MCSA Windows Server 2016 Study Guide E-Book

MCSA Windows Server® 2016

Study Guide Exam 70-741: Networking with Windows Server 2016

Senior Acquisitions Editor: Kenyon Brown Development Editor: Kim Wimpsett Technical Editors: Rodney R. Fournier, Chris Crayton Production Editor: Rebecca Anderson Copy Editor: Judy Flynn Editorial Manager: Mary Beth Wakefield Production Manager: Kathleen Wisor Executive Editor: Jim Minatel Book Designers: Judy Fung and Bill Gibson Proofreader: Nancy Carrasco Indexer: J & J Indexing Project Coordinator, Cover: Brent Savage Cover Designer: Wiley Cover Image: ©Getty Images Inc./Jeremy Woodhouse

Copyright © 2017 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-1-119-35933-3 ISBN: 978-1-119-35942-5 (ebk.) ISBN: 978-1-119-35945-6 (ebk.)

Manufactured in the United States of America

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2017947568

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. Windows Server is a registered trademark of Microsoft Corporation. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

This book is dedicated to the three ladies of my life: Crystal, Alexandria, and Paige.

Acknowledgments

I would like to thank my wife and best friend, Crystal. She is always the light at the end of my tunnel. I want to thank my two daughters, Alexandria and Paige, for all of their love and support during the writing of all my books. The three of them are my support system and I couldn’t do any of this without them.

I want to thank all of my family and friends who always help me when I’m writing my books. I want to thank my brothers, Rick, Gary, and Rob. I want to thank my great friends Shaun, Jeremy, and Gene.

I would like to thank all of my friends and co-workers at StormWind Studios. I want to especially thank the team who I work with on a daily basis, and that includes Tom W, Dan Y, Corey F, Ronda, Dan J, Jessica, Dave, Tiffany, Tara, Ashley, Brittany, Doug, Mike, Vince, Desiree, Ryan, Ralph, Dan G, Tyler, Jeff B, Shayne, Patrick, Noemi, Michelle, Zachary, Colin, and the man who makes it all possible, Tom Graunke. Thanks to all of you for everything that you do. I would not have been able to complete this book without all of your help and support.

I want to thank everyone on my Sybex team, especially my development editor, Kim Wimpsett, who helped me make this the best book possible, and Rodney R. Fournier, who is the technical editor of many of my books. It’s always good to have the very best technical guy backing you up. I want to thank Rebecca Anderson, who was my production editor, and Judy Flynn for being the copyeditor.

I want to also thank Chris Crayton and Nancy Carrasco for being my proofreaders. Special thanks to my acquisitions editor, Kenyon Brown, who was the lead for the entire book. Finally, I want to thank everyone else behind the scenes that helped make this book possible. It’s truly an amazing thing to have so many people work on my books to help make them the very best. I can’t thank you all enough for your hard work.

About the Author

William Panek holds the following certifications: MCP, MCP+I, MCSA, MCSA+ Security and Messaging, MCSE-NT (3.51 & 4.0), MCSE 2000, 2003, 2012/2012 R2, MCSE+Security and Messaging, MCDBA, MCT, MCTS, MCITP, CCNA, CCDA, and CHFI. Will is also a four time and current Microsoft MVP winner.

After many successful years in the computer industry, Will decided that he could better use his talents and his personality as an instructor. He began teaching for schools such as Boston University and the University of Maryland, just to name a few. He has done consulting and training for some of the biggest government and corporate companies in the world including the United States Secret Service, Cisco, the United States Air Force, and the US Army.

In 2015, Will became a Sr. Microsoft Instructor for StormWind Studios (www.stormwindstudios.com). He currently lives in New Hampshire with his wife and two daughters. Will was also a Representative in the New Hampshire House of Representatives from 2010 to 2012. In his spare time, he likes to do blacksmithing, shooting (trap and skeet), snowmobiling, playing racquetball, and riding his Harley. Will is also a commercially rated helicopter pilot.

Contents

Introduction

The Microsoft Certification Program

Who Should Read This Book?

What’s Inside?

