Mapping the Network
You know how to lay cable and troubleshoot technical angles, but for this exam, be prepared to be tested on designing and implementing an enterprise network.
This test covers a great deal of information,
and it’s not necessarily all of a technical nature. You
need to have strong planning and technical skills. Having
a project management or consulting background is an excellent
way to get the skills needed for this test. If you don’t
have that background, keep the enterprise in mind. I’m
not talking about the spaceship—I’m talking about a large
network with servers in multiple physical locations. Microsoft
states in the exam skills list that Windows 2000 certification
is designed specifically for people who have experience
designing and implementing enterprise networks. Make sure
you thoroughly understand the concepts behind planning
for large groups of users and their needs.
of Network Infrastructure (70-221)
Rating: “You’ll want a significant
amount of Windows 2000 network design
experience—encompassing both common sense
and nitty-gritty details.”
Designing a Microsoft Windows 2000 Network
Live in July 2000.
Who should take
it? Counts as core requirement
or elective for the MCSE track.
Business analysis plays a large role in this exam. More
than once I was tempted to select an answer that would
upgrade the existing hardware or bandwidth on a network.
But in the real world, we can’t always do that. Make sure
you read your case study well and follow the constraints
that the company in the case study puts forth. Sometimes
we’re required to implement solutions that have to make
the best of a bad situation. Microsoft has taken a “real-life”
perspective in designing this exam. Read carefully!
The second essential skill for the objectives behind
this exam is being able to use your technical knowledge
to implement the network. Make sure you know how to design
name resolution solutions for a company. For example,
if a company has legacy NetBIOS applications, it may be
necessary to use WINS for name resolution. DNS plays a
major role with Win2K, and knowing it inside and out is
essential. Know how to integrate Unix DNS with Win2K DNS.
Don’t assume that all environments are going to be solely
Windows-based. Be able to decide when third-party products
stay and when they go. If applications or services are
dependent on a specific flavor of a product, you have
to be able to integrate it into your design (although
I’m sure at times we wish we didn’t have to!).
DHCP takes on a larger job in Win2K than in NT 4.0. All
DHCP servers running in an Active Directory domain have
to be authorized first, so they can allocate IP addresses
to clients. This prevents rogue servers from being placed
on the network maliciously or by accident. Be able to
account for this fact in your design.
Subnetting is a critical skill for this test as well,
but not in the same way it was for NT 4.0. You have to
be able to interpret subnet charts and diagrams. For example,
you have to know that 192.168.20.64/26 means that your
subnet ID is 192.168.20.64 with a subnet mask of 255.255.255.192
(26 bits for the subnet mask). Also know when supernetting
has taken place on a network.
Tip: Superscopes are used
when there’s more than one logical subnet on a physical
network. Know when to implement these and when a regular
scope will do.
Having routing skills is definitely a plus here. Know
the differences between distance-vector routing (RIP)
and link-state routing (OSPF).
Be able to configure each routing protocol in Routing
and Remote Access Service on Win2K. As a general rule,
smaller networks should use RIP; it’s less difficult to
configure but uses broadcasts to communicate with routing
tables. OSPF is for larger networks that need to have
more fault tolerance, but it can also be more difficult
to install and configure accurately.
Finally, know how to set up Distributed File System (Dfs)
for an enterprise. Be able to decide whether an environment
is a candidate for a stand-alone or an Active Directory-based
Dfs. Stand-alone systems are better for smaller networks
or when a concentrated group is going to be the sole user.
Tip: Don’t rely on charts
for recognizing subnet masks. Spend some time learning
the binary so you can quickly do conversions. Not knowing
will cost precious time on the exam.
Catching Some Waves
Designing a network infrastructure these days requires
a lot of knowledge about establishing connectivity to
the Internet. Users can get pretty cranky when their surfing
(and WAN use) is interrupted by a service outage. Know
about Internet Connection Sharing and Network Address
Translation (NAT) and how to configure each. Internet
Connection Sharing is used for smaller networks and requires
that you use the internal private IP addressing scheme
(169.254.0.0), thus not making it very scalable. NAT is
configured through Routing and Remote Access Service (RRAS)
and maps external address to internal addresses.
And, of course, there’s Microsoft Proxy Server. If you
don’t have any knowledge of this product, I’d strongly
recommend you get some. Know what a proxy server array
is and when it’s used. Be able to choose the appropriate
solution for Internet connectivity for the particular
case you’re given. To determine this, ask yourself a few
questions like, “Do I need security?” and “How many subnets
do I have?” If you can answer those, you can easily choose
which solution best fits the scenario.
Tip: Know what goes on the
inside and outside of a firewall and what ports different
Another necessary skill is the ability to design effective
remote access solutions. There are a significant number
of noteworthy changes in RAS from NT 4.0, like the addition
of a ton of new security protocols. Be able to pick which
protocols should be used for which scenarios. For example,
if you need to have accounting services for your RAS session,
then you probably need the Remote Authentication Dial-In
User Service (RADIUS).
If you have all Win2K clients, you can use MS-CHAPv2,
which is the latest edition of the Microsoft Challenge
Handshake Authentication Protocol. Also know how to configure
Microsoft’s newest form of encryption-based authentication,
IP Security or IPSec for short. Support for two tunneling
protocols, Point-to-Point Tunneling Protocol (PPTP) and
Layer Two Tunneling Protocol (L2TP) is included in Win2K.
You need to be able to decide which of these protocols
needs to be implemented. Some of the things that will
help you decide is knowing whether or not you need an
authenticated tunnel between your two machines or knowing
what your transit protocol is going to be.
Tip: Always choose the least
common denominator so you don’t lock specific clients
out of a network. Be sure you know what clients support
what authentication methods.
|You can find the checklist
for this exam at Microsoft’s Training
& Services Web site at www.microsoft.com/trainingandservices/exams/
Also, be sure to
follow the link to download a sample
case study-based demonstration file.
It provides an excellent way to familiarize
yourself with the format of the exam.
Also quite useful:
Microsoft Windows 2000 Server Resource
Kit and Microsoft Windows 2000
Professional Resource Kit.
A Drink from the Fire Hydrant
With the wide breadth of the technologies encompassed
in a Win2K network, it’s nearly impossible to try to learn
them all in a short period of time. Doing so would be
like trying to take a drink from a fire hydrant! I recommend
setting up a test network at work or home and installing
these things multiple times. In fact, I’d recommend using
three or more well-outfitted machines to get a good network
going. And that’s just an “entry-level” network, certainly
not an enterprise environment. So, as always, the best
way to hone your skills is to get some real-world experience.
Without it, don’t expect to pass this test. Microsoft
has seen to that. Good luck!