy 2.0 Server, upgrading, 109 policy elements, creating, 362
preconfiguring network interfaces, 45 remote access troubleshooting, 235 routing access troubleshooting, 235 setup problems, troubleshooting, 72 troubleshooting
autodetection, 399 security and network usage, 421 VPNs (Virtual Private Networks) configuring, 265-266
endpoint configuration, 266 pass-throughs, 266
objects
caching frequently used objects, 19-27 monitoring, 467
performance, analysis, 461
ODBC databases, logging to, 425-426 optimization
ISA Server, Performance Monitor, 459-470
Trang 2664 I N D E X
options, software, installing, 48-49 ordered-list questions (ExamGear, Training Guide Edition software), 639
ordered-tree questions (ExamGear, Training Guide Edition software), 640
outbound Internet access
alerts, 146 authentication, 158 caching, 145 configuring, 161-163 client access problems, troubleshooting, 169-172 client addresses, configuring, 152
custom HTML error messages, 158-160 destination address sets, configuring, 153 hierarchical access, configuring, 161 LAT, 166
local domain tables, 166 outgoing Web request properties, configuring, 147-148
packet filters, 143 policy elements, creating, 149-151 post-installation default settings, 136-138, 140-146 publishing, 145-146
routing, 144-145 rules, 146-160 bandwidth rules, 164-165 content, 153-154
evaluation, 149 protocol rules, 154-157 routing rules, 167 sites, 153-154 server chains, 168 single system configuration, 160 tools, 146-160
Outgoing Web request properties, 403
authentication methods, 148 configuring, 147-148 connections, 147 listeners, 147
P
packet filters, 17, 143, 312, 482
default packet filters, 313
IP routing, 312 logging, allowing, 424 properties, configuring/enabling, 316-317 rules, configuring, 312, 314-317
packet-based access problems, troubleshooting, 373-375
pass-throughs, VPNs, configuring for, 274-275 performance
analyzing logging, 468-469 reporting, 468-469 reports, 451-458 optimizing, 459-464, 468-470
performance counters, 465-466 Performance Monitor
ISA Server, optimizing, 464-466 performance analysis, 460-461
performance monitoring, configuring, 461-462 perimeter arrays, distributed caching, 59 perimeter networks
firewalls, considerations, 328-330 publishing, 330
permissions
access policies, 368 configuring, 140-141 default security group file permissions, 460 object permissions, 137-141
Read permissions, limiting, 138 Service permissions, 141
phone number rules, H.323 Gatekeeper, configuring, 224-225
ping of death attacks, 18, 430 planning networks, 47-49, 51, 53-57
Trang 3I N D E X 665
policies
access policies configuring, 370-371 Enterprise, 369-371 functional framework, 364-367 permissions, 368
and/or array policies, 16 arrays, 341
bandwidth policies, configuring, 370-371 configuring, 346-347
Array level, 35-36 Enterprise level, 35-36 creating, 483
destination sets, 32 elements, 484 creating, 369-370 outbound Internet access, creating, 149-151 Enterprise ISA Server, 488
enterprise policies, scope, 340-341 modifying, 347
policy elements, creating, 369-370
policy-based rules, 31-36 ports
autodiscovery port, 403 Outgoing Web request port, 403 testing, 440-442
well-known, 432
post-installation default settings, 136-146 post-installation process, 479-480 Practice Exam mode (ExamGear, Training Guide Edition software), 628-631
compared to Study Mode, 634-635 starting, 635
preinstallation network configuration, 58-63 preinstallation process, 478
pretesting yourself (study tips), 499 preparations for exam, 500
learning as a process, 497 study tips, 498, 500-501 active-study strategies, 498 common-sense strategies, 499
macro and micro strategies, 498 pretesting yourself, 499
processing rules, 372-373 processors, minimum system requirements, 54 promoting
Enterprise ISA Server, 488 standalone servers, 348-349
properties
configuring, 403 packet filters, configuring/enabling, 316-317
protocol definitions, 32 protocol filters, H.323 Gatekeeper, 212 protocol rules, 32-33
outbound Internet access, configuring, 154-157
protocols
H.323, 209-210 Mapping, selecting, 198
Proxy DenySitesSet, 123 Proxy DomainFilter, 123 proxy packet filters, 122 Proxy Server See Microsoft Proxy 2.0 Server PSTN (Public Service Telephone Networks), 209 publishing, 492