What’s Included with the Book

Recommended Home Lab Setup

How to Contact Sybex/Author

Certification Objectives Maps

Assessment Test

Answers to Assessment Test

Chapter 1 Configuring TCP/IP

Understanding TCP/IP

Understanding IP Addressing

Subnetting a Network

Understanding IPv6

Summary

Exam Essentials

Review Questions

Chapter 2 Configuring DNS

Introducing DNS

Introducing DNS Database Zones

Advantages of DNS in Windows Server 2016

Introducing DNS Record Types

Configuring DNS

Monitoring and Troubleshooting DNS

DNS PowerShell Commands

Summary

Exam Essentials

Review Questions

Chapter 3 Configuring DHCP

Understanding DHCP

Installing and Authorizing DHCP

Creating and Managing DHCP Scopes

Working with Advanced DHCP Configuration Options

PowerShell Commands

Summary

Exam Essentials

Review Questions

Chapter 4 Implement IP Address Management

Understanding IPAM

Managing Services

IPAM Access and Auditing

PowerShell Commands for IPAM

Summary

Exam Essentials

Video Resources

Review Questions

Chapter 5 Configuring Network Access

Overview of Dial-Up Networking

Overview of Virtual Private Networks

Configuring Your Remote Access Server

Understanding a VPN

Configuring a VPN

Managing Your Remote Access Server

Configuring a VPN Client

Configuring a Web Application Proxy

Understanding DirectAccess

Overview of Wireless Access

Remote Access Security

Configuring User Access

Configuring Security

PowerShell for Remote Access

Summary

Exam Essentials

Video Resources

Review Questions

Chapter 6 Understanding File Services

Configuring File Server Resource Manager

Configure File and Disk Encryption

Configuring Distributed File System

Configure Advanced File Services

Implementing an Audit Policy

Configure and Optimize Storage

Summary

Exam Essentials

Review Questions

Chapter 7 Configuring High Availability

Components of High Availability

Achieving High Availability

Understanding Network Load Balancing

Achieving High Availability with Failover Clustering

Windows Server 2016 Clustering Features

PowerShell Commands for Clustering

Implementing Storage Spaces Direct

Achieving High Availability with Hyper-V

Summary

Exam Essentials

Video Resources

Review Questions

Chapter 8 Implementing Software Defined Networking

Understanding Software Defined Networking

Hyper-V Overview

Hyper-V Installation and Configuration

Configuring Virtual Machines

PowerShell Commands

Summary

Exam Essentials

Review Questions

Appendix Answers to the Review Questions

Chapter 1: Configuring TCP/IP

Chapter 2: Configuring DNS

Chapter 3: Configuring DHCP

Chapter 4: Implement IP Address Management

Chapter 5: Configuring Network Access

Chapter 6: Understanding File Services

Chapter 7: Configuring High Availability

Chapter 8: Implementing Software Defined Networking

Advert

EULA

List of Tables

Introduction

TABLE I.1

Chapter 1

TABLE 1.1

TABLE 1.2

TABLE 1.3

TABLE 1.4

TABLE 1.5

TABLE 1.6

TABLE 1.7

TABLE 1.8

Chapter 2

TABLE 2.1

TABLE 2.2

TABLE 2.3

TABLE 2.4

TABLE 2.5

TABLE 2.6

TABLE 2.7

TABLE 2.8

TABLE 2.9

TABLE 2.10

Chapter 3

TABLE 3.1

Chapter 4

TABLE 4.1

Chapter 5

TABLE 5.1

TABLE 5.2

TABLE 5.3

Chapter 6

TABLE 6.1

TABLE 6.2

TABLE 6.3

TABLE 6.4

TABLE 6.5

Chapter 7

TABLE 7.1

TABLE 7.2

TABLE 7.3

TABLE 7.4

TABLE 7.5

TABLE 7.6

Chapter 8

TABLE 8.1

TABLE 8.2

TABLE 8.3

TABLE 8.4

TABLE 8.5

TABLE 8.6

List of Illustrations

Chapter 1

FIGURE 1.1

TCP/IP model

FIGURE 1.2

TCP/IP process

FIGURE 1.3

A sample subnet

FIGURE 1.4

Network vs. host addresses

FIGURE 1.5

The network address and its subnet

FIGURE 1.6

The subnet mask revealed

FIGURE 1.7

Different ways to represent the same mask

FIGURE 1.8

Applying the subnet mask

FIGURE 1.9

Converting the subnet mask to decimal

