Need help? Contact sales@xtremelabs.io

+01-202-555-0181

Tags: Courseware , Windows Server

WS001WV - Windows Server Essentials Courseware

  • Brand: Waypoint Ventures, LLC
  • Availability: In Stock

$172.00

A unique concatenation of Windows Server topics examines the services and features of Microsoft Windows Server from 2012 to 2022. This course is designed to help learners evolve from on-premises novice to successful intermediate administrator. Students will learn about Windows Server installation as well as storage and compute services, and understand...

Add Digital Hands On Labs

A unique concatenation of Windows Server topics examines the services and features of Microsoft Windows Server from 2012 to 2022. This course is designed to help learners evolve from on-premises novice to successful intermediate administrator. Students will learn about Windows Server installation as well as storage and compute services, and understand the scenarios, requirements, and storage and compute options that are available and applicable to Windows Server. Then, they’ll tackle more core and advanced features required to administrate networks and infrastructure, including IP, DHCP, and DNS protocols and remote access.

Additionally, this course examines how to deploy other Active Directory server roles, such as Active Directory Federation Services (AD FS) and Active Directory Certificate Services (AD CS), and how to connect Active Directory Domain Services (AD DS) with Microsoft Entra ID.

There are instructor slides available to instructors upon request.

Audience profile

This course is intended for learners who have some experience working with Windows Server, and who are looking for a singular course that covers Windows Server from installation, storage, and compute technologies to more sophisticated server features. Attendees of this course typically are learners who have some knowledge about, and experience with, Windows Server identity services, and who want to gain additional insight about Windows Server identity and access technologies.

Why choose this course?

  • Meticulous content relevance, tailored to Windows Server 2022.
  • Content on obsolete technology has been removed.
  • Offers an array of demonstrations that bolster the learning material.
  • Expert instructional design ensures a superior learning experience.
  • Labs are developed by Waypoint in parallel with courseware, so they are 100% aligned.

    At Course Completion

    • Describe how to configure Windows Server and IPv4 connectivity.
    • Install and configure Windows Server.
    • Differentiate between partition options and configure storage for Windows Server.
    • Configure file permissions, sharing, and auditing in Windows Server.
    • Install and configure Hyper-V.
    • Deploy, manage, and troubleshoot DHCP.
    • Deploy DNS servers and configure advanced DNS settings.
    • Implement WAP and VPN in Windows Server.
    • Deploy and administer AD DS in Windows Server.
    • Manage AD DS objects.
    • Configure AD DS infrastructure.
    • Implement AD DS sites and replication.
    • Secure DCs and the AD DS environment.
    • Monitor AD DS, manage the Active Directory database, and recover AD DS objects.
    • Implement and administer Group Policy and troubleshooting GPO application.
    • Use Group Policy to manage user settings.
    • Deploy, administer, and troubleshoot CAs.
    • Deploy, manage, and recover certificates.

    Course Details

    Course Duration: 5 Days

    Module 1 Introducing Windows Server

    Windows Server has been around in one form or another for three decades while constantly evolving and improving. Windows Server 2022 is the latest version of Microsoft’s Windows Server operating system (OS). In this module, you’ll learn about some of the fundamental administrative and configuration tasks for Windows Server. You’ll also learn about the available Windows Server administration and configuration tools, and how to configure network settings in Windows Server.

    Lesson 1 Configuring Windows Server

    • Configuring and customizing the desktop, taskbar, notification settings, and Start menu
    • Using the Settings app
    • Using Control Panel
    • Using Server Manager
    • Using Computer Management
    • Introducing Windows PowerShell

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Configure Windows Server using available graphical tools.
    • Use command-line tools to perform Windows Server administration and configuration.

    Lesson 2 Networking with Windows Server

    • Exploring IPv4 and IPv6 Protocols
    • Using the default gateway
    • Understanding name resolution
    • Configuring IP settings, including name resolution settings

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand IPv4 and IPv6 settings.
    • Configure network settings in Windows Server.

    Lab Configuring Windows Server settings and IPv4 connectivity

    • Exercise 1: Configuring Windows Server settings
    • Exercise 2: Configuring network connectivity

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Configure Windows Server settings.
    • Configure network connectivity.

    Module 2 Windows Server installation and initial configuration

    In this module, you’ll learn about the different editions of Windows Server 2022, how to install and configure Windows Server 2022, and how to manage servers remotely.

    Lesson 1 Selecting a suitable Windows Server edition

    • Editions of Windows Server 2022
    • What is Windows Server Core?

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Choose between different editions of Windows Server 2022.
    • Choose whether to install Server Core or Windows Server 2002 with Desktop Experience.

    Lesson 2 Hardware requirements for Windows Server

    By completing this lesson, you’ll achieve the knowledge and skills to understand the minimum hardware requirements for installing Windows Server 2022.

    Lesson 3 Overview of installation options

    • Post-installation configuration settings

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe different methods of installing Windows Server 2022.
    • Understand the installation options.
    • Understand post-installation configuration.

    Lesson 4 In-place upgrade vs. server migration

    • In-place upgrade scenarios
    • What is migration?

    By completing this lesson, you’ll achieve the knowledge and skills to explain the crucial differences between upgrades and migration.

    Lesson 5 Windows Server licensing and activation

    • Manual activation
    • Automatic activation

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand Windows licensing.
    • Understand the difference between manual and automatic activation.
    • Configure the activation key on a server manually.

    Lesson 6 Windows Server updates and licensing channels

    • Updates
    • Windows Server Servicing channels

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand Windows updates.
    • Understand licensing channels.

    Lesson 7 Windows Server 2022 management tools

    • Overview of the least-privilege administration concept
    • User Account control
    • What is Windows Admin Center?
    • Server Manager overview

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Explain the principle of least privilege.
    • Explain User Account control.
    • Install and use the Windows Admin Center.
    • Use Server Manager.
    • Use SConfig to configure Server Core.

    Lesson 8 Managing Windows servers remotely

    • Remote Desktop
    • Microsoft Management Console
    • Server Manager
    • Command-line tools

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand various methods of managing a Windows Server 2022 server remotely.
    • Choose between graphical and command line methods for remote management.
    • Understand the requirements to enable remote management.