outbound Internet access, 145-146 perimeter network servers, 330 requirements, 54, 479
SSL bridging, 492 Web publishing, 492
publishing servers See server publishing
Q-R
question types (ExamGear, Training Guide Edition software), 636
drag and drop, 637-638 hot spot, 641
multiple choice, 637 ordered list, 639 ordered tree, 640 simulations, 640-641
Trang 4666 I N D E X
Questions tab (Item Review screen), ExamGear, Training Guide Edition software, 643-645 RAM (random access memory)
controlling caching, 469-470 minimum system requirements, 53
Read permissions, limiting, 138 Real-Time Control Protocol (RTCP), 209 Real-Time Protocol (RTP), 209
registering ExamGear, Training Guide Edition software, 630
registration admission and status, H.323 Gatekeeper, 213-214
registration database, H.323 Gatekeeper, 212-213 registration process, H.323 Gatekeeper, 214-215 Registry, performance optimization, 459-460 relays, preventing, 196
remote access authentication, 486 remote administration, 56, 253-254 remote clients, Routing and Remote Access Service, connecting, 246
Remote Procedure Call (RPC) filters, 33, 482 removing See deleting, uninstalling
reports, 485
application usage reports, 37, 456-457, 485 configuring, 37
dates, 453 ISA Server, analysis, 451-458 performance, analyzing, 468-469 reports within reports, 453-454 security reports, 37, 458, 485 summaries, generation, 452 Summary reports, 37, 455, 485 traffic and utilization reports, 37, 457-458, 485 Web usage reports, 37, 455-456, 485
requirements
ExamGear, Training Guide Edition software, 629 for certification, 620
MCDBA, 620-621 MCP, 620
MCSD, 622-624
MCSE, 621-622 MCT, 624
restricting management, 341 retired certifications, 620 reverse caching, 20-21 Root CAs, installing and configuring, 290-291 routing, 494
modifying, 401-402 outbound Internet access, 144-145 Routing and Remote Access Service, 246
Routing and Remote Access Service
dial-on-demand connections, 249-252 interoperability, 487
ISA Server, compared, 245-248 remote clients, connecting, 246 routing, 246
static routes, 247-248 troubleshooting, 250-252
routing rules, outbound Internet access, configuring, 167
RPC filters, 33, 320 RRAS See Routing and Remote Access Service RTCP (Real-Time Control Protocol), 209 RTP (Real-Time Protocol), 209
rule processing, H.323 Gatekeeper, 215-216 rules
application filters, 33 bandwidth rules, 33, 36-37 call routing rules, H.323 Gatekeeper, 223-228 default, 483
dial-up routing rules, creating, 240-241 outbound Internet access, 146-160 bandwidth rules, 164-165 evaluation, 149
routing rules, 167 packet filters, configuring, 312-317 processing order, 372-373
protocol rules, 33 rule processing, H.323 Gatekeeper, 215-216 server publishing, creating, 197
Trang 5I N D E X 667
site and content rules, 33 Web publishing, configuring, 187-188
S
scalibility
arrays, configuring, 350-355 CARP, 350-351
scheduling, 32
caching, 22-23 exams, 619 logging, 463 Internet access, creating, 151
Secure (security level), 19 SecureNAT (secure network address translation)
clients, 15-16, 386 configuring, 407 NAT client, compared, 386 PPTP filters, 275
security
alerts, 433-435 authentication, 485-486 firewalls, system hardening, 321-327 group file permissions, 460
intrusion detection, configuring, 429-433 levels, 19
logs, 485 configuring, 424-428 monitoring
alerting, 423-435 logging, 423-435 reports, 37, 458, 485 troubleshooting, 436-442
Security Configuration Wizard, 19 Select and Place questions (ExamGear, Training Guide Edition software), 638
server address mapping, identifying, 198 server certificates, 189-190
server chains, configuring, 168 server placement, 58
server proxy, configuring for, 193-197
content filtering, 195-197 DNS, 194
mail proxy, 194
server publishing
configuring for, 197-200 perimeter networks, 199
Service permissions, 141 Services, H.323 Gatekeeper, 212 setup logs, reviewing, migration, 117-118 Shields Up utility, 441
simulation questions (ExamGear, Training Guide Edition software), 640-641
site and content rules, 32-33 site placement, 58
site rules, outbound Internet access, configuring, 153-154