FIGURE 1.10

An example of a smaller subnet address

FIGURE 1.11

Will’s IPv4 subnetting chart

FIGURE 1.12

Subnet mask represented by 1s

FIGURE 1.13

IPv4/IPv6 comparison

FIGURE 1.14

TCP/IPv6 Properties window

FIGURE 1.15

IPv6 configuration as seen from the command prompt

FIGURE 1.16

IPv6 dual IP layer diagram

FIGURE 1.17

IPv6 interface identifier for

ipconfig

display

Chapter 2

FIGURE 2.1

HOSTS file

FIGURE 2.2

The DNS hierarchy

FIGURE 2.3

Setting the Dynamic Updates option

FIGURE 2.4

DHCP settings for DNS

FIGURE 2.5

A sample DNS query

FIGURE 2.6

Setting up an Active Directory Integrated zone

FIGURE 2.7

DNS stub zone type

FIGURE 2.8

DNS Notify dialog box

FIGURE 2.9

DNS Zone Transfers tab

FIGURE 2.10

DNS zone replication scope

FIGURE 2.11

The Root Hints tab of the DNS server’s Properties dialog box

FIGURE 2.12

The Start Of Authority (SOA) tab of the zone Properties dialog box

FIGURE 2.13

The Name Servers tab of the zone Properties dialog box

FIGURE 2.14

The Event Logging tab of the server’s Properties dialog box

FIGURE 2.15

The Monitoring tab of the server’s Properties dialog box

FIGURE 2.16

Enabling BIND Secondaries

Chapter 3

FIGURE 3.1

Choosing DHCP

FIGURE 3.2

DHCP snap-in

FIGURE 3.3

Choosing Authorize

FIGURE 3.4

Choosing Unauthorize

FIGURE 3.5

Welcome page of the New Scope Wizard

FIGURE 3.6

IP Address Range page of the New Scope Wizard

FIGURE 3.7

Add Exclusions And Delay page of the New Scope Wizard

FIGURE 3.8

Lease Duration page of the New Scope Wizard

FIGURE 3.9

Configure DHCP Options page of the New Scope Wizard

FIGURE 3.10

Router (Default Gateway) page of the New Scope Wizard

FIGURE 3.11

Domain Name And DNS Servers page of the New Scope Wizard

FIGURE 3.12

WINS Servers page of the New Scope Wizard

FIGURE 3.13

Activate Scope page of the New Scope Wizard

FIGURE 3.14

IPv6 Scope Name page of the New Scope Wizard

FIGURE 3.15

Scope Prefix page of the New Scope Wizard

FIGURE 3.16

General tab of the scope’s Properties dialog box for an IPv4 scope

FIGURE 3.17

General tab of the IPv4 Properties dialog box for the server

FIGURE 3.18

Advanced tab of the IPv4 Properties dialog box for the server

FIGURE 3.19

New Reservation dialog box for IPv4 and IPv6

FIGURE 3.20

DNS tab of the scope’s IPv4 Properties dialog box

Chapter 4

FIGURE 4.1

Choosing the IPAM feature

FIGURE 4.2

Confirmation Screen

FIGURE 4.3

IPAM Overview screen

FIGURE 4.4

Select Provisioning

FIGURE 4.5

GPOs Needed

FIGURE 4.6

New GPOs

FIGURE 4.7

Configuring server discovery

FIGURE 4.8

Server Inventory screen

FIGURE 4.9

IPAM DNS Management

FIGURE 4.10

Adding DNS records

FIGURE 4.11

Adding A Record

FIGURE 4.12

Verifying the DNS record

FIGURE 4.13

Managing the DNS Zone

FIGURE 4.14

DNS Zone Advanced Properties

FIGURE 4.15

Configuring DHCP using IPAM

FIGURE 4.16

Create DHCP Scope

FIGURE 4.17

DHCP Scope settings

FIGURE 4.18

Configuring DHCP Policy

FIGURE 4.19

DHCP Policy settings

FIGURE 4.20

IPAM event catalog

FIGURE 4.21

IPAM Access Control

FIGURE 4.22

Add User Role

FIGURE 4.23

User Operations

FIGURE 4.24

Event Catalog

FIGURE 4.25

DHCP Event Catalog

FIGURE 4.26

DNS Event Catalog

Chapter 5

FIGURE 5.1

Drilling a tunnel through the Internet

FIGURE 5.2

The encapsulation process

FIGURE 5.3

The PPP tab of the RRAS server’s Properties dialog box

FIGURE 5.4

The IPv4 tab of the RRAS server’s Properties dialog box

FIGURE 5.5

The IPv6 tab of the RRAS Server’s Properties dialog box

FIGURE 5.6

Remote Access check box

FIGURE 5.7

Remote Access

FIGURE 5.8

Remote Access configuration needed

FIGURE 5.9

Opening the Getting Started Wizard

FIGURE 5.10

VPNs provide private connections between clients and servers across the Internet.

