Figure 1.1: Selecting the RSoP Report Mode
Figure 1.2: Specifying the User and Computer Information
Figure 1.3: Advanced Simulation Options
Figure 1.4: Simulating User Security Group Membership
Figure 1.5: Selecting WMI Filters
Figure 1.6: RSoP Summary Screen
Figure 1.7: A Completed RSoP Simulation
Figure 1.8: A Departmental Organizational Chart
Figure 1.9: A Centralized Organizational Structure
Figure 1.10: A Combination of Centralization and Decentralization
Figure 1.11: Assigning Tasks in Microsoft Outlook 2002
Figure 1.12: A Microsoft SharePoint Project Collaboration Web Page
Figure 1.13: Printer Pools and Prioritized Queues
Figure 1.14: Organizational Structure
Figure 1.15: Network Portion
Figure 2.1: The Main Manage Your Server Window
Figure 2.2: Preliminary Steps of the Configure Your Server Wizard
Figure 2.3: Configuring Server Roles
Figure 2.4: Name Resolution Using DNS
Figure 2.5: Installing IIS through the Application Server Dialog Box in the Windows Components Wizard
Figure 2.6: How E-mail Is Transmitted and Retrieved
Figure 2.7: Choosing a CA Type in the Windows Components Wizard
Figure 2.8: Entering CA Identifying Information in the Windows Components Wizard
Figure 2.9: Choosing Certificate Database Settings in the Windows Components Wizard
Figure 2.10: Choose the Application Server Role
Figure 2.11: Select Application Server Options
Figure 2.12: Review the Summary of Selections
Figure 2.13: Raising the Domain Functional Level
Figure 2.14: Attempting to Change a Domain Functional Level After Raising the Functional Level
Figure 2.15: Using Active Directory Domains and Trusts
Figure 2.16: Initial Information Provided by the Security Configuration and Analysis Tool
Figure 2.17: Configured Policies in the Group Policy Object Editor
Figure 2.18: Opening an Existing Database or Creating a New One
Figure 2.19: Importing a Template
Figure 2.20: Entering the Analysis Log File Path
Figure 2.21: Viewing the Results of a Security Analysis
Figure 2.22: Exporting a Template
Figure 2.23: Viewing Group Policy Properties of a Domain
Figure 2.24: Selecting a Group Policy
Figure 2.25: Group Policy Object Editor
Figure 2.26: Viewing Minimum Password Length Properties
Figure 2.27: Choosing Automatic Updates Options
Figure 2.28: Setting Permissions for a Printer
Figure 2.29: The Security Templates console
Figure 2.30: Setting Maximum Password Age Properties
Figure 2.31: Adding a New Security Template
Figure 3.1: Local Area Connection Status
Figure 3.2: Local Area Connection Properties
Figure 3.3: Internet Protocol (TCP/IP) Properties
Figure 3.4: Internet Protocol (TCP/IP) Properties after Manual Configuration
Figure 3.5: Advanced TCP/IP Settings
Figure 3.6: OSI Model versus TCP/IP model
Figure 3.7: TCP/IP Protocol Suite and the TCP/IP Network Model
Figure 3.8: Results of the route print Command
Figure 3.9: IP City
Figure 3.10: Network ID and Host ID
Figure 3.11: Local Area Connection Status
Figure 3.12: Local Area Connection Properties
Figure 3.13: Select Network Component Type
Figure 3.14: Select Network Protocol
Figure 3.15: Local Area Connection Properties with TCP/IP Version 6 Installed
Figure 3.16: Test the IPv6 Configuration
Figure 3.17: IPv6 Pilot Page at Microsoft Research
Figure 3.18: ipconfig Results after Installing IPv6
Figure 3.19: Network Monitor
Figure 3.20: System Monitor
Figure 4.1: Viewing the Routing Table from the Command Prompt
