Exam Reviews

Mapping the Network

You know how to lay cable and troubleshoot technical angles, but for this exam, be prepared to be tested on designing and implementing an enterprise network.

• By Chris Golubski
• 08/01/2000

This test covers a great deal of information, and it’s not necessarily all of a technical nature. You need to have strong planning and technical skills. Having a project management or consulting background is an excellent way to get the skills needed for this test. If you don’t have that background, keep the enterprise in mind. I’m not talking about the spaceship—I’m talking about a large network with servers in multiple physical locations. Microsoft states in the exam skills list that Windows 2000 certification is designed specifically for people who have experience designing and implementing enterprise networks. Make sure you thoroughly understand the concepts behind planning for large groups of users and their needs.

Business analysis plays a large role in this exam. More than once I was tempted to select an answer that would upgrade the existing hardware or bandwidth on a network. But in the real world, we can’t always do that. Make sure you read your case study well and follow the constraints that the company in the case study puts forth. Sometimes we’re required to implement solutions that have to make the best of a bad situation. Microsoft has taken a “real-life” perspective in designing this exam. Read carefully!

Networking Nightmares

The second essential skill for the objectives behind this exam is being able to use your technical knowledge to implement the network. Make sure you know how to design name resolution solutions for a company. For example, if a company has legacy NetBIOS applications, it may be necessary to use WINS for name resolution. DNS plays a major role with Win2K, and knowing it inside and out is essential. Know how to integrate Unix DNS with Win2K DNS. Don’t assume that all environments are going to be solely Windows-based. Be able to decide when third-party products stay and when they go. If applications or services are dependent on a specific flavor of a product, you have to be able to integrate it into your design (although I’m sure at times we wish we didn’t have to!).

DHCP takes on a larger job in Win2K than in NT 4.0. All DHCP servers running in an Active Directory domain have to be authorized first, so they can allocate IP addresses to clients. This prevents rogue servers from being placed on the network maliciously or by accident. Be able to account for this fact in your design.

Subnetting is a critical skill for this test as well, but not in the same way it was for NT 4.0. You have to be able to interpret subnet charts and diagrams. For example, you have to know that 192.168.20.64/26 means that your subnet ID is 192.168.20.64 with a subnet mask of 255.255.255.192 (26 bits for the subnet mask). Also know when supernetting has taken place on a network.

Tip: Superscopes are used when there’s more than one logical subnet on a physical network. Know when to implement these and when a regular scope will do.

Having routing skills is definitely a plus here. Know the differences between distance-vector routing (RIP) and link-state routing (OSPF).

Be able to configure each routing protocol in Routing and Remote Access Service on Win2K. As a general rule, smaller networks should use RIP; it’s less difficult to configure but uses broadcasts to communicate with routing tables. OSPF is for larger networks that need to have more fault tolerance, but it can also be more difficult to install and configure accurately.

Finally, know how to set up Distributed File System (Dfs) for an enterprise. Be able to decide whether an environment is a candidate for a stand-alone or an Active Directory-based Dfs. Stand-alone systems are better for smaller networks or when a concentrated group is going to be the sole user.

Tip: Don’t rely on charts for recognizing subnet masks. Spend some time learning the binary so you can quickly do conversions. Not knowing will cost precious time on the exam.

Catching Some Waves

Designing a network infrastructure these days requires a lot of knowledge about establishing connectivity to the Internet. Users can get pretty cranky when their surfing (and WAN use) is interrupted by a service outage. Know about Internet Connection Sharing and Network Address Translation (NAT) and how to configure each. Internet Connection Sharing is used for smaller networks and requires that you use the internal private IP addressing scheme (169.254.0.0), thus not making it very scalable. NAT is configured through Routing and Remote Access Service (RRAS) and maps external address to internal addresses.

And, of course, there’s Microsoft Proxy Server. If you don’t have any knowledge of this product, I’d strongly recommend you get some. Know what a proxy server array is and when it’s used. Be able to choose the appropriate solution for Internet connectivity for the particular case you’re given. To determine this, ask yourself a few questions like, “Do I need security?” and “How many subnets do I have?” If you can answer those, you can easily choose which solution best fits the scenario.

Tip: Know what goes on the inside and outside of a firewall and what ports different services use.

WAN Woes

Another necessary skill is the ability to design effective remote access solutions. There are a significant number of noteworthy changes in RAS from NT 4.0, like the addition of a ton of new security protocols. Be able to pick which protocols should be used for which scenarios. For example, if you need to have accounting services for your RAS session, then you probably need the Remote Authentication Dial-In User Service (RADIUS).

If you have all Win2K clients, you can use MS-CHAPv2, which is the latest edition of the Microsoft Challenge Handshake Authentication Protocol. Also know how to configure Microsoft’s newest form of encryption-based authentication, IP Security or IPSec for short. Support for two tunneling protocols, Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling Protocol (L2TP) is included in Win2K. You need to be able to decide which of these protocols needs to be implemented. Some of the things that will help you decide is knowing whether or not you need an authenticated tunnel between your two machines or knowing what your transit protocol is going to be.

Tip: Always choose the least common denominator so you don’t lock specific clients out of a network. Be sure you know what clients support what authentication methods.

A Drink from the Fire Hydrant

With the wide breadth of the technologies encompassed in a Win2K network, it’s nearly impossible to try to learn them all in a short period of time. Doing so would be like trying to take a drink from a fire hydrant! I recommend setting up a test network at work or home and installing these things multiple times. In fact, I’d recommend using three or more well-outfitted machines to get a good network going. And that’s just an “entry-level” network, certainly not an enterprise environment. So, as always, the best way to hone your skills is to get some real-world experience. Without it, don’t expect to pass this test. Microsoft has seen to that. Good luck!