SMTP (Simple Mail Transfer Protocol) filters, 34, 195-197, 482
SMTP buffer overrun attacks, 195 SOCKS filters, 34, 321, 482 software
installing, options, 48-49 users, needs, 48
SSL bridging, 492 SSL requests, redirecting, Web publishing, 190-193 standalone CA, certificates, requesting, 292-295 standalone servers, promoting, 348-349
Standard ISA Server, 29-30
installing, 80-82
stateful inspection, 18 static routes, Routing and Remote Access Service, 247-248
status, alerts, monitoring, 435 storage formats, logs, 424 streaming media filters, 34, 482 Study Mode (ExamGear, Training Guide Edition soft-ware), 628, 631
compared to Practice Exam mode and Adaptive Exam mode, 634-635
starting, 632-634
Trang 6668 I N D E X
study tips, 498, 500-501
active-study strategies, 498 common-sense strategies, 499 exams, preparation, 500-501 learning as a process, 497 macro and micro strategies, 498 pretesting yourself, 499
study tools, ExamGear, Training Guide Edition software, 627-628
summaries, reports, generation, 452 Summary reports, 37, 455, 485 system hardening, firewalls, configuring, 321-327 system requirements
See also, minimum system requirements ExamGear, Training Guide Edition software, 629 hardware, 53-54
interoperability, 51-53
system-hardening templates, 19
T
T-120, H.323 Gatekeeper, 210 TCP/IP network cards, configuring, 61 telnet ports, testing, 440-442
Terminal services, interoperability, 487 testing
connectivity, 62 ports, 440-442 tools, 495 VPNs, 272-274
time limit on exams, 500 time management options (ExamGear, Training Guide Edition software), 642-643
tools
outbound Internet access, 146-160 testing, 495
traffic and utilization reports, 37, 457-458, 485 trainers See MCT
troubleshooting
access problems, 372-375 authentication, 413-414 autodetection, 412-413 clients, 411-412 dial-on-demand connections, 238-242 dial-up connections, 243, 245
firewalls, access, 330-331 ISA Server installation, 94-98 network usage, 436-442 outbound Internet access, 169-172 Routing and Remote Access Service, 250-252 security, 436-442
U
UDP bomb attacks, 18, 430 unattended setup, ISA Server installation, 90-92 Uninstall program, running, 95
uninstalling
ExamGear, Training Guide Edition software, 630-631
ISA Server, 98-99
updates, ExamGear, Training Guide Edition software, 647-648
upgrading, Microsoft Proxy 2.0 Servers, 111-124 upstream servers, 239
user-based access problems, troubleshooting, 373-375 users, 32
needs, 48 rejecting, 197
V
verification
certificates, 296 ISA Server installation, 96-97
VPN Allow Wizard, 270-272
Trang 7I N D E X 669
VPNs (Virtual Private Networks), 19, 269, 494
configuring
as VPN endpoints, 269-274 for pass-throughs, 274-275 endpoints, configuring for, 275-289 Gateway to Gateway VPNs, 494-495 hardware requirements, 56
L2TP over IPSec VPNs, 297 Microsoft certificate services, configuring, 289-292 testing, 272-274
W
W3C format, logs, 425 Web Proxy Autodiscovery Protocol (WPAD), 402 Web proxy clients, 12, 15, 386-387, 408
Web publishing, 492
CARP (Cache Array Routing Protocol), enabling, 188
configuring, 184-193 authentication methods, 189-190 destination sets, 186
listeners, 186-187 rules, 187-188 server certificates, 189-190 HTTP requests, redirecting, 190-193 SSL requests, redirecting, 190-193
Web sites
ExamGear, Training Guide Edition software, checking, 647
Microsoft Certified Professional, 619 Microsoft Training and Certification, 620
Web usage reports, 37, 455-456, 485 Win Proxy Automatic Discover (WPAD) protocol, 393
Windows 2000 install error message, 114 Windows NT 4.0 domains, interoperability, 487 Windows out-of-band attacks, 18
WinNuke attacks, 429
wizards
Add Destination Wizard, 224 ISA VPN Wizard, 276-283 Mail Server Security Wizard, 194 New Filter, 314
Security Configuration Wizard, 19
VPN Allow Wizard, 270-272 WPAD (Web Proxy Autodiscovery Protocol),
393, 402
Trang 9H O W T O C O N T A C T U S
V I S I T O U R W E B S I T E
On our web site, you’ll find information about our other books, authors, tables of contents, and book errata.You will also find information about book registration and how
to purchase our books, both domestically and internationally.
