- Installing and Configuring Active Directory
- Installing, Configuring, Managing, Monitoring, and Troubleshooting DNS for Active Directory
- Configuring, Managing, Monitoring, Optimizing, and Troubleshooting Change and Configuration Management
- Managing, Monitoring, and Optimizing the Components of Active Directory
- Configuring, Managing, Monitoring, and Troubleshooting Security in a Directory Services Infrastructure
- Passing the exam
- Exam Resources
Configuring, Managing, Monitoring, and Troubleshooting Security in a Directory Services Infrastructure
Once again, Group Policy knowledge will be needed. I can't stress enough that if you are not familiar with creating GPOs, you need to get involved with Group Policies today. An advanced understanding of GPOs is required to pass this exam.
The area of Group Policies relevant to this exam objective is Security Policies. You'll need experience in using Security Templates and the handy Security Configuration and Analysis tool. These two work together to test current security and to apply security templates. Spend an afternoon tweaking different elements within a Security Policy and testing their changes.
You'll need to know the order of Group Policy implementation; just remember SDOU: Site, Domain, and Organizational Unit. Don't forget that settings in Domain policies will override policies settings in the local computer's GPO.
Auditing is where you prove and track your security implementations. You'll need to know how to establish auditing through a policy, and how to read the results of your auditing for success and failures. Recall that the result of auditing is found in Event Viewer's security log.
Study Hint: Familiarize yourself with secedit.exe. It's the command-line Security Configuration and Analysis tool.