Figure 4.2: IP Routing Table
Figure 4.3: Simple Network Using Static Routing
Figure 4.4: A More Complex Network Using Dynamic Routing
Figure 4.5: Internet Protocol (TCP/IP) Properties
Figure 4.6: The IP Settings Tab of the Advanced TCP/IP Settings
Figure 4.7: Enter the Gateway Address
Figure 4.8: RIP Version 1 Message Format
Figure 4.9: RIP Version 2 Message Format
Figure 4.10: Typical Network Using Convergence
Figure 4.11: The OSPF Packet Header Structure
Figure 4.12: An Internal Router
Figure 4.13: An Area Border Router
Figure 4.14: Type ? at the netsh Command Prompt to View Available Commands
Figure 4.15: Type netsh show helper at the Command Prompt to View Available DLLs
Figure 4.16: The Physical and Data Link Layers
Figure 4.17: This Network Requires Network Layer Addressing
Figure 4.18: Transparent Bridge
Figure 4.19: Translating Bridge
Figure 4.20: Speed-buffering Bridge
Figure 4.21: Segment Switching
Figure 4.22: A Port-switched LAN
Figure 4.23: Routing and Remote Access Welcome
Figure 4.24: Add a Server
Figure 4.25: Click Configure and Enable Routing and Remote Access
Figure 4.26: The RRAS Setup Wizard
Figure 4.27: Choose Custom Configuration
Figure 4.28: Choose the LAN Routing Option
Figure 4.29: Finish the RRAS Setup Wizard
Figure 4.30: Start the Routing and Remote Access Service
Figure 4.31: Routing and Remote Access Window after RRAS Installation
Figure 4.32: Choose Your Interface
Figure 4.33: Add a New Routing Protocol
Figure 4.34: Choose RIP Version 2 for Internet Protocol
Figure 4.35: Choose RIP Properties
Figure 4.36: The General Tab of the RIP Properties
Figure 4.37: The Security Tab of the RIP Properties
Figure 4.38: Add a New Routing Protocol
Figure 4.39: Choose Open Shortest Path First (OSPF)
Figure 4.40: A Perimeter Network or DMZ
Figure 4.41: Choose New Demand-dial Interface
Figure 4.42: Choose an Appropriate Interface Name
Figure 4.43: RRAS Has Already Been Turned On
Figure 4.44: Choose Remote Access
Figure 4.45: Choose the Interface Connected to the Internet
Figure 4.46: Choose Secure Connection between Two Private Networks
Figure 4.47: Set the Logging Level
Figure 5.1: Select NAT from the RRAS Wizard
Figure 5.2: The IP Properties for an RRAS Server
Figure 5.3: NAT Properties
Figure 5.4: The Advanced Internet Provider Properties
Figure 5.5: The Network Services That Internet Users Can Access
Figure 5.6: Service Settings
Figure 5.7: Communications in an Internet-based VPN
Figure 5.8: Completing the Routing and Remote Access Server Setup Wizard
Figure 5.9: Enter a Name for the Demand-Dial Interface
Figure 5.10: Choose Protocols and Security Options
Figure 5.11: Security Properties
Figure 5.12: Add a RADIUS Server
Figure 5.13: The IAS Management Console
Figure 5.14: Authentication Methods
Figure 5.15: Installing CMAK
Figure 5.16: Specify a Service Name and Filename
Figure 5.17: Specify VPN Support
Figure 5.18: Ready to Build the Service Profile
Figure 6.1: Output of the ipconfig /displaydns Command Showing the Contents of the DNS Cache
Figure 6.2: Hierarchical DNS Namespace
Figure 6.3: Zones versus Domains
Figure 6.4: DNS Server Issuing Iterative Queries to Resolve an IP Address on Behalf of a DNS Client
Figure 6.5: An Active Directory Forest with Two Domain Trees
Figure 6.6: Deployment of a Private Root Zone
Figure 6.7: Configuring a Notify List for Zone Transfers
