Exam 70-218:

Managing a Microsoft Windows 2000 Network Environment

Published:January 22, 2002
Audience(s):IT Professionals
Technology:Microsoft Windows 2000
Type:Proctored Exam

How To Get It: Schedule your exam through the following exam provider:

Take exam

Preparing for an Exam
This exam is retired.
The Microsoft Certification website and this preparation guide contain a variety of resources to help you prepare for an exam. Preparing for and Taking an Exam — FAQ provides answers to frequently asked questions about exam registration, preparation, scoring, and policies, including:
  • The most effective way to prepare to take an exam.
  • The relationship between Microsoft training materials and exam content.
  • Microsoft policy concerning the incorporation of service pack and revision updates into exam content.
  • Exam question types and formats.
  • Exam time limits and number of questions asked.
We recommend that you review this preparation guide in its entirety and familiarize yourself with the FAQs and resources on the Microsoft Certification website before you schedule your exam.
Audience Profile
Candidates for this exam work in medium-sized to very large computing environments that use Microsoft Windows 2000 network and directory services. Candidates have at least six months of experience administering and supporting Windows 2000 server and client operating systems that use Active Directory directory services in environments that have the following characteristics.
  • Supported users range from 200 to 26,000.
  • Physical locations range from 2 to 100.
  • Typical network services and resources include messaging, file and print, proxy server or firewall, Internet and intranet, remote access, and client computer management.
  • Connectivity needs include connecting branch offices and individual users at remote locations to the corporate network and connecting corporate networks to the Internet.
Credit Toward CertificationWhen you pass Exam 70-218: Managing a Microsoft Windows 2000 Network Environment, you complete the requirements for the following certification(s):Exam 70-218: Managing a Microsoft Windows 2000 Network Environment: counts as credit toward the following certification(s):
Note This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format.
Skills Being MeasuredThis exam measures your ability to accomplish the technical tasks listed below.The percentages indicate the relative weight of each major topic area on the exam.The higher the percentage, the more questions you are likely to see on that content area on the exam.

