Exam Reviews

Web Workout

Microsoft throws down the gaunlet with this exam, which tests your expertise in Active Directory, IIS, clustering and BackOffice—and that’s just the beginning.

• By Chris Golubski
• 12/01/2001

In the last year or so, Microsoft has definitely raised the bar for its certifications. Not only are the exams more difficult, but we’ve now been introduced to case-study-based questions that probe our brains and make us solve complex, critical-thinking problems. This exam is no exception. While the fact that this is a case-study-based test alone doesn’t make it difficult, the tasks you’re asked to perform within the case studies are certainly very challenging.

The Designing Web Solutions exam requires a strong understanding of enterprise environments running Windows 2000 technologies, such as Active Directory, Routing and Remote Access Service, Terminal Services, IIS 5.0, clustering, Certificate Services and Component Services. That just scratches the surface of what you need to know. I don’t think I would have been able to pass this exam without being an MCSD and having developed a good number of large applications. My development knowledge helped me immensely when the test started asking about n-tier applications and registering components.

Beefing Up on the Basics
To have a chance at passing this exam, you need to know the basics—inside and out. First, you need to be deeply familiar with Win2K Server and know how to design AD forests and domains. For instance, know how to assess whether your client needs to be part of your corporate network or whether it needs its own network, separate from yours.

Understanding the difference between security mechanisms in IIS 5.0 helps, too. Anonymous access uses the IUSR_ account and doesn’t require the user to enter credentials when prompted unless the IUSR account doesn’t have NTFS permissions on the file requested. Basic authentication requires a user name and password, but it’s insecure because it transmits the information in clear text. Integrated Windows authentication uses the information from the user’s Windows login.

Review monitoring and optimization tools like System Monitor, which is great for watching processor, memory and disk use. If you’re familiar with Systems Management Server or Application Center Server, you probably have experience with Health Monitor, which watches for failures on specific services and can take appropriate action based on the failure. Make sure you understand which monitoring service handles what.

Of course, what would a Win2K network be without DNS servers and DHCP servers? Make sure you understand how to set up DHCP to work with internal clients, while keeping servers and external clients static. Also know how to isolate your AD DNS infrastructure from your external Web DNS zones.

Tip: Study up on the little facts, such as how much memory and how many processors are supported by each of the versions of the Win2K operating system. Also understand how many nodes a cluster can support for both Windows clustering and Network Load Balancing. (Don’t forget Datacenter Server!)

Clustering Craziness
If you think clustering is what happens on the highway in rush hour, you need to pay special attention to this part!.Simply put, if you don’t know clustering technologies well, you’re going to see a red bar when you click the “Score” button. In fact, if you intend to take this elective for your MCSE, I’d also recommend taking 70-223, Implementing and Administering Clustering Services by Using Windows 2000 Advanced Server Technologies. [See Chris’ article, “Clustering Competence,” in the January 2001 issue for a review of this exam.—Ed.]

You should know how to install a Win2K Advanced Server cluster and a Datacenter Server cluster and be familiar with the terminology that goes along with it—such as the quorum device, which is the shared SCSI drive between the two (or four) clusters that houses the log file for the cluster. Understanding the hardware behind clustering is also imperative, like knowing what a shared SCSI bus is. Having experience with Fibre Channel devices is also a plus. If you’re not familiar with it, Fibre Channel allows hard drives to be connected to a special hub with fiber-optic cables. Those cables then plug into a Fibre Channel card inside each server. Fibre Channel lends the advantage of being able to lose a server and not worry about a SCSI bus being terminated, not to mention higher transmission speeds.

Understanding the difference between active/active clusters and active/passive clusters is key, as well. Know when to implement these solutions and what the benefits and detriments are of each. Make sure you understand the limitations of Win2K clustering and what’s best done by a hardware clustering solution. Failover and failback are also important concepts. Failover occurs when a failure occurs on the primary node of a cluster and transfers the service to a secondary node to continue service. Failback is the process by which control is given back to the primary node. Understand how to configure failover and failback policies for optimal cluster performance.

In Win2K Advanced Server and Datacenter Server, there’s also the ability to do network load balancing (NLB). With NLB, you assign multiple physical machines to a single virtual IP address. This virtual IP address is what the DNS name resolves to, and it distributes the load among the number of nodes in the cluster. This is great for Web farms and applications that require distribution of network traffic.

