291 Study Bullet Points

MishraMishra Member Posts: 2,468 ■■■■□□□□□□
Okay I'm reading some material and will post some of their bullet points they list that to help me study and maybe help you in your studies as well.


* If you want a computer to talk to the subnet it is currently in but not talk to any other subnets, don't give it a default gateway

* If you are using RRAS, make sure that the NIC connected to the subnet that does not have the DHCP server is configured as the DHCP Relay Agent

* Don't forget you can use "pathping IP address or DNS address" to trace packets and get reports at each destination.

* MBSA is the Microsoft Baseline Security Analyzer and will scan your computer for security defects.

* Automatic Updates is not installed on a 2003 server by default. You must install the right service packs or the AU client.

* To uninstall a windows update, you need to run spuninst in the windows\$ntuninstall\spuninst
directory.

* You should normally try to use the RunAs command instead of logging into the machine as an administrator. 2 ways you can use runas, hold down shift and right click a program. RunAs should appear. Or you can open a command prompt and type "runas".

* Run the status of computer report in WSUS to see if computers in the domain have all approved updates

* Use the "Automatically download the updates, and install them on the schedule that I specify" option in automatic updates if you have laptop users who shut their laptops off during times.

* If you have a proxy server for internet access, make sure you configure the proxy settings on the WSUS admin page with the correct proxy.

* Run wuauclt /detectnow options to get new updates from a WSUS client

* Use IPSec Monitor to verify users are connecting to your servers with encryption

* Only use the specific languages that you need when synchronizing updates.

* You can't change a subnet mask on a DHCP scope without deleting it. It has to be re-created if you are trying to change the subnet mask.

* Routers have "dhcp helper addresses" which store the IP address or DNS name of your DHCP server and will allow DHCP resolution over broadcast domains. Remember, DHCP talks over broadcasts and a broadcast domain (usually a router) blocks broadcasts from talking between subnets.

* A DHCP reservation is when you want to map an IP address directly to a computer by matching the MAC address of the client computer to the setting you put in the DHCP server. An exclusion only disables the IP address(es) listed from being used by the DHCP server. This is usually used when you have a computer configured with a static IP in the middle of a DHCP range.

* You do not have to include the dashes in the MAC address when assigning a reservation. 0009d5a6b1b6

* To restore a DHCP server at its most simple description, restore the database to your server. Use the DHCP console to restore the backup from the folder which the database resides. Then at the command prompt type "net start dhcpserver" and then authorize the DHCP server. You can also stop your first DHCP server, copy the database over to your second DHCP server, then start the service, authorize and activate the DHCP scopes.

* FSMO - there needs to be only 1 PDC emulator per domain and it must be on a domain controller

* ICF - If you have an FTP server that needs to be protected from the internet, make sure you turn on ICF and select FTP Server check box on the services tab

* IIS - you can view log files to collect information about which users are accessing the web server via HTTPS and which users are experiencing failed HTTPS requests

* ISA - make sure that on the Public interface that you clear the "Register this connection's address in DNS"

* You can use network monitor to identify whether Server-A is receiving requests for resources through NETBIOS broadcast

* Network monitor does not capture packets for the whole network, it only captures packets for the server it is installed on.

* Use network monitor to figure out a DoS attack

* To ensure the impact of monitoring on a server is reduced and that all packets are captured, then use run Network Monitor in dedicated capture mode

* If a large number of packets are captured, make sure you increase the buffer and decrease the frame to reduce the size of captured data

* Configure a Trigger in Network Monitor to send notifications

* You can capture a users communication to a domain controller by monitoring all traffic between the DC and CP1 with a capture filter

* If you are running system monitor with Network Interface, bytes per second at a sample rate of 15 seconds and the log size is getting too large, then set the sample rate to 60 seconds

* If you are monitoring events that are associated with invalid logins, then use Errors Logon, Errors Access Permissions, Errors Granted Access

* Use system monitor to create a log of the DNS counter Dynamic updates/sec and Total queries/sec for DNS client traffic causing problems

* To monitor the successful incremental zone transfers, use XFR Success Received counter

* Remember creating an ADI zone and configuring the zone for Secure Dynamic Updates Only is ~Important~ and best practice!