    Lab Deploy and configure Windows Server Core

    • Exercise 1: Deploy and configure Server Core
    • Exercise 2: Implement and use remote server administration

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Deploy and configure Server Core.
    • Implement and use remote server administration.

    Module 3 Configuring drives and storage for Windows Server

    This module introduces the basics about disks that you can use for storage and the types of volumes you can create on a disk. It also covers the distinct types of file systems supported by Windows Server 2022, and how to provide faster and more fault-tolerant storage by utilizing Redundant Array of Independent Disks (RAID).

    Lesson 1 Understanding and choosing partition options

    • What are partitions?
    • MBR
    • GPT

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand disk partitioning.
    • Recognize the difference between master boot record (MBR) and globally unique identifier (GUID) partition table (GPT) disks.
    • Understand the difference between primary and extended partitions.

    Lesson 2 Selecting a disk type

    • Choosing between basic and dynamic disks
    • Physical disk types

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand the differences between basic and dynamic disks.
    • Understand the differences between different physical disk types.

    Lesson 3 Selecting a file system

    • File systems supported by Windows Server 2022
    • Allocation unit size

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand options for Windows OS files systems.
    • Choose an allocation unit size for volumes and partitions.

    Lesson 4 Using virtual hard-disk files

    • What is a VHD file?
    • Types of VHD files
    • How to use a VHD file

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand what a virtual disk is.
    • Explain the various uses for virtual disks.
    • Understand the benefits of using virtual disks.

    Lesson 5 Disk volumes

    • System and boot volumes

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Explain the different types of volumes you can create.
    • Understand the role of the system and boot volumes.

    Lesson 6 Options for managing volumes

    • Server Manager
    • Disk Management console
    • Diskpart.exe
    • Demonstration: Managing volumes

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand what tools are available for managing volumes and disks.
    • Use Server Manager.
    • Use the Disk Management console.
    • Use Diskpart.exe.

    Lesson 7 Extending and shrinking volumes

    • Extending volumes
    • Shrinking volumes

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Extend volumes.
    • Explain file system prerequisites for extending volumes.
    • Understand and create spanned volumes.
    • Shrink volumes.

    Lesson 8 What is RAID?

    • RAID levels
    • Creating RAID volumes

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Explain the purpose of RAID.
    • Describe the difference between hardware and software RAID.
    • Understand RAID levels 0, 1, and 5.
    • Create RAID volumes.

    Lab Managing disks and volumes in Windows Server

    • Exercise 1: Create and manage volumes
    • Exercise 2: Resizing volumes
    • Exercise 3: Managing VHDs

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Create and manage volumes.
    • Resize volumes.
    • Manage VHDs.

    Module 4 Configuring file permissions, sharing, and auditing

    The ability to control permissions to stored files is critical to data security. File permissions control who can access files and what type of access they have. This module introduces file permissions, and explains how to configure share and file permissions and file and folder auditing.

    Lesson 1 Configuring file and folder permissions

    • Permissions example
    • File permission types
    • Basic file permissions
    • Conditions to limit file access

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand file and folder permissions.
    • Implement conditions to limit file access.

    Lesson 2 Overview of permission inheritance

    • Inheritance for all objects
    • Preventing inheritance
    • Forcing permission inheritance
    • Effects of copying files and folders
    • Effects of moving files and folders

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe object inheritance and prevent inheritance.
    • Force inheritance.
    • Explain the effects of copying or moving files and folders.

    Lesson 3 What is effective access?

    • Effective Access feature

    By completing this lesson, you’ll achieve the knowledge and skills to explain and use the Effective Access feature.

    Lesson 4 What is SMB protocol?

    • SMB protocol features
    • SMB versions

    By completing this lesson, you’ll achieve the knowledge and skills to describe the features of SMB and its versions.

    Lesson 5 Configuring SMB shares

    • SMB share profiles
    • SMB share properties
    • SMB share permissions
    • Configuring SMB shares by using PowerShell

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe SME share properties, profiles, and permissions.
    • Configure SMB shares.

    Lesson 6 Comparing file and share permissions

    • Combining file and share permissions

    By completing this lesson, you’ll achieve the knowledge and skills to compare and combine file and share permissions.

    Lesson 7 NFS sharing overview

    • NFS sharing usage scenarios
    • Configuring NFS shares

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe various NFS sharing usage scenarios.
    • Configure NFS shares.

    Lesson 8 Configuring file and folder auditing

    • Considerations for configuring auditing
    • Reviewing audited events in the Security Log

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe considerations for auditing configuration.
    • Review audited events.

    Lesson 9 Configuring printer sharing

    • Printer sharing benefits
    • Sharing a printer
    • Managing printers in larger environments

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe how to share a printer and the benefits of printer sharing.
    • Manage printers.

    Lesson 10 Best practices for configuring permissions and sharing

    By completing this lesson, you’ll achieve the knowledge and skills to implement best practices for permission and sharing configuration.

    Lab Configuring sharing and permissions in Windows Server

    • Exercise 1: Create the folder structure
    • Exercise 2: Create and validate permissions

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Create the folder structure.
    • Create and validate permissions.

    Module 5 Hyper-V overview

    This module describes how to implement Hyper-V and how to use it to provision, configure, and manage virtual machines (VMs).

    Lesson 1 What is Hyper-V?

    • What is a VM?
    • Supported host and guest operating systems for Hyper-V

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand what a VM is.
    • Understand which host and guest operating systems Hyper-V supports.

    Lesson 2 Prerequisites and requirements for installing Hyper-V

    • Demonstration: Installing the Hyper-V role
    • Nested virtualization

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand the hardware requirements for installing Hyper-V.
    • Understand the resource requirements of virtualized workloads.
    • Plan for Hyper-V deployment.
    • Install a Hyper-V role.
    • Understand nested virtualization.

    Lesson 3 Storage options and considerations in Hyper-V

    • VHD formats
    • VHD types
    • Fibre Channel support in Hyper-V

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand VHD formats.
    • Explain the different VHD types and how to choose between them.
    • Understand Fibre Channel support.