Figure 6.8: Changing Replication Scope for Windows Server 2003 Active Directory-integrated Zones
Figure 6.9: Creating the application directory partition using the DNS console
Figure 6.10: Conditional Forwarding Configured to Send Queries Directly to an Authoritative Server
Figure 6.11: Conditional Forwarding for the corp.tacteam.net Domain
Figure 6.12: Default DHCP Configuration for Dynamic DNS Updates
Figure 6.13: Configuring Credentials for DHCP Updates to Dynamic Zones
Figure 6.14: Aging and Scavenging Settings for a DNS Server
Figure 6.15: Enabling Fast Zone Transfers for BIND Secondaries
Figure 6.16: Split DNS Configuration to Allow Internal Clients to Connect to the Web Server in the DMZ
Figure 6.17: WINS tab for a DNS Forward Zone Showing Advanced Configuration Options
Figure 6.18: The WINS-R Tab for a DNS Reverse Lookup Zone Showing Advanced Configuration Options
Figure 6.19: DNS Client Suffix Search List Configured to Support WINS Referral Zones
Figure 6.20: Configuring a Primary Zone with a List of Secondaries Authorized to Do Zone Transfers
Figure 6.21: Performing Simple and Recursive Queries Using the Monitoring Tab of the DNS Server Properties
Figure 6.22: Debug Logging Properties
Figure 6.23: DNS Performance Counters
Figure 6.24: Enabling Automatic Partner Configuration
Figure 6.25: Push Replication Settings
Figure 6.26: Manually Starting Push Notification
Figure 6.27: Choosing Replication Partnership Type and Push/Pull Settings
Figure 6.28: Ring Replication Model for WINS Servers
Figure 6.29: Hub-and-Spoke Replication Model for WINS Servers
Figure 6.30: Hybrid Replication Model
Figure 6.31: Configuring Static Entries to Be Overwritten
Figure 6.32: Advanced TCP/IP Settings for WINS Client Configuration
Figure 6.33: DHCP Options for WINS Client Configurations
Figure 6.34: Configuring Burst Handling
Figure 6.35: Interval Settings for Registration Renewal, Removal, and Verification
Figure 6.36: Enabling and Scheduling Consistency Checking
Figure 6.37: WINS Backup Configuration
Figure 7.1: Multilink Options
Figure 7.2: Listing the Domain’s Users and Groups
Figure 7.3: Dial-in Properties
Figure 7.4: Certificates MMC Snap-In
Figure 7.5: Certificate Friendly Name and Description
Figure 7.6: Firewall Configurations
Figure 7.7: Access Method
Figure 7.8: Domain Properties
Figure 7.9: Raising the Functional Level
Figure 7.10: Security Properties
Figure 7.11: Authentication Methods
Figure 7.12: Remote Access Policies
Figure 7.13: Policy Configuration Method
Figure 7.14: User or Group Access
Figure 7.15: Access Method
Figure 7.16: Select Groups
Figure 7.17: Policy Properties
Figure 7.18: Select Attribute
Figure 7.19: Time of Day Constraints
Figure 7.20: Restricting by Authentication Method
Figure 7.21: Edit Dial-in Profile
Figure 7.22: Encryption Properties
Figure 7.23: IP Settings
Figure 7.24: Summary of Remote Assistance Invitations
Figure 7.25: The Remote Assistance Settings Dialog Box
Figure 7.26: The “Pick how you want to contact your assistant” Screen in Remote Assistance
Figure 7.27: The Remote Assistance Utility on the Expert’s Computer
Figure 7.28: The Remote Assistance Utility on the Novice’s Computer
Figure 7.29: The “View or change your invitation settings” Screen in Remote Assistance
Figure 7.30: The System Properties Window
Figure 8.1: Starting Disk Defragmenter
Figure 8.2: Starting the Performance Administrative Tool