FIGURE 5.11

Remote access choice

FIGURE 5.12

The Log File tab

FIGURE 5.13

Change Log File Properties

FIGURE 5.14

The Port Status dialog box

FIGURE 5.15

Network Layout

FIGURE 5.16

General tab of the VPN Connection Properties dialog box

FIGURE 5.17

Options tab of the VPN Connection Properties dialog box

FIGURE 5.18

Security tab of the VPN Connection Properties dialog box

FIGURE 5.19

Networking tab of the VPN Connection Properties dialog box

FIGURE 5.20

Sharing tab of the VPN Connection Properties dialog box

FIGURE 5.21

The Dial-In tab of the user’s Properties dialog box

FIGURE 5.22

The Security tab of the RRAS server’s Properties dialog box

Chapter 6

FIGURE 6.1

Select Server Roles

FIGURE 6.2

DFS Management console

FIGURE 6.3

Adding a Namespace

FIGURE 6.4

Adding a Namespace

FIGURE 6.5

New Folder

FIGURE 6.6

Home Folder

FIGURE 6.7

BranchCache Option

Chapter 7

FIGURE 7.1

Network Load Balancing

FIGURE 7.2

New Cluster

FIGURE 7.3

Host Name setup

FIGURE 7.4

Add IP address

FIGURE 7.5

Cluster Parameters

FIGURE 7.6

Port Rules

FIGURE 7.7

Using Failover Clustering to cluster SQL Server

FIGURE 7.8

Failing the SQL Server service to another node

FIGURE 7.9

Majority needed

FIGURE 7.10

Failover Cluster Feature

FIGURE 7.11

Confirmation Screen

FIGURE 7.12

The Validate a Configuration Wizard

FIGURE 7.13

Cluster Tests

FIGURE 7.14

Validate a Configuration Wizard results

FIGURE 7.15

High availability roles

FIGURE 7.16

Configuring a generic application

FIGURE 7.17

Resource dependencies

FIGURE 7.18

Resource policies

FIGURE 7.19

Resource Advanced Policies

FIGURE 7.20

VM Advanced Features

FIGURE 7.21

Live Migration Advanced Features

FIGURE 7.22

Storage Migration Settings

Chapter 8

FIGURE 8.1

Hyper-V architecture

FIGURE 8.2

Warning window that Hyper-V cannot be installed

FIGURE 8.3

Server Manager Add Features

FIGURE 8.4

Virtual Switch Screen

FIGURE 8.5

Hyper-V in Server Manager

FIGURE 8.6

Hyper-V Manager

FIGURE 8.7

Hyper-V Settings

FIGURE 8.8

Virtual Network Manager

FIGURE 8.9

Virtual Switch Manager

FIGURE 8.10

In Disk Management, you can set disks as Offline.

FIGURE 8.11

The Edit Virtual Hard Disk Wizard

FIGURE 8.12

Hyper-V Manager

FIGURE 8.13

Specify Generation Screen

FIGURE 8.14

VM RAM

FIGURE 8.15

Networking Page

FIGURE 8.16

Virtual Hard Disk Page

FIGURE 8.17

Installing OS screen

FIGURE 8.18

Completing the New Virtual Machine Wizard screen

FIGURE 8.19

Options available when right-clicking a virtual machine

FIGURE 8.20

Delete Virtual Machine warning window

FIGURE 8.21

Virtual Machine Connection window when the machine is turned off

FIGURE 8.22

Virtual Machine Connection window showing a running Windows Server 2016 virtual machine

FIGURE 8.23

New Virtual Machine

Guide

Cover

Table of Contents

Introduction

Pages

iv

v

xvii

xviii

xix

xx

xxi

xxii

xxiii

xxvii

xxviii

xxix

xxx

xxxi

xxxii

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

161

162

163

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

185

186

187

188

189

190

191

192

193

194

195

196

197

198

200

201

204

205

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

414

416

417

418

419

420

421

422

423

424

425

426

427

428

431

432

433

434

435

436

437

438

439

440

441

472

Introduction

This book is drawn from more than 20 years of IT experience. I have taken that experience and translated it into a Windows Server 2016 book that will help you not only prepare for the MCSA: Windows Server 2016 exams but also develop a clear understanding of how to install and configure Windows Server 2016 while avoiding all of the possible configuration pitfalls.

Many Microsoft books just explain the Windows operating system, but with MCSA: Windows Server 2016 Complete Study Guide, I go a step further by providing many in-depth, step-by-step procedures to support my explanations of how the operating system performs at its best.

Microsoft Windows Server 2016 is the newest version of Microsoft’s server operating system software. Microsoft has taken the best of Windows Server 2003, Windows Server 2008, and Windows Server 2012 and combined them into the latest creation, Windows Server 2016.

Windows Server 2016 eliminates many of the problems that plagued the previous versions of Windows Server, and it includes a much faster boot time and shutdown. It is also easier to install and configure, and it barely stops to ask the user any questions during installation. In this book, I will show you what features are installed during the automated installation and where you can make changes if you need to be more in charge of your operating system and its features.

This book takes you through all the ins and outs of Windows Server 2016, including installation, configuration, Group Policy objects, auditing, backups, and so much more.

Windows Server 2016 has improved on Microsoft’s desktop environment, made networking easier, enhanced searching capability, and improved performance—and that’s only scratching the surface.

When all is said and done, this is a technical book for IT professionals who want to take Windows Server 2016 to the next step and get certified. With this book, you will not only learn Windows Server 2016 and ideally pass the exams, but you will also become a Windows Server 2016 expert.

The Microsoft Certification Program

Since the inception of its certification program, Microsoft has certified more than 2 million people. As the computer network industry continues to increase in both size and complexity, this number is sure to grow—and the need for proven ability will also increase. Certifications can help companies verify the skills of prospective employees and contractors.

The Microsoft certification tracks for Windows Server 2016 include the following:

MCSA: Windows Server 2016 The MCSA is now the lowest-level certification you can achieve with Microsoft in relation to Windows Server 2016. It requires passing three exams: 70-740, 70-741, and 70-742.

MCSE: Cloud Platform and Infrastructure The MCSE certifications, in relation to Windows Server 2016, require that you become an MCSA first and then pass two additional exams. The additional exams will vary depending on which of the two MCSE tracks you choose. For more information, visit Microsoft’s website at www.microsoft.com/learning.

How Do You Become Certified on Windows Server 2016?

Attaining Microsoft certification has always been a challenge. In the past, students have been able to acquire detailed exam information—even most of the exam questions—from online “brain dumps” and third-party “cram” books or software products. For the new generation of exams, this is simply not the case.

Microsoft has taken strong steps to protect the security and integrity of its new certification tracks. Now prospective candidates must complete a course of study that develops detailed knowledge about a wide range of topics. It supplies them with the true skills needed, derived from working with the technology being tested.

The new generations of Microsoft certification programs are heavily weighted toward hands-on skills and experience. It is recommended that candidates have troubleshooting skills acquired through hands-on experience and working knowledge.

