Exam Profile: MCSA/MCSE: Managing and Maintaining a Microsoft Windows Server 2003 Environment (70-290)
Date: Nov 10, 2010
In order to pass the 70-290 exam, you must have the knowledge and skills that are needed to effectively maintain server resources, monitor server performance, and safeguard data on a computer running one of the operating systems in the Microsoft Windows Server 2003. After you pass the Managing and Maintaining a Microsoft Windows Server 2003 Environment exam, in addition to being on your way to the MSCE certification, you will achieve Microsoft Certified Professional (MCP) status. You also earn credit toward the following certifications:
- Core credit toward Microsoft Certified Systems Administrator (MCSA) on Windows Server 2003 certification
- Core credit toward Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003 certification
- Core credit toward Microsoft Certified Database Administrator (MCDBA) on Microsoft SQL Server 2000 certification
In order to get your Microsoft MCSE certification, you will be required to pass seven exams (in any order):
- Four exams on networking systems
- One exam on client operating systems
- One exam on design
- One elective exam
The 70-290 is a core exam that counts toward one of the four networking system exams that must be taken for MCSE certification.
Exam Details
- Number of questions: Approximately 45 questions with 3-5 simulations (Since Microsoft does not publish this information, the number of exam questions may change without notice.)
- Type of questions: This test consists mainly of multiple choice questions, but can also contain drag and drop, build list and reorder questions. You will definitely see multiple simulation questions.
- Passing Score: 700 out of 1000
- Time Limit: 4 hours
- How to register: You can register for the exam at Prometric.com or Certiport.com
Trouble Spots
As with any exam, it will vary from person to person as to what is deemed to be difficult. While one person may have trouble with groups, another will find RAID configurations difficult to understand. There are no real issues with this exam that you need to watch for other than to know the objectives. Hands-on experience that deals with managing and maintaining a Windows network will be of immense value, especially when it comes to the simulations. Basically, the simulations present a mock-up of the computer screen that behaves similarly to an actual server. In a simulation, you may have to set permissions for a folder or add users to a group or some other task.
Preparation Hints
Review the Exam Objectives below and make sure that you are familiar with them. If you have access to a Windows 2003 network, hands-on practice in that environment will help you to connect the theory with real life. Always check the Microsoft site for the specific exam you are going to take. For the 70-290 exam, refer to http://www.microsoft.com/learning/en/us/exam.aspx?ID=70-290&locale=en-us. There are many web sites and blogs that can help you to research topics, but be careful to fully research the information you read. It is not advisable to try to find sites that list questions and answers for several reasons. First, you don’t know if you will be asked a specific question; second, the answers given in a blog may be inaccurate; third, you need to understand the information to adequately prepare.
When taking the exam, read each question carefully. Microsoft is notorious for adding a lot of unneeded information in their questions. Make sure that when you click on a choice, it is really marked. Be careful clicking anywhere on the screen. I found that by inadvertently clicking near the scroll bar on the right of the screen, I actually changed an answer. You get a single piece of paper and a marker for writing. Use the first few moments before you start answering questions to make notes. Sometimes there is even a questionnaire at the beginning of the test that does not count against your test time. Use this time to write down notes, facts, tables or other information you may need. Since this particular exam is four hours long, if you are prepared, you should have plenty of time.
Recommended Study Resources
MCSA/MCSE 70-290 Exam Prep: Managing and Maintaining a Microsoft Windows Server 2003 Environment (2nd Edition) by Lee Scales
MCSA/MCSE 70-290 Exam Cram: Managing and Maintaining a Microsoft Windows Server 2003 Environment (2nd Edition) by Dan Balter and Patrick Regan
MCSA/MCSE 70-290 Cert Flash Cards Online by Pat Regan
Exam Objectives
These exam objectives are reprinted with permission from Microsoft. Please check the Microsoft website to get the most up-to-date information.
This exam is broken up into five different categories. We will look at what you have to know in each category to pass the exam.
Managing and Maintaining Physical and Logical Devices
- There are several command-line
utilities with which you should
be familiar. You should actually
take some time and run these
utilities from a command line
in order to better understand
them.
- Driverquery can be used to print a list of devices.
- Winmsd allows you to pull up the System Information utility.
- Dsadd, Dsmod, Dsget, Dsrm, Dsmove, Dsquery, Gpresult, Whoami
- Device Manager allows you to manage devices on a local computer. If you are using Device Manager on a remote computer, it will be in read-only mode.
- The four Driver Recovery Tools are: Driver Rollback, Last Known Good Configuration, Safe Mode and Recovery Console.
- A Hardware RAID appears as single disk.
- A basic disk contains basic volumes, such as primary partitions, extended partitions, and logical drives. Basic disks can be converted to dynamic, but not vice versa without erasing data.
- A dynamic disk contains dynamic volumes, such as simple volumes, spanned volumes, striped volumes, mirrored volumes, and RAID-5 volumes. It is not supported for removable media or laptops.
