MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure [Electronic resources]: Exam 70-293 Study Guide نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure [Electronic resources]: Exam 70-293 Study Guide - نسخه متنی

Michael Crosset al.

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید






Exam Objectives Fast Track



Planning the Remote Access Strategy




Dial-in access requires a modem or ISDN port for each user and is limited in bandwidth, but provides a secure connection without encryption.



VPN access can use existing Internet connections but risks sending data (although encrypted) over the public Internet.



Wireless remote access uses a wireless access point (WAP) and is usually limited to short ranges.




Addressing Dial-In Access Design Considerations




Dial-in clients negotiate with PPP and are issued an IP address. The RRAS server can obtain addresses from a static pool, a DHCP server, or APIPA.



You need to determine the number of ports you will need and the bandwidth they will use to plan for dial-in access.



Multilink is a system that combines two or more dial-up connections into a single faster connection. It is often used with ISDN.




Addressing VPN Design Considerations




PPTP is supported by Windows 95 and later; L2TP is supported by Windows 2000, Windows XP, and Windows Server 2003 only.



L2TP supports data integrity and sender authentication; PPTP does not.



L2TP requires a public-key infrastructure.



L2TP requires machine certificates for each client and VPN server.




Addressing Wireless Remote Access Design Considerations




Like other connection types, wireless access can be managed using a remote access policy.



A network can support any number of WAPs.



RADIUS authentication requires an IAS server configured with the WAPs as clients, and the WAPs configured for RADIUS authentication.




Planning Remote Access Security




Windows 2000 mixed domains support Windows NT 4.0 domain controllers and limited security features. Windows 2000 Native and Windows Server 2003 domains support all the Active Directory security features. Windows Server 2003 Interim domains support Windows Server 2003 and Windows NT 4.0 domain controllers.



You can raise a domain’s functional level, but you cannot lower it.



MS-CHAP v2 and EAP are considered the most secure authentication methods.



Encryption levels range from no encryption to 168-bit triple DES encryption.




Creating Remote Access Policies




Remote Access Policies determine which users can connect remotely and the connection methods they can use.



Remote Access Profiles provide further restrictions after the connection is established. Each policy contains exactly one profile.



To authorize access by user, use the user’s Dial-in properties.



To authorize access by group, use the condition in a remote access policy.




Creating a Plan to offer Remote Assistance to Client Computers




Remote Assistance is really a tool for end users and you are unlikely to use it for remote server management. You should, however, be aware that Remote Assistance invitations can be sent from a Windows Server 2003 computer, and you should know how to turn off Remote Assistance.



End-users can use Remote Assistance to invite another person to view or take control of their desktops.



You can use Group Policy to enable your support staff to proactively offer Remote Assistance to end users




Planning for Remote Administration by using Terminal Services




Remote Desktop for Administration enables up to two administrators to remotely connect to the server simultaneously, each in his or her own session, to perform administrative tasks.



Remote Assistance enables a user, called the Novice, to request help from someone more knowledgeable, called the Expert. The Expert is able to view and interact with the Novice’s desktop remotely (if permission is granted by the Novice).



Though installed with the operating system, both Remote Desktop for Administration and Remote Assistance must be enabled manually after installation before they can be used.



/ 174