    Lesson 4 Options for storing VHDs

    • Storing VMs on SMB 3 shares
    • Demonstration: Managing storage in Hyper-V

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand points to consider when choosing a storage location.
    • Understand how to store VMs on SMB 3 shares.
    • Manage storage in Hyper-V.

    Lesson 5 Hyper-V networking overview and configuration

    • Types of Hyper-V switches
    • Demonstration: Configuring Hyper-V networks
    • Windows Server Hyper-V networking features
    • Best practices for configuring Hyper-V virtual networks

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Explain the types of Hyper-V switches.
    • Configure Hyper-V networks.
    • Understand Hyper-V networking features.
    • Describe best practices for configuring Hyper-V virtual networks.

    Lesson 6 VM configuration versions and generations

    • What are VM configuration versions?
    • VM generations

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand VM configuration versions.
    • Update VMs.
    • Identify VM versions.
    • Understand VM generations.

    Lesson 7 VM settings overview

    • Integration services
    • Smart paging
    • Resource metering
    • Discrete device assignment
    • Hot add memory and network adapter
    • Best practices for configuring VMs

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Manage Hyper-V using integration services.
    • Understand Smart Paging.
    • Track metrics with resource metering.
    • Assign devices.
    • Hot add memory and network adapters.
    • Configure VMs.

    Lesson 8 Creating and managing VMs

    • Demonstration: Creating a VM
    • Managing VM state
    • PowerShell Direct
    • Demonstration: Using PowerShell Direct
    • Exporting and importing VMs
    • Moving VMs

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Create a VM.
    • Manage the state of a VM.
    • Use PowerShell Direct.
    • Export, import, and move VMs.

    Lesson 9 VM checkpoints overview

    • Creating a checkpoint
    • Managing checkpoints
    • Demonstration: Creating checkpoints

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand VM checkpoints.
    • Create and manage checkpoints.

    Lesson 10 How to make Hyper-V highly available

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe high-availability considerations.
    • Understand types of clustering.

    Lab Install and configure Hyper-V

    • Exercise 1: Verifying the installation of the Hyper-V server role
    • Exercise 2: Configuring Hyper-V networks
    • Exercise 3: Creating and configuring virtual machines
    • Exercise 4: Enable nested virtualization

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Install and configure Hyper-V.
    • Create and configure virtual machines.
    • Enable nested virtualization.

    Module 6 Implementing and managing DHCP in Windows Server

    This module describes the DHCP server role and how you can install and configure it. You’ll also learn about DHCP failover and troubleshooting DHCP.

    Lesson 1 What is DHCP?

    • Benefits of DHCP
    • How does DHCP work?
    • How are addresses leased?
    • What is DHCP renewal?

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • The benefits of DHCP compared to manually configuring TCP/IP settings.
    • How DHCP allocates addresses.
    • How a device leases TCP/IP settings.
    • How a DHCP lease renewal works.

    Lesson 2 Deploying DHCP

    • Installing DHCP
    • Authorizing DHCP
    • Performing post-installation configuration
    • Allocating IPv4 addresses
    • Managing options
    • Demonstration: Configuring a DHCP server
    • What’s a DHCP relay agent?

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Install and configure the DHCP server role.
    • Perform post-installation configuration to authorize the DHCP server.
    • Create scopes to allocate and manage IPv4 addresses.
    • Configure and use DHCP options.
    • Implement a DHCP relay agent.

    Lesson 3 Managing DHCP high availability

    • High availability and failover options for DHCP
    • How DHCP failover works
    • Demonstration: Configuring DHCP failover

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand the different options for providing DHCP high availability.
    • Implement DHCP split scope.
    • Implement DHCP failover.

    Lesson 4 Managing and troubleshooting DHCP

    • Configuring DHCP security options
    • Configuring advanced DHCP configuration options
    • Configuring superscopes and multicast scopes
    • Maintaining the DHCP database
    • Troubleshooting DHCP

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Configure DHCP security options.
    • Configure advanced DHCP options, including classes and DHCP policies.
    • Create superscopes and multicast scopes.
    • Maintain the DHCP database.
    • Troubleshoot DHCP.

    Lab Implement DHCP

    • Exercise 1: Plan a DHCP server implementation
    • Exercise 2: Implement the DHCP configuration
    • Exercise 3: Implement DHCP failover
    • Exercise 4: Validate the DHCP implementation

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Plan and implement DHCP configuration and failover.
    • Validate a DHCP implementation.

    Module 7 Implementing and managing DNS in Windows Server

    This module describes the Domain Name System (DNS) service, which is a fundamental name service in the Windows Server environment. You’ll learn how to deploy, configure, and administer DNS servers and zones, and integrate DNS with AD DS.

    Lesson 1 Deploying DNS servers

    • Overview of the DNS name-resolution process
    • DNS components
    • DNS zones and records overview
    • Demonstration: Installing and configuring DNS
    • Configuring DNS clients
    • Managing and maintaining DNS services
    • How to troubleshoot name resolution
    • Demonstration: Troubleshooting name resolution
    • Testing DNS servers

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe the DNS name-resolution process.
    • Describe key DNS components.
    • Understand DNS zones and records.
    • Install and configure the DNS Server role in Windows Server.
    • Explain how to configure a DNS client.
    • Manage and maintain DNS services.
    • Describe how to troubleshoot name resolution.
    • Test DNS servers.

    Lesson 2 Configuring zones in DNS server

    • Creating records in DNS
    • Setting up DNS zones
    • Configuring DNS zone replication

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Explain how to create resource records.
    • Describe how to configure DNS zones.
    • Explain how to configure zone replication.

    Lesson 3 Configuring name resolution between DNS zones

    • DNS caching
    • DNS forwarding
    • DNS stub zones
    • DNS zone delegation

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe DNS caching.
    • Configure forwarders on a DNS server.
    • Describe DNS stub zones.
    • Describe DNS zone delegation.