* ADI DNS domain controllers can minimize WAN traffic

* Use the replmon tool to find out why DNS data is out of date

* One way to do a zone transfer is this:
1. New-DNS-Server setup a secondary zone for domain X
2. Add a NS records to New-DNS-Server for the X zone
3. on New-DNS-Server change the secondary zone to a primary zone for domain X
4. On Old-DNS-Server delete X zone
5. On Old-DNs-Server setup a secondary zone for domain X

*If you are configuring a complete DNS infrastructure which includes root zones, make sure to include all of the root DNS servers on each of your zoning DNS servers in your root hints configuration page.

*Round Robin enables DNS records that have multiple IP addresses mapped to one host to be able to evenly distribute the IP addresses in load balancing fashion.

* The following protocols encrypt data transmissions and authentication: EAP-TLS, MS-CHAPv2, MS-CHAP. Only encrypts authentication: CHAP.

* EAP-TLS = smart cards and certificates, MS-CHAPv2 = supports newer OS's and is mutual auth, MS-CHAPv1 = supports older OS's and is one way auth, CHAP = supports non-windows OS's, SPAP = shiva products, PAP = plaintext authentication

* You can use the MBSA to scan for WSUS/windows updates on a client machine
My blog http://www.calegp.com

You may learn something!

Comments

  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    *start > run (windows key + r) control netconnections

    It probably won't be on the exam, but it's really slick. I've been surprised at how much I've used it.
  • RevenueRevenue Member Posts: 130
    Hey thanks, Have my exam in a couple of hours :P Cheers for the quick revision.. gl
  • brad-brad- Member Posts: 1,218
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    thanks mishra, any extra info is well appreciated for this exam!
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • aoeaoe Member Posts: 32 ■■□□□□□□□□
    Mishra wrote:

    * Make sure and include the dashes in the MAC address when assigning a reservation. 00-00-00-00-00-00

    My understanding is you do not need the dashes when assigning a MAC address a reservation.
    Correct me if i'm wrong.

    Thanks for all the other tips, i enjoy reading them.
    Thanks.
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    dynamik wrote:
    *start > run (windows key + r) control netconnections

    It probably won't be on the exam, but it's really slick. I've been surprised at how much I've used it.

    To further strengthen Dynamik's point with the runas command, here is a list of all control panel commands. I keep this very handy, as users are locked out of the control panel in my environment.


    Control panel tool             Command
       -----------------------------------------------------------------
       Accessibility Options          control access.cpl
       Add New Hardware               control sysdm.cpl add new hardware
       Add/Remove Programs            control appwiz.cpl
       Date/Time Properties           control timedate.cpl
       Display Properties             control desk.cpl
       FindFast                       control findfast.cpl
       Fonts Folder                   control fonts
       Internet Properties            control inetcpl.cpl
       Joystick Properties            control joy.cpl
       Keyboard Properties            control main.cpl keyboard
       Microsoft Exchange             control mlcfg32.cpl
          (or Windows Messaging)
       Microsoft Mail Post Office     control wgpocpl.cpl
       Modem Properties               control modem.cpl
       Mouse Properties               control main.cpl
       Multimedia Properties          control mmsys.cpl
       Network Properties             control netcpl.cpl
                                      NOTE: In Windows NT 4.0, Network
                                      properties is Ncpa.cpl, not Netcpl.cpl
       Password Properties            control password.cpl
       PC Card                        control main.cpl pc card (PCMCIA)
       Power Management (Windows 95)  control main.cpl power
       Power Management (Windows 9[IMG]https://us.v-cdn.net/6030959/uploads/images/smilies/icon_cool.gif[/IMG]  control powercfg.cpl
       Printers Folder                control printers
       Regional Settings              control intl.cpl
       Scanners and Cameras           control sticpl.cpl
       Sound Properties               control mmsys.cpl sounds
       System Properties              control sysdm.cpl
    
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • Tyrant1919Tyrant1919 Member Posts: 519 ■■■□□□□□□□
    aoe wrote:
    My understanding is you do not need the dashes when assigning a MAC address a reservation.

