Exam 70-414: Implementing an Advanced Server Infrastructure

Skills Measured:

Manage and maintain a server infrastructure (25–30%)

• Design an administrative model
  • Design considerations, including user rights and built-in groups; design a delegation of administration structure for Microsoft System Center 2012 R2; design self-service portals by using System Center Service Manager; delegate rights for managing private cloud by using AppController and System Center Virtual Machine Manager
• Design a monitoring strategy
  • Design considerations including monitoring servers using Audit Collection Services (ACS) and System Center Global Service Monitor, performance monitoring, application monitoring, centralized monitoring, and centralized reporting; implement and optimize System Center 2012 – Operations Manager management packs; plan for monitoring Active Directory
• Plan and implement automated remediation
  • Create an Update Baseline in Virtual Machine Manager; implement a Desired Configuration Management (DCM) Baseline; implement Virtual Machine Manager integration with Operations Manager; configure Virtual Machine Manager to move a VM dynamically based on policy; integrate System Center 2012 for automatic remediation into your existing enterprise infrastructure; design and implement a Windows PowerShell Desired State Configuration (DSC) solution

Plan and implement a highly available enterprise infrastructure (25–30%)

• Plan and implement failover clustering
  • Plan for and implement multi-node and multi-site clustering including the use of networking storage, name resolution, and Global Update Manager (GUM); design considerations including redundant networks, network priority settings, resource failover and failback, heartbeat and DNS settings, Quorum configuration, storage placement and replication, and cluster aware updates
• Plan and implement highly available network services
  • Plan for and configure Network Load Balancing (NLB); design considerations including fault-tolerant networking, multicast vs. unicast configuration, state management, and automated deployment of NLB using Virtual Machine Manager service templates
• Plan and implement highly available storage solutions
  • Plan for and configure storage spaces and storage pools; design highly available, multi-replica DFS namespaces; plan for and configure multi-path I/O (MPIO); configure highly available iSCSI Target and iSNS Server; plan for and implement storage using RDMA and SMB multi-channel
• Plan and implement highly available roles
  • Plan for a highly available Dynamic Host Configuration Protocol (DHCP) Server, Hyper-V clustering, Continuously Available File Shares, and a DFS Namespace Server; plan for and implement highly available applications, services, and scripts using Generic Application, Generic Script, and Generic Service clustering roles
• Plan and implement a business continuity and disaster recovery solution
  • Plan a backup and recovery strategy; planning considerations including Active Directory domain and forest recovery, Hyper-V replica including using Microsoft Azure Site Recovery, domain controller restore and cloning, and Active Directory object and container restore using authoritative restore and Recycle Bin; plan for and implement backup and recovery by using System Center Data Protection Manager (DPM)

Plan and implement a server virtualization infrastructure (25–30%)

• Plan and implement virtualization hosts
  • Plan for and implement delegation of virtualization environment (hosts, services, and VMs), including self-service capabilities; plan and implement multi-host libraries including equivalent objects; plan for and implement host resource optimization; integrate third-party virtualization platforms; deploying Hyper-V hosts to bare metal
• Plan and implement virtual machines
  • Plan for and implement highly available VMs; plan for and implement guest resource optimization including shared VHDx; configure placement rules; create Virtual Machine Manager templates
• Plan and implement virtualization networking
  • Plan for and configure Virtual Machine Manager logical networks, including virtual switch extensions and logical switches; plan for and configure IP address and MAC address settings across multiple Hyper-V hosts, including network virtualization; plan for and configure virtual network optimization; plan and implement Windows Server Gateway; plan and implement VLANs and pVLANs; plan and implement virtual machine (VM) networks; plan and implement converged networks
• Plan and implement virtualization storage
  • Plan for and configure Hyper-V host clustered storage; plan for and configure Hyper-V virtual machine storage including virtual Fibre Channel, iSCSI, and shared VHDx; plan for storage optimization; plan and implement storage using SMB 3.0 file shares
• Plan and implement virtual machine movement
  • Plan for and configure live and storage migration between Hyper-V hosts; plan for and manage P2V and V2V; plan and implement virtual machine migration between clouds
• Manage and maintain a server virtualization infrastructure
  • Manage dynamic optimization and resource optimization; integrate Operations Manager with System Center Virtual Machine Manager and System Center Service Manager; update virtual machine images in libraries; plan for and implement backup and recovery of virtualization infrastructure by using System Center Data Protection Manager (DPM)

Design and implement identity and access solutions (20–25%)

• Design a Certificate Services infrastructure
  • Design a multi-tier Certificate Authority (CA) hierarchy with offline root CA; plan for multi-forest CA deployment; plan for Certificate Enrollment Web Services and Certificate Enrollment Policy Web Services; plan for Network Device Enrollment Services (NDES); plan for certificate validation and revocation; plan for disaster recovery; plan for trust between organizations including Certificate Trust Lists (CTL), cross certifications, and bridge CAs
• Implement and manage a Certificate Services infrastructure
  • Configure and manage offline root CA; configure and manage Certificate Enrollment Web Services and Certificate Enrollment Policy Web Services; configure and manage Network Device Enrollment Services; configure Online Certificates Status Protocol (OCSP) responders; migrate CA; implement administrator role separation; implement and manage trust between organizations including Certificate Trust Lists (CTL), cross certifications, and bridge CAs; monitor CA health
• Implement and manage certificates
  • Manage certificate templates; implement and manage certificate deployment, validation, renewal, revocation, and publishing including Internet-based clients, CAs, and network devices; configure and manage key archival and recovery
• Design and implement a federated identity solution
  • Plan for and implement claims-based authentication including planning and implementing Relying Party Trusts; plan for and configure Claims Provider and Relying Party Trust claim rules; plan for and configure attribute stores including Active Directory Lightweight Directory Services (AD LDS); plan for and manage Active Directory Federation Services (AD FS) certificates; plan for and implement Identity Integration with cloud services; integrate Web Application Proxy with AD FS
• Design and implement Active Directory Rights Management Services (AD RMS
  • Plan for highly available AD RMS deployment; plan for AD RMS client deployment; manage Trusted User Domains; manage Trusted Publishing Domains; manage Federated Identity support; upgrade or migrate AD RMS; decommission AD RMS