    Lab A Plan and implement DNS name resolution

    • Exercise 1: Planning DNS name resolution
    • Exercise 2: Implementing DNS servers and zones

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Plan DNS name resolution.
    • Implement DNS servers and zones.

    Lesson 4 Integrate DNS with AD DS

    • AD DS and DNS integration overview
    • How does a client locate a domain controller?
    • Active Directory-integrated zones overview
    • DNS data in AD DS application partitions
    • Overview of the dynamic-update process
    • Demonstration: Configuring AD DS-integrated zones

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe AD DS and DNS integration.
    • Describe the process whereby a client finds a domain controller.
    • Describe Active Directory-integrated zones.
    • Describe DNS data within AD DS application partitions.
    • Explain how dynamic updates occur.
    • Configure AD DS-integrated zones.

    Lab B Integrate DNS with AD DS

    • Exercise 1: Integrate DNS and AD DS

    By completing this lab, you’ll achieve the knowledge and skills to integrate DNS and AD DS.

    Lesson 5 Configuring advanced DNS settings

    • Configuring advanced options for DNS name resolution
    • Configuring DNS root hints
    • GlobalNames zone overview
    • Demonstration: Configuring the GlobalNames zone
    • Splitting DNS overview
    • Implementing split DNS
    • DNS policies
    • Demonstration: Configuring DNS policies
    • Implementing DNS security
    • Implementing DNSSEC
    • Demonstration: Configure DNSSEC

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Advanced DNS name-resolution configuration.
    • Configuration of root hints.
    • Configuration of the GlobalNames zone.
    • Split DNS.
    • Implementation of split DNS.
    • Configuration of DNS policies.
    • Implementation of DNS security.
    • Implementation and configuration of DNS Security Extensions (DNSSEC).

    Lab C Configure advanced DNS settings

    • Exercise 1: Configuring DNS policies
    • Exercise 2: Validating the DNS implementation
    • Exercise 3: Troubleshooting DNS

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Configure DNS policies and validate DNS implementation.
    • Troubleshoot DNS.

    Module 8 Implementing VPN in Windows Server

    Windows Server 2022 includes remote-access technologies that enable users to securely connect from any location to corporate networks and provide users with secure access to corporate data and resources. To enable remote-access technologies in Windows Server 2022, you need to install the Remote Access server role, which includes these components: Routing and Remote Access Service, Web Application Proxy (WAP), and Always On VPN. This module describes these components and how you can implement and troubleshoot them.

    Lesson 1 Overview of remote-access options

    • When is remote access necessary?
    • What options does Windows Server provide?
    • Implementing Network Policy Server
    • Configuring network policies
    • Demonstration: Installing and managing the Remote Access server role
    • Demonstration: Configuring NPS policies
    • Factors to consider when deploying PKI for remote access
    • Configuring routing and NAT

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Explain when remote access is necessary.
    • Describe the remote-access options available in Windows Server.
    • Implement the Network Policy Server (NPS).
    • Configure network policies.
    • Describe factors to consider when deploying a public key infrastructure (PKI) for remote access.
    • Configure routing and network address translation (NAT).

    Lesson 2 Implementing WAP

    • What is WAP?
    • Authentication options
    • Publish apps with WAP
    • What is Microsoft Entra application proxy?
    • Demonstration: Publishing a secure website

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe WAP.
    • Identify authentication options for WAP.
    • Explain how to publish applications with WAP.
    • Describe Microsoft Entra application proxy.

    Lab A Implement a Web Application Proxy

    • Exercise 1: Implement Web Application Proxy
    • Exercise 2: Validate the Web Application Proxy deployment

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Implement Web Application Proxy.
    • Validate the Web Application Proxy deployment.

    Lesson 3 Planning VPNs

    • VPN scenarios
    • Site-to-site VPN
    • Tunneling options
    • Authentication protocols
    • VPN Reconnect and app-triggered VPN
    • Configuring a VPN server
    • Demonstration: Configuring VPN
    • Configuring and deploying VPN profiles
    • Demonstration: Creating a connection profile
    • What is Always On VPN?
    • Implementing Always On VPN

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe the various VPN scenarios.
    • Describe site-to-site VPN.
    • Describe the tunnelling options that a VPN connection uses.
    • Describe the VPN authentication options.
    • Describe the VPN Reconnect and app triggered VPN features.
    • Configure a VPN server.
    • Configure and deploy VPN profiles.
    • Describe Always On VPN.
    • Implement Always On VPN.

    Lab B Implement a VPN

    • Exercise 1: Implement a VPN solution
    • Exercise 2: Validate the VPN deployment
    • Exercise 3: Troubleshoot VPN access

    By completing this lab, you’ll achieve the knowledge and skills to implement, validate, and troubleshoot a VPN solution.

    Module 9 Deploying AD DS in Windows Server

    In this module, you’ll learn how to configure DCs to suit your specific organizational needs and integrate AD DS with Microsoft Entra ID (previously known as Microsoft Azure Active Directory or Azure AD) to provide single sign-on (SSO) for users that access both on-premises and cloudbased apps.

    Lesson 1 Components of AD DS

    • What is an AD DS forest?
    • What is an AD DS domain?
    • What are organizational units (OUs)?
    • What is the AD DS schema?
    • Overview of AD DS administration tools
    • Demonstration: Managing AD DS

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe AD DS forests.
    • Describe AD DS domains.
    • Describe OUs.
    • Describe the AD DS schema.
    • Select appropriate AD DS administration tools.
    • Manage AD DS.

    Lesson 2 AD DS DCs

    • What is a DC?
    • What are global catalog servers?
    • Overview of service (SRV) records
    • Demonstration: Reviewing SRV records in Domain Name System (DNS)
    • How does the AD DS sign-in process work?
    • Overview of operations masters
    • Transferring and seizing roles

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe the DC role.
    • Describe global catalog servers.
    • Describe SRV records.
    • Review SRV records in DNS.
    • Explain how the AD DS sign-in process works.
    • Describe operations masters.
    • Transfer and seize roles.