Figure 8.3: System Monitor, Graphical View with Default Counters
Figure 8.4: System Monitor, Report View with Default Counters
Figure 8.5: Performance Logs and Alerts, Accessed from Computer Management
Figure 8.6: The Sample System Overview Counter Log
Figure 8.7: Properties of the System Overview Sample Log
Figure 8.8: Properties of the System Overview Sample Log, Log Files Tab
Figure 8.9: Configuring Log Files
Figure 8.10: Properties of the System Overview Sample Log, Schedule Tab
Figure 8.11: Selecting the View Log Data Button
Figure 8.12: System Monitor Properties, Source Tab
Figure 8.13: System Monitor, Viewing Log File Data
Figure 8.14: Selecting Counters from Another Computer
Figure 8.15: Viewing a Counter Explanation
Figure 8.16: Empty System Monitor
Figure 8.17: Add Counters
Figure 8.18: Percentage-based Counters in System Monitor
Figure 8.19: All Common Counters in System Monitor
Figure 8.20: Common Nonpercentage Counters
Figure 8.21: The Event Viewer Window
Figure 8.22: Event Viewer, as Viewed from Computer Management
Figure 8.23: Viewing Event Properties
Figure 8.24: Accessing the Properties of an Event Log
Figure 8.25: Filtering Event Log Data
Figure 8.26: Using Find in an Event Log
Figure 8.27: Finding Event Log Data
Figure 8.28: Event Log General Properties
Figure 8.29: Saving a Log File, Selection Menu
Figure 8.30: Saving a Log File
Figure 8.31: Opening an Archived Log File
Figure 8.32: Selecting an Archived Event Log
Figure 8.33: Detailed User Rights, Accessed from Local Security Policy
Figure 8.34: Full (Normal) Backup Pattern
Figure 8.35: Full (Normal) Backup/Incremental Backup Pattern
Figure 8.36: Full (Normal) Backup/Differential Backup Pattern
Figure 8.37: Disabling Volume Shadow Copy for a Backup
Figure 8.38: Configuring the WINS Backup Path
Figure 8.39: The Backup or Restore Wizard
Figure 8.40: The Windows Backup Utility, Advanced Mode
Figure 8.41: Scheduling Backups with the Backup Utility
Figure 8.42: Choosing the Restore Source Media
Figure 8.43: The Restore Options
Figure 8.44: Select Backup Files and Settings
Figure 8.45: Select to Choose What to Back Up
Figure 8.46: Choose Items to Back Up
Figure 8.47: Selecting a Destination for the Backup
Figure 8.48: Choose Advanced to Specify Backup Options
Figure 8.49: Select the Backup Type
Figure 8.50: How to Back Up Options
Figure 8.51: Select Backup Options
Figure 8.52: Specify When to Back Up
Figure 8.53: Schedule a Weekly Backup Job
Figure 8.54: Set Account Information.
Figure 8.55: View Scheduled Backups in Advanced Mode
Figure 8.56: Starting the ASR Wizard
Figure 8.57: The ASR Preparation Wizard, Choose a Destination
Figure 8.58: Creating the ASR Diskette
Figure 8.59: No Floppy Drive Warning
Figure 8.60: ASR Diskette Warning Message
Figure 8.61: Text-Mode ASR Prompt
Figure 8.62: Insert the ASR Diskette Prompt
Figure 8.63: RAID 0
Figure 8.64: RAID 1
Figure 8.65: RAID 1 Duplexing Variation
Figure 8.66: RAID 5
Figure 8.67: RAID 0+1
Figure 9.1: Single Node Server Cluster
Figure 9.2: Single Quorum Device Server Cluster
Figure 9.3: A Majority Node Set Server Cluster
Figure 9.4: Setting the Possible Owners Property
Figure 9.5: N-Node Failover, Initial State
Figure 9.6: N-Node Failover, Failed State
Figure 9.7: Setting the Preferred Owners Property
Figure 9.8: Hot-Standby/N+I Configuration, Initial State