NLB is fairly easy to configure, but understanding some of the concepts behind it can be frightening. For instance, to effectively implement NLB, you must understand the concept of affinity. Affinity deals with multiple connections needed from a single client to a Web application. For example, if you have a Web application that authenticates users before they do searches on a database and they’re transparently routed to multiple servers through NLB, how will each server know about the successful authentication of each client in the previous request? Affinity has three settings: None, Single and Class C. Briefly, None means that NLB can route any recurring request from a client to any server in the cluster. Single means that NLB must route a request from an IP address to the same Web server until the session terminates. Finally, Class C ensures NLB must route all requests from a Class C subnet to the same host.

Tip: Class C affinity is best used when clients on the same subnet may access the Internet through multiple proxy servers.

BackOffice Bombshells
Knowing BackOffice server products is vital, as well. For instance, have you ever deployed Application Center Server 2000? Know how to create projects for deployment to production, as well as staging environments and how to roll back to the original project version if something goes awry. Understanding the process of deploying to a cluster is absolutely essential. Not only are you expected to understand the process, but you’re also expected to be able to suggest the best possible way to design the process.

It’s also important to understand how Exchange 2000 works. You should have a good concept of how to enable and manage secure e-mail and the different types of Internet clients, such as IMAP4, POP3 and Outlook Web Access. Be able to spot which method of access will work best in the given scenario. For instance, if you have thousands of clients that need to access e-mail securely with as little impact on performance as possible, you’re probably going to want to use Outlook Web Access over SSL rather than using a VPN and connecting with Outlook.

BizTalk Server, one of the new servers introduced in Microsoft’s .NET strategy, deals with document and data transfer between businesses or external entities. Let’s say you have two companies that do business with each other. Each business has internal documentation files for purchase orders and requisitions. The documents do similar things for each company, but they have different structures. BizTalk Server allows a developer to “map” elements of a document to those in the other so they can be seamlessly transferred to each business and used by internal systems without having to do costly manual conversions. BizTalk Server does this translation through XML files, so it helps to understand what XML is and how it works. Know the role BizTalk Server plays in an enterprise application and how it should be implemented to be highly available.

It’s also critical to understand how to implement Application Center Server 2000 in an enterprise. Application Center 2000 is a tool that helps deploy and manage large applications that may be clustered or load balanced. Know how to create applications and deploy them. If you’re familiar with Site Server 3.0, you may remember Content Deployment Services (CDS) and its uses. CDS (formerly called Content Replication Services) is optimized for deploying applications across a WAN. Become familiar with CDS and the other application deployment and synchronization features included in Application Center Server 2000.

Finally, don’t forget about SQL Server and Component Services. Know how to configure databases for optimal performance. Also be sure you understand how to install and configure components in Component Services. Components are the building blocks for applications. They allow developers to write code that can be separated from their Web applications, thus allowing better performance. In large environments, Application Center Server 2000 can be used to create component load balancing (CLB) clusters to distribute the load among multiple component servers (much like NLB distributes traffic among multiple Web servers).

Tip: Make sure you brush up on different Exchange protocols and technologies, including POP3, SMTP, IMAP4 and S/MIME.

Performance Pitfalls
Even if you lay out flawless and redundant deployment plans, design a highly efficient database, and write great code, you’ll have serious issues if you don’t address capacity planning in all areas of your application. Make sure you can address the areas of your application that will require the greatest resources. Usually in enterprise applications, network bandwidth may be an issue—especially your connection to the Internet. Put on your systems engineer cap to explain what benefits switches, routers and storage area networks give you.

You should be able to calculate how much data can be transferred across an Internet connection of a given bandwidth. You should also be able to perform projections of what your client will need in the future. Sound difficult? Read the case study problems carefully to understand where the sample companies are going.

Your greatest weapon is to understand what will slow down an application. In general, the things that are most resource-intensive relate to encryption, transferring large amounts of data, and things that require a very significant amount of disk I/O. Always be on the lookout for potential problem spots that can arise.

Tip: Know the difference between scaling up, which is adding a processor or memory, and scaling out, which is adding additional servers.

Know Your Stuff
No bones about it—this exam is tough. You need to know your stuff inside and out. Although you don’t have to be an expert developer with a significant amount of enterprise-level experience, be sure to get a good overview of Component Services and COM. With this exam, Microsoft is showing us that developers need to be network engineers and vice versa.

I’m not trying to scare you into not taking this exam, but I want to make certain you have the appropriate background and that you give yourself enough study time to master the concepts. May you rise to the challenge. Good luck!