    Lesson 3 Deploying AD DS DCs

    • Installing a DC from Server Manager
    • Installing a DC on a Server Core
    • Upgrading a DC
    • Installing a DC from media
    • Cloning DCs
    • Best practices for DC virtualization

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Install a DC.
    • Install a DC on a Server Core.
    • Upgrade a DC.
    • Install a DC from media.
    • Clone DCs.
    • Describe best practices for DC virtualization.

    Lesson 4 Microsoft Entra ID overview

    • What is Microsoft Entra ID?
    • How does Entra ID compare with AD DS?
    • Entra ID editions
    • Entra ID administration tools
    • Microsoft Entra Domain Services

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe Microsoft Entra ID.
    • Compare Entra ID with AD DS.
    • Describe available Entra ID editions.
    • Explain the available Entra ID administration tools.
    • Describe Microsoft Entra Domain Services.

    Lesson 5 Managing integration between AD DS and Entra ID

    • Options to integrate authentication with AD DS and Entra ID
    • Overview of Entra Connect
    • Entra Connect configuration options
    • Entra Connect customized synchronization
    • Entra Connect Health
    • Overview of Entra Cloud Sync

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe options to integrate authentication with AD DS and Entra ID.
    • Describe Entra Connect.
    • Describe Entra Connect configuration options.
    • Describe Entra Connect customized synchronization.
    • Describe Entra Connect Health.
    • Describe Entra Cloud Sync.

    Lab Deploying and administering AD DS

    • Exercise 1: Deploying AD DS
    • Exercise 2: Administering AD DS

    By completing this lab, you’ll achieve the knowledge and skills to deploy and administer AD DS.

    Module 10 Managing AD DS objects

    Active Directory is a powerful tool to centrally manage your network. Large organizations might want to distribute management to different teams of administrators. Active Directory enables this by allowing a domain administrator to provide lower-level administrators access to specific objects and containers. This module covers the management of user accounts, groups, and computer objects in AD DS. It also explains how to administer AD DS and implement and manage OUs.

    Lesson 1 Managing user accounts

    • Creating user accounts
    • Demonstration: Managing user accounts
    • Disabling and deleting user accounts
    • Performing bulk operations on Active Directory objects
    • Demonstration: Performing bulk operations in Active Directory Users and Computers
    • User account templates
    • Demonstration: Using templates to create accounts
    • Managing user objects in Entra ID

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Create and manage user accounts.
    • Configure user attributes.
    • Manage inactive and disabled user accounts.
    • Create and manage user profiles.
    • Use graphical tools to perform bulk operations.
    • Manage user objects in Microsoft Entra ID.

    Lesson 2 Managing groups in AD DS

    • Security and distribution groups
    • Group scopes
    • Implementing group management
    • Delegating management of groups in Active Directory
    • Restricted groups
    • Default groups
    • Special identities
    • Demonstration: Managing groups in Windows Server
    • Managing groups in Entra ID
    • Managing licenses and self-service sign-up products

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe group types and scopes.
    • Understand the membership rules of each group scope.
    • Delegate the group management.
    • Understand different methods to administer groups, including Group Policy.
    • Understand default, groups, and restricted groups.

    Lesson 3 Managing computer objects in AD DS

    • The default Computers container
    • Creating an OU structure for managing computer objects
    • Controlling who can create computer objects
    • Joining a computer to a domain
    • Computer accounts and secure channels
    • Offline domain joins

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand the purpose of the Computers container.
    • Configure the location of computer accounts.
    • Control who has permission to create computer accounts.
    • Join a computer to a domain.
    • Join a computer to Entra ID to create a hybrid join.
    • Describe computer accounts and secure channels.
    • Reset the secure channel.
    • Perform an offline domain join.

    Lesson 4 Administering AD DS by using PowerShell

    • Using Windows PowerShell to manage user accounts
    • Using PowerShell for bulk operations
    • Demonstration: Using graphical tools to perform bulk operations
    • Querying objects with Windows PowerShell
    • Using text files for bulk operations
    • Demonstration: Performing bulk operations with Windows PowerShell

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Use PowerShell to manage user accounts.
    • Use PowerShell to manage groups.
    • Use PowerShell to manage computer accounts.
    • Use PowerShell to manage OUs.
    • Describe bulk operations.
    • Use graphical tools to perform bulk operations.
    • Use PowerShell to query objects.
    • Use PowerShell to modify objects.
    • Work with comma-separated value files (CSV files).
    • Use PowerShell to perform bulk operations.

    Lesson 5 Implementing and managing OUs

    • Planning OUs
    • OU planning strategies
    • Delegating administrative control
    • Creating OUs
    • Managing permissions in Active Directory
    • Demonstration: Delegating administrative permissions on an OU

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Plan OUs.
    • Describe OU hierarchy considerations.
    • Describe considerations for using OUs.
    • Explain AD DS permissions.
    • Use OUs to delegate administration.

    Lab Managing objects in AD DS

    • Exercise 1: Creating and managing user accounts by using GUI tools
    • Exercise 2: Creating and managing groups
    • Exercise 3: Managing computer accounts
    • Exercise 4: Using Windows PowerShell to manage AD DS objects
    • Exercise 5: Delegate administration for OUs

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Create and manage user accounts by using GUI tools.
    • Create and manage groups.
    • Manage computer accounts.
    • Use Windows PowerShell to manage AD DS objects
    • Delegate administration for OUs.

    Module 11 Advanced AD DS infrastructure management

    This module describes key technologies that serve as the building blocks of more advanced AD DS environments and provides guidance about implementing and managing such environments.

    Lesson 1 Overview of advanced AD DS deployments

    • Overview of domain and forest boundaries
    • Implementation of multiple domains and forests
    • Deploying a DC in an Azure virtual machine (VM)
    • Managing objects in complex AD DS deployments

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand the role of AD DS domains and forests in establishing security and administration boundaries.
    • Identify scenarios in which having multiple AD DS domains is beneficial or required.
    • Identify scenarios in which having multiple AD DS forests is beneficial or required.
    • Understand considerations applicable to deploying AD DS DCs in Microsoft Azure VMs.
    • Describe considerations applicable to managing users, groups, and computer objects in advanced AD DS deployments.