Figure 9.9: Hot Standby/N+I Configuration, Failed State
Figure 9.10: Failover Ring Configuration, Initial State
Figure 9.11: Failover Ring Configuration, Failed State
Figure 9.12: Random Configuration, Initial State
Figure 9.13: Random Configuration, Failed State
Figure 9.14: The Cluster Administrator Window
Figure 9.15: The Open Connection Dialog Box
Figure 9.16: Cluster.exe Command Options
Figure 9.17: Accessing Disk Drive Properties in Device Manager
Figure 9.18: Disabling Write Caching on a Drive through Device Manager
Figure 9.19: Configuring Clustered Disks in Disk Management
Figure 9.20: Enabling the Always On Power Scheme
Figure 9.21: Configuring Interconnect Networks
Figure 9.22: Configuring Public Networks
Figure 9.23: Configuring an Interconnect Interface
Figure 9.24: Setting the Network Priority Property of the Cluster
Figure 9.25: Setting the Proper Binding Order of Interfaces
Figure 9.26: Create a New Cluster Service User Account
Figure 9.27: Assign a Password and Properties to New Cluster Service User Account
Figure 9.28: Open Connection to Cluster
Figure 9.29: The New Server Cluster Wizard’s Welcome Window
Figure 9.30: Specify the Cluster Name and Domain
Figure 9.31: Select the Computer Name
Figure 9.32: Analyzing the Configuration of the Cluster Node
Figure 9.33: Finished Analyzing the Configuration of the Cluster Node
Figure 9.34: Enter the Cluster IP Address
Figure 9.35: Enter the Cluster Service Account Information
Figure 9.36: Review the Proposed Cluster Configuration
Figure 9.37: Select the Quorum Disk
Figure 9.38: Creating the Cluster
Figure 9.39: Completed Cluster Creation
Figure 9.40: The Wizard’s Final Window
Figure 9.41: The Newly Created Cluster
Figure 9.42: Change Network Priorities
Figure 9.43: Combining Network Load Balancing and Server Clustering into a Front-end/Back-end Architecture
Figure 9.44: Starting NLB Manager for the First Time
Figure 9.45: Output of the NLB.exe/? Command
Figure 9.46: Starting an NLB Manager Log
Figure 9.47: Enabling the NLB Manager Log
Figure 9.48: Configuring a Network Adapter with Multiple IP Addresses
Figure 9.49: NLB Dedicated IP Address Configuration
Figure 9.50: Create a New NLB Cluster
Figure 9.51: Configure Cluster Parameters
Figure 9.52: Select Multicast Cluster Operation Mode
Figure 9.53: Select IGMP Multicast with the Cluster Operation Mode
Figure 9.54: IGMP Warning Message
Figure 9.55: Cluster IP Addresses Window
Figure 9.56: The Port Rules Window
Figure 9.57: The Add/Edit Port Rule Dialog Box
Figure 9.58: Connect to an NLB Node
Figure 9.59: DHCP Warning Message
Figure 9.60: Configure Host Parameters
Figure 9.61: The Configured NLB Cluster
Figure 9.62: View NLB Manager Log Entry Details
Figure 9.63: Configured NLB Cluster Details
Figure 9.64: Configured Port Rules on Cluster Node
Figure 10.1: How the SA Process Functions
Figure 10.2: The IPSec Tunnel Mode
Figure 10.3: The Effects of the ESP Header in Tunnel Mode
Figure 10.4: AH Using Transport Mode
Figure 10.5: ESP Used with AH Transport Mode
Figure 10.6: Add the IP Security Policy Management Console to the MMC
Figure 10.7: Select the Computer or Domain to Manage
Figure 10.8: The Newly Created IP Security Policy Management Console
Figure 10.9: The Three Standard IPSec Policies in the IP Security Policy Management Console
Figure 10.10: Creating a Custom IPSec Policy
Figure 10.11: The IP Security Policy Wizard.