Fortunately, if you are willing to dedicate the time and effort to learn Windows Server 2016, you can prepare yourself well for the exam by using the proper tools. By working through this book, you can successfully meet the requirements to pass the Windows Server 2016 exams.

MCSA Exam Requirements

Candidates for MCSA certification on Windows Server 2016 must pass at least the following three Windows Server 2016 exams:

70-740: Installation, Storage, and computer with Windows Server 2016

70-741: Networking with Windows Server 2016

70-742: Identity with Windows Server 2016

 For those who have a qualifying certification, they can take the Upgrading exam “Upgrading Your Skills to MCSA: Windows Server 2016” (Exam 70-743). The objectives for this exam span the three individual exams. This book covers all of the objectives for the Upgrading exam. For details about the exam, visit Microsoft’s website at www.microsoft.com/learning.

Microsoft provides exam objectives to give you a general overview of possible areas of coverage on the Microsoft exams. Keep in mind, however, that exam objectives are subject to change at any time without prior notice and at Microsoft’s sole discretion. Visit the Microsoft Learning website (www.microsoft.com/learning) for the most current listing of exam objectives. The published objectives and how they map to this book are listed later in this introduction.

 For a more detailed description of the Microsoft certification programs, including a list of all the exams, visit the Microsoft Learning website at: www.microsoft.com/learning.

Tips for Taking the Windows Server 2016 Exams

Here are some general tips for achieving success on your certification exam:

Arrive early at the exam center so that you can relax and review your study materials. During this final review, you can look over tables and lists of exam-related information.

Read the questions carefully. Do not be tempted to jump to an early conclusion. Make sure you know

exactly

what the question is asking.

Answer all questions. If you are unsure about a question, mark it for review and come back to it at a later time.

On simulations, do not change settings that are not directly related to the question. Also, assume the default settings if the question does not specify or imply which settings are used.

For questions about which you’re unsure, use a process of elimination to get rid of the obviously incorrect answers first. This improves your odds of selecting the correct answer when you need to make an educated guess.

Exam Registration

At the time this book was released, Microsoft exams are given using more than 1,000 Authorized VUE Testing Centers around the world. For the location of a testing center near you, go to VUE’s website at www.vue.com. If you are outside of the United States and Canada, contact your local VUE registration center.

Find out the number of the exam that you want to take and then register with the VUE registration center nearest to you. At this point, you will be asked for advance payment for the exam. The exams are $165 each, and you must take them within one year of payment. You can schedule exams up to six weeks in advance or as late as one working day prior to the date of the exam. You can cancel or reschedule your exam if you contact the center at least two working days prior to the exam. Same-day registration is available in some locations, subject to space availability. Where same-day registration is available, you must register a minimum of two hours before test time.

When you schedule the exam, you will be provided with instructions regarding appointment and cancellation procedures, ID requirements, and information about the testing center location. In addition, you will receive a registration and payment confirmation letter from VUE.

Microsoft requires certification candidates to accept the terms of a nondisclosure agreement before taking certification exams.

Who Should Read This Book?

This book is intended for individuals who want to earn their MCSA: Windows Server 2016 certification.

This book will not only help anyone who is looking to pass the Microsoft exams, it will also help anyone who wants to learn the real ins and outs of the Windows Server 2016 operating system.

What’s Inside?

Here is a glance at what’s in each chapter:

Chapter 1: Configuring TCP/IP In the first chapter, I show you how TCP/IP gets configured on a server and within a network. I also show you how to subnet an IPv4 network. I also show you how to work with IPv6.

Chapter 2: Configuring DNS This chapter shows you how to install Windows Server 2016 DNS in an enterprise environment.

Chapter 3: Configuring DHCP I take you through the advantages and benefits of using Windows Server 2016 DHCP.

Chapter 4: Implementing IP Address Management This chapter will show you how to implement and configure Windows Server 2016 IPAM.

Chapter 5: Configuring Network Access This chapter takes you through the different ways to create and manage network access and VPN access.

Chapter 6: Understanding File Services You will see the different ways that you can setup and configure Windows Server 2016 file servers and tools that work with file servers.

Chapter 7: Configuring High Availability In this chapter I will explain the advantages of using Windows Server 2016 high availability. I show you how to configure NLB and high availability.

Chapter 8: Implementing Software Defined Networking This chapter shows you how to create and maintain a Windows Server 2016 Software Defined Network.

What’s Included with the Book

This book includes many helpful items intended to prepare you for the MCSA: Windows Server 2016 certification.

Assessment Test There is an assessment test at the conclusion of the introduction that can be used to evaluate quickly where you are with Windows Server 2016. This test should be taken prior to beginning your work in this book, and it should help you identify areas in which you are either strong or weak. Note that these questions are purposely more simple than the types of questions you may see on the exams.

Objective Map and Opening List of Objectives Later in this introduction, I include a detailed exam objective map showing you where each of the exam objectives are covered. Each chapter also includes a list of the exam objectives that are covered.

Helpful Exercises Throughout the book, I have included step-by-step exercises of some of the more important tasks that you should be able to perform. Some of these exercises have corresponding videos that can be downloaded from the book’s website. Also, in the following section I have a recommended a home lab setup that will be helpful in completing these tasks.