    Lesson 2 Deploying a distributed AD DS environment

    • AD DS domain and forest-functional levels
    • Deploying new AD DS domains
    • Demonstration: Installing a DC in a new domain in an existing forest
    • Upgrading and migrating AD DS domains
    • Factors to consider when implementing complex AD DS environments

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand AD DS domain-functional levels.
    • Understand AD DS forest-functional levels.
    • Explain how to create a new AD DS domain.
    • Install a DC in a new domain in an existing forest.
    • Explain how to upgrade an AD DS environment.
    • Explain how to migrate between AD DS environments.
    • List factors to consider when implementing complex AD DS environments.

    Lesson 3 Configuring AD DS trusts

    • Overview of AD DS trust types
    • How do trusts work in a forest?
    • How do trusts work between forests?
    • Configuring advanced AD DS trust settings
    • Demonstration: Configuring a forest trust

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand the trust types that you can configure in a multi-domain and multi-forest environment.
    • Explain how trusts work in an AD DS forest.
    • Explain how trusts work between AD DS forests.
    • Describe how to configure advanced trust settings.
    • Configure a forest trust.

    Lab Configuring AD DS infrastructure

    • Exercise 1: Configuring forest trust in AD DS
    • Exercise 2: Managing domain and forest trust relationships in AD DS

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Configure forest trust in AD DS.
    • Manage domain and forest trust relationships in AD DS.

    Module 12 AD DS sites and replication

    In this module, you’ll learn about the technical details of AD DS replication and how you can leverage that knowledge to optimize the design and implementation of AD DS environments that consist of multiple geographically distributed DCs.

    Lesson 1 Overview of AD DS replication

    • What are AD DS partitions?
    • Characteristics of AD DS replication
    • How AD DS replication works within a site
    • Resolve replication conflicts
    • How replication topology is generated
    • How SYSVOL replication works

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe AD DS partitions.
    • Describe characteristics of AD DS replication.
    • Explain how AD DS replication works within a site.
    • Explain how replication conflicts are resolved.
    • Explain how replication topology is generated.
    • Explain how SYSVOL replication works.

    Lesson 2 Configuring AD DS sites

    • What are AD DS sites?
    • Why implement additional sites?
    • Demonstration: Configuring AD DS sites
    • How replication works between sites
    • What is the intersite topology generator (ISTG)?
    • Overview of SRV records
    • How domain-joined computers locate DCs

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe AD DS sites.
    • Explain reasons to implement additional sites.
    • Configure additional AD DS sites.
    • Describe how AD DS replication works between sites.
    • Describe the intersite topology generator.
    • Describe SRV resource records.
    • Describe how domain-joined computers locate DCs.
    • Explain how to move DCs between sites.

    Lesson 3 Configuring and monitoring AD DS replication

    • What are AD DS site links?
    • What is site link bridging?
    • Managing site link replication
    • Demonstration: Configuring AD DS intersite replication
    • Tools for monitoring and managing replication

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe AD DS site links.
    • Explain the concept of site link bridging.
    • Describe how to manage intersite replication.
    • Configure AD DS intersite replication.
    • Describe the tools for monitoring and managing replication.

    Lab Implementing AD DS sites and replication

    • Exercise 1: Creating new AD DS sites
    • Exercise 2: Configuring AD DS site and replication settings

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Create new AD DS sites.
    • Configure AD DS site and replication settings.

    Module 13 Securing AD DS

    AD DS contains sensitive information about many parts of your IT infrastructure, such as users and their passwords. An issue with your AD DS security can result in data loss, data leakage, parts of your IT infrastructure being disabled, or even your entire IT infrastructure being compromised. In this module, you’ll learn how to understand the potential threats to AD DS and how to mitigate them.

    Lesson 1 Securing DCs

    • What security risks can affect DCs?
    • Modifying security settings of DCs
    • Implementing secure authentication
    • Securing physical access to DCs
    • What are RODCs?
    • Deploying an RODC
    • Planning and configuring an RODC password replication policy
    • Demonstration: Configuring a password replication policy
    • Separate RODC local administration

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe the security risks that can affect DCs.
    • Modify DC security settings.
    • Explain how to implement secure authentication.
    • Secure physical access to DCs.
    • Describe RODCs.
    • Deploy an RODC.
    • Plan password replication for RODCs.
    • Configure password replication for RODCs.
    • Explain how to separate RODC local administration.

    Lesson 2 Implementing account security

    • Account security in Windows Server
    • Understanding password policies, account lockout policies, and Kerberos authentication policies
    • Demonstration: Configuring domain account policies
    • Protecting groups in AD DS
    • Fine-grained password and lockout policies
    • Creating and managing Password Settings objects (PSOs)
    • Demonstration: Configuring a fine-grained password policy
    • Enhancing password authentication with Windows Hello
    • Options for securing accounts in Entra ID

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe account security in Windows Server.
    • Explain password policies, account-lockout policies, and Kerberos authentication policies.
    • Configure domain account policies.
    • Explain how to protect groups in AD DS.
    • Describe fine-grained password and lockout policies.
    • Create and manage PSOs.
    • Configure a fine-grained password policy.
    • Describe how to enhance password authentication with Windows Hello and multifactor authentication (MFA) in Microsoft Entra.
    • Explain options for securing accounts in Microsoft Entra ID.

    Lesson 3 Implementing authentication auditing

    • Account logon and logon events
    • Demonstration: Configuring authentication-related audit policies
    • Scoping audit policies
    • Demonstration: Reviewing logon events

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe logon events and account logon events.
    • Configure audit policies for authentication.
    • Explain how to scope audit policies.
    • Review logon events.

    Lesson 4 Configuring managed service accounts

    • Overview of service accounts
    • Challenges of using service accounts
    • Service principal names (SPNs) and Kerberos delegation
    • Overview of managed service accounts
    • What are group managed service accounts (MSAs)?
    • Demonstration: Configuring group MSAs

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Explain why service accounts are required.
    • List the challenges of using service accounts.
    • Describe how MSAs differ from standard user accounts.
    • Explain the purpose and benefits of group MSAs.
    • Configure group MSAs.
    • Explain SPNs and Kerberos delegation.