- Logical drives are logical volumes on basic disks.
- RAID-0 is disk striping without parity. You must have at least two physical disks. RAID-1 is disk mirroring, which requires two physical disks and makes identical copies of single volume. RAID-0 is the cheapest and fastest form of RAID, but offers no redundancy. RAID-1 is the most expensive form of RAID.
- RAID-5 is disk striping with parity and requires between 3 and 32 disks. You cannot boot from RAID-5.
- RAID-5 is faster than RAID-1, but RAID-0 is the fastest.
- Disk defragmenter optimizes performance by putting data in a contiguous block.
- Disk defragmenter is used if volume is fragmented more than 10%. You need 15% of volume capacity for full defragmenting; otherwise volume will be partially defragmented.
- NTFS is the default file system on dynamic disks.
- Quotas are supported only on NTFS volumes.
- Disk Quotas can be implemented per-volume and per-user only.
- Hardware fault-tolerance provides faster I/O and hot swapping but is more expensive.
- If you move a file or folder to another volume, compression is lost, encryption is kept and NTFS rights are lost.
Managing Users, Computers, and Groups
- To create a user or computer object in Active Directory, you must have administrative privileges. The logon name is required and must be unique in the Domain.
- Account Logon events need to be monitored on each domain controller.
- A profile is created for each user that logs onto a computer.
- Profiles allow multiple users to be able to login to a computer and keep their work separate.
- Administrators can make changes to the built-in All Users profile to ensure that all users get the change.
- A mandatory profile is created by renaming Ntuser.dat to Ntuser.man.
- The Everyone group by default does not contain Anonymous Logon identity.
- To create or change a computer object in AD you must be a member of the Administrators or Account Operators groups.
- If you make a command-line change in AD, you must refresh (F5) the Management Console to see the change.
- There are two types of groups: Security and Distribution.
- Distribution groups only have one function and that is to create email distribution lists.
- Security groups are used to manage user and computer access to shared resources and to filter Group Policy settings.
- The best way to organize permissions is to assign them to a local group, then place global groups in the local group.
- Built-in groups are Administrators, Server Operators, Account Operators, Print Operators, Backup Operators, Guests, Replicator, Power Users, Users.
- A user must log in again before changes to Group membership take effect.
Managing and Maintaining Access to Resources
- Remote Assistance uses port 3389.
- The Instant Messenger Service uses port 1863.
- Permissions are assigned files or folders and rights are assigned to users or groups.
- Hidden share ends with $. Built-in administrative shares are also hidden by default (i.e. \\servername\c$)
- A user’s access to a file or folder is the most restrictive set of permissions between share permissions and NTFS permissions. So if a user’s permissions to a share is Read and the NTFS permissions are Full Control, their effective permission will be Read.
- Share permissions apply only when a folder is accessed remotely.
- Share permissions are lost when a folder is renamed or moved.
- NTFS permissions do replicate, are included in backup and restore, and can be configured remotely with Windows Explorer.
- Deny or No Access permissions take precedence over allow permissions.
- A change to Permissions take effect immediately.
- HTTP uses port 80 and FTP port 21.
- Permissions of a Web folder are the more restrictive of NTFS and IIS permissions.
- Encrypted file or folder cannot be moved or copied to another computer.
Managing and Maintaining a Server Environment
- A print server provides several advantages: single queue for logical printer, error messages visible on all clients, administrative tasks are centralized, users can go back to their jobs while printing, and clients automatically download appropriate printer driver when they first connect to the shared printer.
- Printer permissions are: Print, Manage Documents, Manage Printers, Special Permissions. By default, Print permission is assigned to the Everyone group.
- The spooler folder should be on a partition other than the system or boot partition for a high volume print server.
- Be familiar with software site licensing.
- You can view licenses using AD Sites and Services.
- Event Viewer records events in the Application, System, or Security logs.
- You manage a server remotely using Remote Assistance or Terminal Services.
- Know how to monitor a server environment for application performance.
Managing and Implementing Disaster Recovery
- Know how to perform system recovery for a server to include: Implement Automated System Recovery (ASR), Restore data from shadow copy volumes, Back up files and System State data to media, Configure security for backup operations,
- Be able to verify the successful completion of backup jobs, manage backup storage media.
- Recover from server hardware failure.
- Types of backup are Incremental, Differential and Full.
- You have to be a member of the Administrators or Backup Operators group to backup data.
- Backups can be scheduled daily, weekly, monthly, once, at system startup, at logon, when idle.
- You cannot backup individual components of the System State nor can you back it up remotely.
Where to Go from Here
After you pass the Managing and Maintaining a Windows Server 2003 Environment (70-290) Exam, you have three more core exams to pass on your way to becoming an MCSE:
- Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Exam 70-291
- Planning and Maintaining a Windows Server 2003 Network Infrastructure Exam 70-293
- Planning, Implementing, and Maintaining a Windows Server 2003 Active Directory Infrastructure Exam 70-294