Exam Essentials The end of each chapter also includes a listing of exam essentials. These are essentially repeats of the objectives, but remember that any objective on the exam blueprint could show up on the exam.

Chapter Review Questions Each chapter includes review questions. These are used to assess your understanding of the chapter and are taken directly from the chapter. These questions are based on the exam objectives, and they are similar in difficulty to items you might actually receive on the MCSA: Windows Server 2016 exams.

 The Sybex Interactive Online Test Bank, flashcards, videos, and glossary can be accessed at http://www.wiley.com/go/sybextestprep.

Interactive Online Learning Environment and Test Bank

The interactive online learning environment that accompanies this study guide provides a test bank with study tools to help you prepare for the certification exams and increase your chances of passing them the first time! The test bank includes the following elements:

Sample Tests All of the questions in this book are provided, including the assessment test, which you’ll find at the end of this introduction, and the chapter tests that include the review questions at the end of each chapter. In addition, there is a practice exam. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.

Electronic Flashcards One set of questions is provided in digital flashcard format (a question followed by a single correct answer). You can use the flashcards to reinforce your learning and provide last-minute test prep before the exam.

Glossary The key terms from this book and their definitions are available as a fully searchable PDF.

Videos Some of the exercises include corresponding videos. These videos show you how the author does the exercises. There is also a video that shows you how to set up virtualization so that you can complete the exercises within a virtualized environment. The author also has videos to help you on the Microsoft exams at www.youtube.com/c/williampanek.

Recommended Home Lab Setup

To get the most out of this book, you will want to make sure you complete the exercises throughout the chapters. To complete the exercises, you will need one of two setups. First, you can set up a machine with Windows Server 2016 and complete the labs using a regular Windows Server 2016 machine.

The second way to set up Windows Server 2016 (the way I set up Server 2016) is by using virtualization. I set up Windows Server 2016 as a virtual hard disk (VHD), and I did all the labs this way. The advantages of using virtualization are that you can always just wipe out the system and start over without losing a real server. Plus, you can set up multiple virtual servers and create a full lab environment on one machine.

I created a video for this book showing you how to set up a virtual machine and how to install Windows Server 2016 onto that virtual machine.

How to Contact Sybex/Author

Sybex strives to keep you supplied with the latest tools and information you need for your work. Please check the website at www.sybex.com/go/mcsawin2016, where I’ll post additional content and updates that supplement this book should the need arise.

You can contact me by going to my website at www.willpanek.com. You can also watch free videos on Microsoft networking at www.youtube.com/c/williampanek. If you would like to follow information about Windows Server 2016 from Will Panek, please visit Twitter @AuthorWillPanek.

Certification Objectives Maps

Table I.1 provides the objective mappings for the 70-740 exam. In addition to the book chapters, you will find coverage of exam objectives in the flashcards, practice exams, and videos on the book’s companion website:

http://www.wiley.com/WileyCDA/WileyTitle/ productCd-111885991X,miniSiteCd-SYBEX.html

TABLE I.1 70-741 exam objectives

Objective

Chapter

Implement Domain Name System (DNS) (15–20%)

1.1. Install and configure DNS servers

Chapter 2

This objective may include but is not limited to: Determine DNS installation requirements; determine supported DNS deployment scenarios on Nano Server; install DNS; configure forwarders; configure Root Hints; configure delegation; implement DNS policies; implement DNS global settings using Windows PowerShell; configure Domain Name System Security Extensions (DNSSEC); configure DNS Socket Pool; configure cache locking; enable Response Rate Limiting; configure DNS-based Authentication of Named Entities (DANE); configure DNS logging; configure delegated administration; configure recursion settings; implement DNS performance tuning; configure global settings using Windows PowerShell

Chapter 2

1.2. Create and configure DNS zones and records

Chapter 2

This objective may include but is not limited to: Create primary zones; configure Active Directory integration of primary zones; create and configure secondary zones; create and configure stub zones; configure a GlobalNames zone; analyze zone-level statistics; create and configure DNS Resource Records (RR), including A, AAAA, PTR, SOA, NS, SRV, CNAME, and MX records; configure zone scavenging; configure record options, including Time To Live (TTL) and weight; configure round robin; configure secure dynamic updates; configure unknown record support; use DNS audit events and analytical (query) events for auditing and troubleshooting; configure Zone Scopes; configure records in Zone Scopes; configure policies for zones

Chapter 2

Implement DHCP (15–20%)

2.1. Install and configure DHCP

Chapter 3

This objective may include but is not limited to: Install and configure DHCP servers; authorize a DHCP server; create and configure scopes; create and configure superscopes and multicast scopes; configure a DHCP reservation; configure DHCP options; configure DNS options from within DHCP; configure policies; configure client and server for PXE boot; configure DHCP Relay Agent; implement IPv6 addressing using DHCPv6; perform export and import of a DHCP server; perform DHCP server migration

Chapter 3

2.2. Manage and maintain DHCP

Chapter 3

This objective may include but is not limited to: Configure a lease period; back up and restore the DHCP database; configure high availability using DHCP failover; configure DHCP name protection; troubleshoot DHCP