    Lab Securing AD DS environment

    • Exercise 1: Implementing security policies for accounts, passwords, and administrative groups
    • Exercise 2: Deploying and configuring an RODC

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Implement security policies for accounts, passwords, and administrative groups.
    • Deploy and configure an RODC.

    Module 14 Monitoring, managing, and recovering AD DS

    At the heart of AD DS is the Active Directory database. A major responsibility for administrators is to monitor AD DS and its associated services, which ensures you’re managing issues proactively. In this module, you’ll learn how to monitor AD DS, manage the Active Directory database, and use backup and recovery options for AD DS and other identity and access solutions.

    Lesson 1 Monitoring AD DS

    • Performance bottlenecks
    • Potential hardware bottlenecks
    • Monitoring tools in Windows Server
    • Using Performance Monitor
    • Demonstration: Monitoring AD DS

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Explain performance bottlenecks.
    • Use the monitoring tools available in Windows Server.
    • Understand Performance Monitor, performance objects, and counters.
    • Explain how data collector sets can help you to spot performance trends.
    • Describe the counters available specifically for tracking domain controller performance.

    Lesson 2 Managing the Active Directory database

    • Active Directory database overview
    • Using Ntdsutil.exe to manage the Active Directory database
    • Demonstration: Performing database management
    • Active Directory snapshots

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Identify the files that comprise an Active Directory database.
    • Manage the Active Directory database with Ntdsutil.exe.
    • Understand restartable AD DS.
    • Create and manage Active Directory snapshots.

    Lesson 3 Active Directory backup and recovery solutions

    • Understanding object deletion and recovery
    • Undeleting objects without the recycle bin
    • Enabling the AD Recycle Bin tool
    • Configuring the AD Recycle Bin tool
    • General backup and recovery tools

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Understand what happens to deleted objects in Active Directory.
    • Configure and use the AD Recycle Bin tool.
    • Describe backup options and recovery tools in Windows Server.
    • Perform Active Directory backups and restores.

    Lab Recovering objects in AD DS

    • Exercise 1: Backing up and restoring AD DS
    • Exercise 2: Recovering objects in AD DS

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Back up and restore AD DS.
    • Recover AD DS objects.

    Module 15 Implementing Group Policy

    For organizations operating in an on-premises AD DS environment, Group Policy offers centralized management of both user and computer settings. This enables administrators to configure, enforce, and maintain their organization’s on-premises configuration. In this module, you’ll learn how to implement, administer, and troubleshoot Group Policy. You’ll also learn how to manage Group Policy scope and processing.

    Lesson 1 What is Group Policy?

    • What is configuration management?
    • Selecting a Group Policy management tool
    • What are the benefits of Group Policy?
    • What are GPOs?
    • Managing GPO scope and inheritance
    • What are the Group Policy Client service and client-side extensions?
    • Implementing GPOs in Microsoft Entra Domain Services

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe configuration management with Group Policy.
    • Describe Group Policy tools.
    • Describe the benefits of Group Policy.
    • Describe GPOs.
    • Explain GPO scope and inheritance.
    • Describe the Group Policy Client service and client-side extensions (CSEs).
    • Describe Group Policy in Microsoft Entra Domain Services.

    Lesson 2 Implementing and administering Group Policy

    • Implementing domain-based GPOs
    • Understanding GPO storage and replication
    • What are Starter GPOs?
    • Common GPO management tasks
    • What is Group Policy delegation?
    • Demonstration: Delegating Group Policy administration

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe domain-based GPOs.
    • Describe GPO storage and replication.
    • Describe Starter GPOs.
    • Describe common GPO management tasks.
    • Explain how to delegate administration of Group Policies.
    • Delegate administration of Group Policy.

    Lesson 3 Group Policy scoping and processing

    • Linking GPOs to containers
    • Understanding Group Policy processing, inheritance, and precedence
    • Implementing security filtering and WMI filtering
    • Demonstration: Filtering Group Policy application
    • Enabling and disabling GPOs and GPO nodes
    • Implementing loopback processing
    • Managing slow links and disconnected systems
    • Identifying when settings become effective

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe GPO links.
    • Describe Group Policy processing, inheritance, and precedence.
    • Use security filtering and WMI filtering to modify Group Policy scope.
    • Filter Group Policy application.
    • Enable or disable GPOs and GPO nodes.
    • Describe loopback-policy processing.
    • Describe considerations for slow links and disconnected systems.
    • Identify when settings become effective.

    Lesson 4 Troubleshooting the application of GPOs

    • What is Resultant Set of Policy (RSoP)?
    • Demonstration: Generating RSoP reports
    • Examining Group Policy event logs
    • Detecting issues with the health of GPOs

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe RSoP.
    • Generate RSoP reports.
    • Examine Group Policy event logs.
    • Detect issues with the health of GPOs.

    Lab Implementing Group Policy infrastructure

    • Exercise 1: Creating and configuring GPOs
    • Exercise 2: Managing GPO scope
    • Exercise 3: Verifying GPO application
    • Exercise 4: Troubleshooting GPOs

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Create and configure GPOs.
    • Manage GPO scope.
    • Verify GPO application.
    • Troubleshoot GPOs.

    Module 16 Managing user settings with Group Policy

    You can use GPOs to create a standard desktop for the entire organization or on a departmental basis. You can construct this standard desktop by using features such as administrative templates, Folder Redirection, and Group Policy preferences. In this module, you’ll learn about these features.

    Lesson 1 Implementing administrative templates

    • What are administrative templates?
    • Overview of the central store
    • Demonstration: Configuring settings with administrative templates
    • Importing security templates

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe administrative templates.
    • Describe the central store.
    • Configure settings with administrative templates.
    • Import security templates.