    You are correct sir, you do not need them.
    A+/N+/S+/L+/Svr+
    MCSA:03/08/12/16 MCSE:03s/EA08/Core Infra
    CCNA
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    aoe wrote:
    Mishra wrote:

    * Make sure and include the dashes in the MAC address when assigning a reservation. 00-00-00-00-00-00

    My understanding is you do not need the dashes when assigning a MAC address a reservation.
    Correct me if i'm wrong.

    Thanks for all the other tips, i enjoy reading them.
    Thanks.

    Sorry, wrote it down wrong. Thanks for the correction.
    My blog http://www.calegp.com

    You may learn something!
  • 1MeanAdmin1MeanAdmin Member Posts: 157
    Windows Key + "Pause" = Go To System Properties saved enormous amount of time for me :D
  • JayrodEFJayrodEF Member Posts: 111 ■□□□□□□□□□
    Just a note on RRAS since I just got done toying with it. As far as the DHCP relay agent goes, it doesn't necessarily have to be on the RRAS's interface facing the subnet that doesn't have a DHCP server. You can place an DHCP relay agent on any member server in the subnet that doesn' t have a DHCP server and point it to the correct server.
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    Added more... More DNS bullets to come.
    My blog http://www.calegp.com

    You may learn something!
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    Here are some generalized study material I jotted down.

    net session - view computer names and user names of users on a server to see open files and user sessions
    netstat - used to display tcp/ip and port information
    netsh - wide range of tasks, can configure tcp/ip, display configs, and stats.
    netcap - captures network traffic (291 study bullet)

    Resource Location Server

    This option specifies a list of IP addresses for resource location servers, as defined in RFC 887, available to the client. When more than one server is assigned, the client interprets and uses the addresses in the specified order.


    WINS lookup is used to look up names that cannot be resolved by DNS through the specific zone the lookup is configured on.WINS lookup has 2 specific types of resource records, the WINS resoucre record and the WINS-R resource record. Instead of putting static WINS entries on desktops, you can instead use the resource records to channel through your DNS infrastructure instead.

    reference: http://technet2.microsoft.com/windowsserver/en/library/1a6e1172-3ad9-4f24-8ffe-763ecaf49c661033.mspx?mfr=true
    My blog http://www.calegp.com

    You may learn something!
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    Added a bit more
    My blog http://www.calegp.com

    You may learn something!
  • GoldmemberGoldmember Member Posts: 277
    Who knew the Beast would be so much fun!!! Yeah!!!
    CCNA, A+. MCP(70-270. 70-290), Dell SoftSkills
  • KrankKrank Member Posts: 90 ■■□□□□□□□□
    This is my last source of information before the beast...

    I sit for it in 10 minutes!!!
  • hettyhetty Member Posts: 394
    Good luck, or how did you do? Depending on when you read this!
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    Krank wrote:
    This is my last source of information before the beast...

    I sit for it in 10 minutes!!!

    kill that mofo :D
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    Krank wrote:
    This is my last source of information before the beast...

    I sit for it in 10 minutes!!!

    Good job. Did my post help at all?
    My blog http://www.calegp.com

    You may learn something!
  • KrankKrank Member Posts: 90 ■■□□□□□□□□
    Oh yes, thanks a lot, Mishra. It was useful.
  • techster79techster79 Member Posts: 169 ■■■□□□□□□□
    midiman wrote:
    Windows Key + "Pause" = Go To System Properties saved enormous amount of time for me :D

    Windows Key + E = opens my computer(explorer)
    Windows Key + D = minimizes all windows and shows desktop
    Windows Key + L = locks computer, very handy when you walk away from your desk often
    Studying for MCSE: Server Infrastructure (70-414 left)
  • tonyflo04tonyflo04 Member Posts: 1 ■□□□□□□□□□
    techster79 wrote:
    Windows Key + D = minimizes all windows and shows desktop

    Hi Y'all,

    Just found this site...I am ol UNIX admin that switch to windows 4 years ago and am finally Sitting down to do my certs...especially now that I am going back in IT after a few year hiatus in the "non-sales account manager" role I had.

    anywhoo

    the Windows Key + M = minimizes all windows and shows desktop
    works too.
    "...God, my Brilliance is becoming a bit of a problem...Get back to me..."