E M A I L U S
Contact us at: nrfeedback@newriders.com
• If you have comments or questions about this book
• To report errors that you have found in this book
• If you have a book proposal to submit or are interested in writing for New Riders
• If you are an expert in a computer topic or technology and are interested in being a technical editor who reviews manuscripts for technical accuracy
Contact us at: nreducation@newriders.com
• If you are an instructor from an educational institution who wants to preview New Riders books for classroom use Email should include your name, title, school, depart-ment, address, phone number, office days/hours, text in use, and enrolldepart-ment, along with your request for desk/examination copies and/or additional information.
Contact us at: nrmedia@newriders.com
• If you are a member of the media who is interested in reviewing copies of New Riders books Send your name, mailing address, and email address, along with the name of the publication or web site you work for.
B U L K P U R C H A S E S / C O R P O R AT E S A L E S
If you are interested in buying 10 or more copies of a title or want to set up an account for your company to purchase directly from the publisher at a substantial discount, contact us at 800-382-3419 or email your contact information to
corpsales@pearsontechgroup.com A sales representative will contact you with more information.
W R I T E T O U S
New Riders Publishing
201 W 103rd St
Indianapolis, IN 46290-1097
C A L L / F A X U S
Toll-free (800) 571-5840
If outside U.S (317) 581-3500 Ask for New Riders
F A X : (317) 581-4663
W W W N E W R I D E R S C O M
Trang 10New MCSE Candidates (Who Have Not Already Passed Windows NT 4.0 Exams)
Must Take All 4 of the Following Core Exams:
Exam 70-210: Installing, Configuring
and Administering Microsoft ®
Windows ® 2000 Professional
Exam 70-215: Installing, Configuring
and Administering Microsoft
Windows 2000 Server
Exam 70-216: Implementing
and Administering a Microsoft
Windows 2000 Network
Infrastructure
Exam 70-217: Implementing
and Administering a Microsoft
Windows 2000 Directory
Services Infrastructure
Core Exams
The Road to MCSE Windows 2000
The new Microsoft Windows 2000 track is designed for information technology professionals working in a typically complex computing environment of medium to large organizations A Windows 2000 MCSE candidate should have at least one year of experience implementing and administering a network operating system
MCSEs in the Windows 2000 track are required to pass five core exams and two elective exams that provide a valid and reliable
measure of technical proficiency and expertise
See below for the exam information and the relevant New Riders title that covers that exam.
MCPs Who Have Passed 3 Windows NT 4.0 Exams (Exams 70-067, 70-068, and 70-073) Instead of the 4 Core Exams at Left, May Take:
Exam 70-240: Microsoft Windows
2000 Accelerated Exam for MCPs Certified on Microsoft Windows
NT 4.0
(This accelerated, intensive exam, which will be available until December 31, 2001, covers the core competencies of exams 70-210, 70-215, 70-216, and 70-217.)
ISBN 0-7357-0979-3 ISBN 0-7357-0965-3 ISBN 0-7357-0968-8
ISBN 0-7357-0966-1 ISBN 0-7357-0976-9
ISBN 0-7357-0988-2
or
MCSE Training Guide:
Core Exams (Bundle)
PLUS - All Candidates - 1 of the Following Core Elective Exams Required:
*Exam 70-219: Designing a Microsoft Windows 2000 Directory
Services Infrastructure
*Exam 70-220: Designing Security for a Microsoft Windows 2000 Network
*Exam 70-221: Designing a Microsoft Windows 2000
Network Infrastructure
PLUS - All Candidates - 2 of the Following Elective Exams Required:
Any current MCSE electives (visit www.microsoft.com for a list of current electives)
(Selected third-party certifications that focus on interoperability will be accepted as an alternative to one
elective exam Please watch for more information on the third-party certifications that will be acceptable.)
*Exam 70-219: Designing a Microsoft Windows 2000 Directory Services Infrastructure
*Exam 70-220: Designing Security for a Microsoft Windows 2000 Network
*Exam 70-221: Designing a Microsoft Windows 2000 Network Infrastructure
Exam 70-222: Upgrading from Microsoft Windows NT 4.0 to Microsoft Windows 2000
*Core exams that can also be used as elective exams may only be counted once toward a certification; that is, if a candidate receives
ISBN 0-7357-0983-1 ISBN 0-7357-0984-X ISBN 0-7357-0982-3 ISBN 0-7357-0983-1 ISBN 0-7357-0984-X ISBN 0-7357-0982-3