Figure 10.12: Enter a IP Security Policy Name
Figure 10.13: Specify How the Policy Will Respond to Secure Communication Requests
Figure 10.14: Select the Default Rule Authentication Method
Figure 10.15: Completing the IP Security Policy Wizard
Figure 10.16: IP Security Policy Properties
Figure 10.17: Edit the IP Security Policy Security Methods
Figure 10.18: Edit the IP Security Policy Authentication Methods
Figure 10.19: Assign the Newly Created IP Security Policy
Figure 11.1: Process between LAN Port Roles
Figure 11.2: Enabling Object Access Auditing
Figure 11.3: Turning on Auditing for Object Access Using the Local Security Settings Console
Figure 11.4: The Secedit Command Syntax
Figure 11.5: Starting MBSA
Figure 11.6: Select a Computer to Scan Using MBSA
Figure 11.7: The MBSA Output Report on a Local Computer
Figure 11.8: A Portion of an MBSA Report Showing the Password Expiration Result
Figure 11.9: Security Issues and How to Correct Vulnerabilities
Figure 11.10: The MBSA Step-by-Step Solution
Figure 11.11: The SUS Welcome Window
Figure 11.12: The Options for Synchronizing the SUS Server
Figure 11.13: Schedule Synchronization for the SUS Server
Figure 11.14: Catalog Download Progress Bar
Figure 11.15: The Synchronization Log
Figure 11.16: Approving SUS Available Updates
Figure 11.17: SUS Approval Confirmation
Figure 11.18: SUS License Agreement
Figure 11.19: Successful Updates Ready for Client Distribution
Figure 11.20: Viewing the SUS Approval Log
Figure 11.21: Setting SUS Options
Figure 11.22: Monitoring Server Updates
Figure 12.1: Public/Private Key Data Exchange
Figure 12.2: Digital Signatures
Figure 12.3: A Windows Server 2003 Certificate
Figure 12.4: Choosing the CA Type
Figure 12.5: Naming the CA
Figure 12.6: Selecting the Certificate Database Location
Figure 12.7: The Certification Authority Snap-In
Figure 12.8: General Tab of the CA Property Sheet
Figure 12.9: Policy Module Tab of the CA Property Sheet
Figure 12.10: Request Handling Tab of the Default Policy Module
Figure 12.11: Exit Module Tab of the CA Property Sheet
Figure 12.12: Publication Settings Tab of the Default Exit Module
Figure 12.13: Auditing Tab of the CA Property Sheet
Figure 12.14: Security Tab of the CA Property Sheet
Figure 12.15: Recovery Agents Tab of the CA Property Sheet
Figure 12.16: Extensions Tab of the CA Property Sheet
Figure 12.17: Certificate Templates Snap-In
Figure 12.18: General Tab of the New Template Property Sheet
Figure 12.19: Request Handling Tab of the New Template Property Sheet
Figure 12.20: Subject Name Tab of the New Template Property Sheet
Figure 12.21: Issuance Requirements Tab of the New Template Property Sheet
Figure 12.22: Superseded Templates Tab of the New Template Property Sheet
Figure 12.23: Extensions Tab of the New Template Property Sheet
Figure 12.24: Security Tab of the New Template Property Sheet
Figure 12.25: Certificates Snap-In
Figure 12.26: Certificate Type Screen of the Certificate Request Wizard
Figure 12.27: Cryptographic Service Provider Screen of the Certificate Request Wizard
Figure 12.28: Certification Authority Screen of the Certificate Request Wizard
Figure 12.29: Welcome Screen of the CA’s Web Site
Figure 12.30: Enable Certificate Templates Window
Figure 12.31: Certificate Templates Snap-In
Figure 12.32: Certificates Snap-In
Figure 12.33: Certificate Request Wizard’s Certificate Types Screen
Figure 12.34: Advanced Certificate Request Screen
Figure 12.35: Smart Card Certificate Enrollment Station Screen
Figure 12.36: Security Tab of the VPN Client’s Properties Sheet
Figure 12.37: Smart Card or Other Certificate Properties Sheet
Figure 1.14: Organizational Structure
Figure 1.15: Network Portion