Chapter 3

Implement IP Address Management (IPAM) (15–20%)

3.1. Install and configure IP Address Management (IPAM)

Chapter 4

This objective may include but is not limited to: Provision IPAM manually or by using Group Policy; configure server discovery; create and manage IP blocks and ranges; monitor utilization of IP address space; migrate existing workloads to IPAM; configure IPAM database storage using SQL Server; determine scenarios for using IPAM with System Center Virtual Machine Manager for physical and virtual IP address space management

Chapter 4

3.2. Manage DNS and DHCP using IPAM

Chapter 4

This objective may include but is not limited to: Manage DHCP server properties using IPAM; configure DHCP scopes and options; configure DHCP policies and failover; manage DNS server properties using IPAM; manage DNS zones and records; manage DNS and DHCP servers in multiple Active Directory forests; delegate administration for DNS and DHCP using role-based access control (RBAC)

Chapter 4

3.3. Audit IPAM

Chapter 4

This objective may include but is not limited to: Audit the changes performed on the DNS and DHCP servers; audit the IPAM address usage trail; audit DHCP lease events and user logon events

Chapter 4

Implement Network Connectivity and Remote Access Solutions (25–30%)

Implement network connectivity solutions

Chapter 5

This objective may include but is not limited to: Implement Network Address Translation (NAT); configure routing

Chapter 5

Implement virtual private network (VPN) and DirectAccess solutions

Chapter 5

This objective may include but is not limited to: Implement remote access and site-to-site (S2S) VPN solutions using remote access gateway; configure different VPN protocol options; configure authentication options; configure VPN reconnect; create and configure connection profiles; determine when to use remote access VPN and site-to-site VPN and configure appropriate protocols; install and configure DirectAccess; implement server requirements; implement client configuration; troubleshoot DirectAccess

Chapter 5

Implement Network Policy Server (NPS)

Chapter 5

This objective may include but is not limited to: Configure a RADIUS server including RADIUS proxy; configure RADIUS clients; configure NPS templates; configure RADIUS accounting; configure certificates; configure Connection Request Policies; configure network policies for VPN and wireless and wired clients; import and export NPS policies

Chapter 5

Implement Core and Distributed Network Solutions (10–15%)

Implement IPv4 and IPv6 addressing

Chapter 1

This objective may include but is not limited to: Configure IPv4 addresses and options; determine and configure appropriate IPv6 addresses; configure IPv4 or IPv6 subnetting; implement IPv6 stateless addressing; configure interoperability between IPv4 and IPv6 by using ISATAP, 6to4, and Teredo scenarios; configure Border Gateway Protocol (BGP); configure IPv4 and IPv6 routing

Chapter 1

Implement Distributed File System (DFS) and Branch Office solutions

Chapter 6

This objective may include but is not limited to: Install and configure DFS namespaces; configure DFS replication targets; configure replication scheduling; configure Remote Differential Compression (RDC) settings; configure staging; configure fault tolerance; clone a Distributed File System Replication (DFSR) database; recover DFSR databases; optimize DFS Replication; install and configure BranchCache; implement distributed and hosted cache modes; implement BranchCache for web, file, and application servers; troubleshoot BranchCache

Chapter 6

Implement an Advanced Network Infrastructure (10–15%)

6.1 Implement high performance network solutions

Chapter 7

This objective may include but is not limited to: Implement NIC Teaming or the Switch Embedded Teaming (SET) solution and identify when to use each; enable and configure Receive Side Scaling (RSS); enable and configure network Quality of Service (QoS) with Data Center Bridging (DCB); enable and configure SMB Direct on Remote Direct Memory Access (RDMA) enabled network adapters; enable and configure SMB Multichannel; enable and configure virtual Receive Side Scaling (vRSS) on a Virtual Machine Queue (VMQ) capable network adapter; enable and configure Virtual Machine Multi-Queue (VMMQ); enable and configure Single-Root I/O Virtualization (SR-IOV) on a supported network adapter

Chapter 7

6.2. Determine scenarios and requirements for implementing Software Defined Networking (SDN)

Chapter 8

This objective may include but is not limited to: Determine deployment scenarios and network requirements for deploying SDN; determine requirements and scenarios for implementing Hyper-V Network Virtualization (HNV) using Network Virtualization Generic Route Encapsulation (NVGRE) encapsulation or Virtual Extensible LAN (VXLAN) encapsulation; determine scenarios for implementation of Software Load Balancer (SLB) for North-South and East-West load balancing; determine implementation scenarios for various types of Windows Server Gateways, including L3, GRE, and S2S, and their use; determine requirements and scenarios for distributed firewall policies and network security groups

Chapter 8

 Exam objectives are subject to change at any time without prior notice and at Microsoft’s sole discretion. Please visit Microsoft’s website (www.microsoft.com/learning) for the most current listing of exam objectives.

Chapter 1Configuring TCP/IP

THE FOLLOWING 70-741 EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

Configure IPv4 and IPv6 addressing

Configure IP address options

Configure IPv4 or IPv6 subnetting

Configure supernetting

Configure interoperability between IPv4 and IPv6

Configure ISATAP

Configure Teredo

 In this chapter, I will discuss the most important protocol used in a Microsoft Windows Server 2016 network: Transmission Control Protocol/Internet Protocol (TCP/IP).