    Lesson 2 Configuring Folder Redirection, software installation, and scripts

    • What is Folder Redirection?
    • Settings for configuring Folder Redirection
    • Security settings for redirected folders
    • Demonstration: Configuring Folder Redirection
    • Managing software with Group Policy
    • Group Policy settings for applying scripts

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe Folder Redirection.
    • Explain the Folder Redirection configuration settings.
    • Explain security requirements for redirected folders.
    • Configure Folder Redirection.
    • Manage application software using Group Policy.
    • Manage scripts using Group Policy.

    Lesson 3 Configuring Group Policy preferences

    • What are Group Policy preferences?
    • Comparing Group Policy preferences with settings
    • Features of Group Policy preferences
    • Item-level targeting options
    • Demonstration: Configuring Group Policy preferences

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe Group Policy preferences.
    • Compare Group Policy preferences with settings.
    • Explain features of Group Policy preferences.
    • Implement item-level targeting.
    • Configure Group Policy preferences.

    Lab Managing user settings with Group Policy

    • Exercise 1: Using administrative templates to manage user settings
    • Exercise 2: Implementing settings by using Group Policy preferences
    • Exercise 3: Configuring Folder Redirection

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Use administrative templates to manage user settings
    • Implement settings by using Group Policy preferences
    • Configure Folder Redirection.

    Module 17 Deploying and managing AD CS

    Public key infrastructure (PKI) is the tools and processes that allow you to issue digital certificates, which are commonly used for authentication and to help secure network communication. You can configurate Windows Server as a CA that issues digital certificates by installing the AD CS role. In this module, you’ll learn how to deploy, administer, troubleshoot, and maintain CAs.

    Lesson 1 Deploying CAs

    • What is AD CS?
    • Options for implementing CA hierarchies
    • Standalone vs. enterprise CAs
    • Factors to consider when deploying a root CA
    • Demonstration: Deploying an enterprise root CA
    • Considerations for deploying a subordinate CA
    • How to install a CA by using the CAPolicy.inf file

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe the AD CS server role.
    • Explain the options for implementing CA hierarchies.
    • Describe the differences between standalone and enterprise CAs.
    • List the factors to consider when deploying a root CA.
    • Deploy an enterprise root CA.
    • Explain the factors that are relevant to deploying a subordinate CA.
    • Deploy a CA by using a CAPolicy.inf file.

    Lesson 2 Administering CAs

    • Managing CAs
    • Configuring CA security
    • Security roles for CA administration
    • Configuring CA policy and exit modules
    • Configuring certification revocation list distribution point (CDP) and authority information access (AIA) Locations
    • Demonstration: Configuring CA properties

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe the tools available for managing CAs.
    • Explain how to configure CA security.
    • Describe the security roles available for CA administration.
    • Configure policy and exit modules.
    • Customize CDP and AIA locations for a CA.
    • Configure the properties of a CA.

    Lesson 3 Troubleshooting and maintaining CAs

    • Monitoring CA operations
    • Troubleshooting CAs
    • Renewing a CA certificate
    • Moving a root CA to another computer

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Monitor CA operations.
    • Describe the process for renewing a CA certificate.
    • Explain how to troubleshoot a CA.
    • Explain how to move a root CA to a new server.

    Lab Deploying and managing AD CS infrastructure

    • Exercise 1: Deploying an offline root CA
    • Exercise 2: Deploying an enterprise subordinate CA

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Deploy an offline root CA.
    • Deploy an enterprise subordinate CA.

    Module 18 Deploying and managing certificates

    Planning a CA hierarchy is just the first part of implementing PKI for your organization. You also need to understand how to manage certificate templates to ensure that users and computers get certificates with the correct configuration. In this module, you’ll learn how to manage certificate templates and certificates, including certificate revocation, and how to use certificates for purposes such as securing network communication.

    Lesson 1 Deploying and managing certificate templates

    • What are certificates and certificate templates?
    • Schema versions for certificate templates
    • Configure certificate-template settings and permissions
    • Options for updating a certificate template
    • Demonstration: Modifying and enabling a certificate template

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe certificate templates.
    • List the certificate template versions in Windows Server.
    • Configure certificate template settings and permissions.
    • Explain the process for updating a certificate template.
    • Modify and enable a certificate template.

    Lesson 2 Managing certificate deployment, revocation, and recovery

    • Certificate enrollment methods
    • Overview of certificate autoenrollment
    • What is an enrollment agent?
    • How does certificate revocation work?
    • Overview of key archival and recovery
    • Configuring automatic key archival
    • Demonstration: Configuring a CA for key archival

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • List certificate enrollment methods.
    • Explain how to implement certificate autoenrollment.
    • Describe the purpose of an enrollment agent.
    • Explain how certificate revocation works.
    • Describe key archival and recovery.
    • Explain how to configure automatic key archival.
    • Configure a CA for key archival.

    Lesson 3 Using certificates in a business environment

    • Using certificates for Transport Layer Security (TLS)
    • Using certificates for digital signatures
    • Demonstration: Signing a document digitally
    • Using certificates for content encryption
    • Demonstration: Encrypting a file with EFS
    • Using certificates for authentication

    By completing this lesson, you’ll achieve the knowledge and skills to:

    • Describe how certificates are used with TLS to help secure network communication.
    • Explain how certificates are used to create digital signatures.
    • Create a digitally signed document.
    • Explain how certificates are used for content encryption.
    • Encrypt a file with Encrypting File System (EFS).
    • Describe how certificates are used for authentication.

    Lab Deploying and using certificates

    • Exercise 1: Configure certificate templates
    • Exercise 2: Enroll and use certificates
    • Exercise 3: Configure and implement key recovery

    By completing this lab, you’ll achieve the knowledge and skills to:

    • Configure certificate templates.
    • Enroll and use certificates.
    • Configure and implement key recovery.

      Prerequisites

      Before attending this course, students must have:
      • A basic understanding of networking fundamentals.
      • An awareness and understanding of security best practices.
      • A basic understanding of virtualization
      • An understanding of basic AD DS concepts.
      • Basic knowledge of server hardware.
      • Experience supporting and configuring Windows client operating systems such as Windows 10 or later.
      Additionally, students would benefit from having some previous Windows Server operating system experience, such as experience as a Windows Server systems administrator.

      Recently Viewed Products