    -Dr. Perry Cox (Heres to a Scrubs 8th season)
  • undomielundomiel Member Posts: 2,818
    SuperKey + D and SuperKey + E are my two most favourite and most used windows shortcuts. With SuperKey + L a close step behind. SuperKey + R for run (works on Vista!) and SuperKey + F to do a search are fairly useful as well. A tip about the SuperKey + D -- when you use it to bring up the desktop if you hit it again it will restore all of the windows that it minimized to bring up the desktop. Not 100% I've seen it fail a few times but it is still a really handy trick. Especially if you want to quickly hide your techexams.net browsing when the boss walks by. ;)

    Oh and almost forgot, Ctrl - Shift - Esc for the Task Manager.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    undomiel wrote:
    Especially if you want to quickly hide your techexams.net browsing when the boss walks by. ;)

    www.workfriendly.net




    Windows + break/pause is useful too
  • pwjohnstonpwjohnston Member Posts: 441
    Here are some study notes I have taken while studding with the MS Press book and Transcender.

    Could you guys please review them for accuracy and add the ones that are not in the original document.



    *DNS Servers that are authoritative for a zone should be listed on the Name Server tab of the properties sheet for the zone.

    *Win2k3 supports the Automatic Recovery of these services:
    -DNS Clients
    -DHCP Servers
    -Error Reporting Services

    *User specific policies(GPO’s) do not apply to the entire computer only the users profile.

    *netdiag is a command line diagnostic tool that can be used to test network connectivity.

    *netdiag /test:kerberos – CMD line for testing Kerberos functionality.

    *Routers are configured at the Scope level.

    *1542 Compliant Router is a BootP forwarder.

    *Steps to migrate DHCP
    -Back up DHCP server database manually
    -Stop DHCP service
    -Disable DHCP Service
    -Copy backup to DHCP2
    -Restore DHCP Database
    -Start DHCP service

    *DHCP reservations require MAC address. If the hardware changes the MAC address in the reservation needs to change as well.

    *While W2k and W2k3 AD networks can shut down rogue DHCP servers on W2k and W2k3 machines, they cannot shut down DHCP running on NT4 or earlier. Must be done manually.

    *252 WPAD Reservation (Web Proxy Auto Detect) – Enables computer to discover the address of the local ISA server through auto discovery.

    *MAC address contains 12 alphanumeric 0 – F Characters.

    *An authoritative DNS server for a zone is a server that hosts a primary or secondary copy of that DNS zone.

    *You should only delete a DHCP reservation if you plan on changing the IP Addy.

    *DHCP Options:
    -Server- option that should apply or be inherited by all scopes and clients of the DHCP server as defaults.
    -Scope- option that should apply only to an applicable scope selected in DHCP console tree.
    -Class- option if you have a mixture of DHCP clients with diverse needs
    -Reservation- apply only to specific DHCP client.
    +Can only be created in their own subnet scope.

    *Reservation options override Class options
    Class options override Scope options
    Scope options override Server options.

    *Automatic Metric Checkbox- allows TCP/IP to determine the routing metric based on the speed of the network adaptors. Interface w/ highest speed = lowest metric.

    *Remote access policies are applied in order until a policy is found where all conditions are met. Once that policy is found the remaining policies are not checked.

    *secedit.exe- is the command line version of Security Configuration and Analysis tool.

    *gpresult.exe- command line version of the Resultant Set of Policy.

    *Kerberos can only be used in and AD or Kerberos realm environment and cannot be used by a stand alone server.

    *mbsacli.exe- command line version of Microsoft Baseline Security Analyzer.

    *inconfig /setclassid – enables you to configure the user class.



    I may have more to add later.
Sign In or Register to comment.