TCP/IP is actually two protocols bundled together: the Transmission Control Protocol (TCP) and the Internet Protocol (IP). TCP/IP is a suite of protocols developed by the US Department of Defense’s Advanced Research Projects Agency in 1969.

This chapter is divided into two main topics: First I’ll talk about TCP/IP version 4, and then I’ll discuss TCP/IP version 6. TCP/IP version 4 is still used in Windows Server 2016, and it was the primary version of TCP/IP in all previous versions of Windows. However, TCP/IP version 6 is the latest release of TCP/IP, and it has been incorporated into Windows Server 2016.

Understanding TCP/IP

I mentioned that TCP/IP is actually two protocols bundled together: TCP and IP. These protocols sit on a four-layer TCP/IP model.

Details of the TCP/IP Model

The four layers of the TCP/IP model are as follows (see Figure 1.1):

Application Layer The Application layer is where the applications that use the protocol stack reside. These applications include File Transfer Protocol (FTP), Trivial File Transfer Protocol (TFTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer Protocol (HTTP).

Transport Layer The Transport layer is where the two Transport layer protocols reside. These are TCP and the User Datagram Protocol (UDP). TCP is a connection-oriented protocol, and delivery is guaranteed. UDP is a connectionless protocol. This means that UDP does its best job to deliver the message, but there is no guarantee.

Internet Layer The Internet layer is where IP resides. IP is a connectionless protocol that relies on the upper layer (Transport layer) for guaranteeing delivery. Address Resolution Protocol (ARP) also resides on this layer. ARP turns an IP address into a Media Access Control (MAC) address. All upper and lower layers travel through the IP protocol.

Link Layer The data link protocols like Ethernet and Token Ring reside in the Link layer. This layer is also referred to as the Network Access layer.

FIGURE 1.1 TCP/IP model

How TCP/IP Layers Communicate

When an application like FTP is called upon, the application moves down the layers and TCP is retrieved. TCP then connects itself to the IP protocol and gets released onto the network through the Link layer (see Figure 1.2). This is a connection-oriented protocol because TCP is the protocol that guarantees delivery.

FIGURE 1.2 TCP/IP process

When an application like TFTP gets called, the application moves down the layers, and UDP is retrieved. UDP then connects itself to the IP protocol and gets released onto the network through the Link layer. This is a connectionless protocol because UDP does not have guaranteed delivery.

Understanding Port Numbers

TCP and UDP rely on port numbers assigned by the Internet Assigned Numbers Authority (IANA) to forward packets to the appropriate application process. Port numbers are 16-bit integers that are part of a message header. They identify the application software process with which the packet should be associated. For example, let’s say that a client has a copy of Internet Explorer and a copy of Mail open at the same time. Both applications are sending TCP requests across the Internet to retrieve web pages and email, respectively. How does the computer know which return packets to forward to Internet Explorer and which packets to forward to Mail?

When making a connection, the client chooses a source port for the communication that is usually in the range 1024–65535 (or sometimes in the range 1–65535). This source port then communicates with a destination port of 80 or 110 on the server side. Every packet destined for Internet Explorer has a source port number of 80 in the header, and every packet destined for Mail has a source port number of 110 in the header.

Table 1.1 describes the most common port numbers (you might need to know these for the exam). You can visit www.iana.org to get the most current and complete list of port numbers. It’s good to become familiar with specific port numbers because it’s a benefit to be able to determine from memory the ports that, for example, allow or block specific protocols in a firewall. Allowing only port 80, for instance, does not ensure that all web traffic will be allowed. You must also allow port 443 for certain secure web traffic.

TABLE 1.1 Common port numbers

Port Number

Description

20

FTP data

21

FTP control

23

Telnet

25

Simple Mail Transfer Protocol (SMTP)

53

Domain Name System (DNS)

80

Hypertext Transfer Protocol (HTTP), Web

88

Kerberos

110

Post Office Protocol v3 (POP3)

443

Secure HTTP (HTTPS)

 Simply because a port is “well known” doesn’t mean that a given service must run on it. It’s technically valid to run any service on any port, but doing so is usually a bad idea. For example, if you chose to run your web server on TCP port 25, clients would need to type www.example.com:25 to reach your website from most browsers.

Understanding IP Addressing

Understanding IP addressing is critical to understanding how IP works. An IP address is a numeric identifier assigned to each device on an IP network. This type of address is a logical software address that designates the device’s location on the network. It isn’t the physical hardware address hard-coded in the device’s network interface card.

In the following sections, you will see how IP addresses are used to identify uniquely every machine on the network (MAC address).

The Hierarchical IP Addressing Scheme

An IP address consists of 32 bits of information. These bits are divided into four sections (sometimes called octets or quads) containing 1 byte (8 bits) each. There are three common methods for specifying an IP address:

Dotted-decimal, as in 130.57.30.56

Binary, as in 10000010.00111001.00011110.00111000

Hexadecimal, as in 82 39 1E 38