The information after “This objective may include but is not limited to” is intended to further define or scope the objective by describing the types of skills and topics that may be tested for the objective. However, it is not an exhaustive list of skills and topics that could be included on the exam for a given skill area. You may be tested on other skills and topics related to the objective that are not explicitly listed here.
Create, configure, manage, secure, and troubleshoot file, print, and Web resources
  • Publish resources in Active Directory. Types of resources include printers and shared folders.
    • Perform a search in Active Directory Users and Computers.
    • Configure a printer object.
  • Manage data storage. Considerations include file systems, permissions, and quotas.
    • Implement NTFS and FAT file systems.
    • Enable and configure quotas.
    • Implement and configure Encrypting File System (EFS).
    • Configure volumes and basic and dynamic disks.
    • Configure file and folder permissions.
    • Manage a domain-based distributed file system (DFS).
    • Manage file and folder compression.
  • Create shared resources and configure access rights. Shared resources include printers, shared folders, and Web folders.
    • Share folders and enable Web sharing.
    • Configure shared folder permissions.
    • Create and manage shared printers.
    • Configure shared printer permissions.
  • Configure and troubleshoot Internet Information Services (IIS).
    • Configure virtual directories and virtual servers.
    • Troubleshoot Internet browsing from client computers.
    • Troubleshoot intranet browsing from client computers.
    • Configure authentication and SSL for Web sites.
    • Configure FTP services.
    • Configure access permissions for intranet Web servers.
  • Monitor and manage network security. Actions include auditing and detecting security breaches.
    • Configure user-account lockout settings.
    • Configure user-account password length, history, age, and complexity.
    • Configure Group Policy to run logon scripts.
    • Link Group Policy objects.
    • Enable and configure auditing.
    • Monitor security by using the system security log file.
Configure, administer, and troubleshoot the network infrastructure
  • Troubleshoot routing. Diagnostic utilities include the tracert command, the ping command, and the ipconfig command.
    • Validate local computer configuration by using the ipconfig, arp, and route commands.
    • Validate network connectivity by using the tracert, ping, and pathping commands.
  • Configure and troubleshoot TCP/IP on servers and client computers. Considerations include subnet masks, default gateways, network IDs, and broadcast addresses.
    • Configure client computer TCP/IP properties.
    • Validate client computer network configuration by using the winipcfg, ipconfig, and arp commands.
    • Validate client computer network connectivity by using the ping command.
  • Configure, administer, and troubleshoot DHCP on servers and client computers.
    • Detect unauthorized DHCP servers on a network.
    • Configure authorization of DHCP servers.
    • Configure client computers to use dynamic IP addressing.
    • Configure DHCP server properties.
    • Create and configure a DHCP scope.
  • Configure, administer, and troubleshoot DNS.
    • Configure DNS server properties.
    • Manage DNS database records such as CNAME, A, and PTR.
    • Create and configure DNS zones.
  • Troubleshoot name resolution on client computers. Considerations include WINS, DNS, NetBIOS, the Hosts file, and the Lmhosts file.
    • Configure client computer name resolution properties.
    • Troubleshoot name resolution problems by using the nbtstat, ipconfig, nslookup, and netdiag commands.
    • Create and configure a Hosts file for troubleshooting name resolution problems.
    • Create and configure an Lmhosts file for troubleshooting name resolution problems.
Manage, secure, and troubleshoot servers and client computers
  • Install and configure server and client computer hardware.
    • Verify hardware compatibility by using the qualifier tools.
    • Configure driver signing options.
    • Verify digital signatures on existing driver files.
    • Configure operating system support for legacy hardware devices.
  • Troubleshoot starting servers and client computers. Tools and methodologies include Safe Mode, Recovery Console, and parallel installations.
    • Interpret the startup log file.
    • Repair an operating system by using various startup options.
    • Repair an operating system by using the Recovery Console.
    • Recover data from a hard disk in the event that the operating system will not start.
    • Restore an operating system and data from a backup.
  • Monitor and troubleshoot server health and performance. Tools include System Monitor, Event Viewer, and Task Manager.
    • Monitor and interpret real-time performance by using System Monitor and Task Manager.
    • Configure and manage System Monitor alerts and logging.
    • Diagnose server health problems by using Event Viewer.
    • Identify and disable unnecessary operating system services.
  • Install and manage Windows 2000 updates. Updates include service packs, hot fixes, and security hot fixes.
    • Update an installation source by using slipstreaming.
    • Apply and reapply service packs and hot fixes.
    • Verify service pack and hot-fix installation.
    • Remove service packs and hot fixes.
Configure, manage, secure, and troubleshoot Active Directory organizational units and Group Policy
  • Create, manage, and troubleshoot User and Group objects in Active Directory.
    • Create and configure user and computer accounts for new and existing users.
    • Troubleshoot groups. Considerations include nesting, scope, and type.
    • Configure a user account by using Active Directory Users and Computers. Settings include passwords and assigning groups.
    • Perform a search for objects in Active Directory.
    • Use templates to create user accounts.
    • Reset an existing computer account.
  • Manage object and container permissions.
    • Use the Delegation of Control wizard to configure inherited and explicit permissions.
    • Configure and troubleshoot object permissions by using object access control lists (ACLs).
  • Diagnose Active Directory replication problems.
    • Diagnose problems related to WAN link connectivity.
    • Diagnose problems involving replication latency. Problems include duplicate objects and the LostandFound container.
  • Deploy software by using Group Policy. Types of software include user applications, antivirus software, line-of-business applications, and software updates.
    • Use Windows Installer to deploy Windows Installer packages.
    • Deploy updates to installed software including antivirus updates.
    • Configure Group Policy to assign and publish applications.
  • Troubleshoot end-user Group Policy.
    • Troubleshoot Group Policy problems involving precedence, inheritance, filtering, and the No Override option.
    • Manually refresh Group Policy.
  • Implement and manage security policies by using Group Policy.
    • Use security templates to implement security policies.
    • Analyze the security configuration of a computer by using the secedit command and Security Configuration and Analysis.
    • Modify domain security policy to comply with corporate standards.
Configure, secure, and troubleshoot remote access
  • Configure and troubleshoot remote access and virtual private network (VPN) connections.
    • Configure and troubleshoot client-to-server PPTP and L2TP connections.
    • Manage existing server-to-server PPTP and L2TP connections.
    • Configure and verify the security of a VPN connection.
    • Configure client computer remote access properties.
    • Configure remote access name resolution and IP address allocation.
  • Troubleshoot a remote access policy.
    • Diagnose problems with remote access policy priority.
    • Diagnose remote access policy problems caused by user account group membership and nested groups.
    • Create and configure remote access policies and profiles.
    • Select appropriate encryption and authentication protocols.
  • Implement and troubleshoot Terminal Services for remote access.
    • Configure Terminal Services for remote administration or application server mode.
    • Configure Terminal Services for local resource mapping.
    • Configure Terminal Services user properties.
  • Configure and troubleshoot Network Address Translation (NAT) and Internet Connection Sharing.
    • Configure Routing and Remote Access to perform NAT.
    • Troubleshoot Internet Connection Sharing problems by using the ipconfig and ping commands.
Preparation Tools and ResourcesTo help you prepare for this exam, Microsoft Learning recommends that you have hands-on experience with the product and that you use the following training resources. These training resources do not necessarily cover all of the topics listed in the "Skills Measured" tab.
Learning Plans and Classroom Training There is no classroom training currently available.
Microsoft E-Learning There is no Microsoft E-Learning training currently available.
Microsoft Press Books There are no Microsoft Press books currently available.
Practice Tests
Microsoft Online Resources
  • TechNet: Designed for IT professionals, this site includes how-to instructions, best practices, downloads, technical chats, and much more.
  • MSDN: The Microsoft Developer Network (MSDN) is a reference for developers. It features code samples, technical articles, newsgroups, chats, and more.
  • Training and certification newsgroups: There is a newsgroup for every Microsoft certification. By participating in the ongoing dialogue, you take advantage of a unique opportunity to exchange ideas with and ask questions of others, including more than 750 Microsoft Most Valuable Professionals (MVPs) worldwide.
Have Questions? For advice about training and certification, connect with peers: For questions about a specific certification, chat with a Microsoft Certified Professional (MCP): To find out about recommended blogs, Web sites, and upcoming Live Meetings on popular topics, visit our community site: