Exam 70-297:

Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

Published:October 21, 2003
Language(s):English, French, German, Japanese
Audience(s):IT Professionals
Technology:Microsoft Windows Server 2003
Type:Proctored Exam

How To Get It: Schedule your exam through the following exam provider:

Take exam

Preparing for an Exam
This exam is scheduled to retire on July 31, 2013.
 
The Microsoft Certification website and this preparation guide contain a variety of resources to help you prepare for an exam. Preparing for and Taking an Exam — FAQ provides answers to frequently asked questions about exam registration ,preparation ,scoring ,and policies , including:
  • The most effective way to prepare to take an exam.
  • The relationship between Microsoft training materials and exam content.
  • Microsoft policy concerning the incorporation of service pack and revision updates into exam content.
  • Exam question types and formats.
  • Exam time limits and number of questions asked.
We recommend that you review this preparation guide in its entirety and familiarize yourself with the FAQs and resources on the Microsoft Certification website before you schedule your exam.
Audience Profile
The Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003 credential is intended for IT professionals who work in the typically complex computing environment of medium-sized to large companies. An MCSE candidate should have at least one year of experience implementing and administering a network operating system in environments that have the following characteristics:
  • 250 to 5,000 or more users
  • Three or more physical locations
  • Three or more domain controllers
  • Network services and resources such as messaging, database, file and print, proxy server, firewall, Internet, intranet, remote access, and client computer management
  • Connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet
In addition, an MCSE candidate should have at least one year of experience in the following areas:
  • Implementing and administering a desktop operating system
  • Designing an Active Directory and network infrastructure
Credit Toward CertificationWhen you pass Exam 70-297: Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure, you complete the requirements for the following certification(s):Exam 70-297: Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure: counts as credit toward the following certification(s):
Note This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format.
Skills Being MeasuredThis exam measures your ability to accomplish the technical tasks listed below.The percentages indicate the relative weight of each major topic area on the exam.The higher the percentage, the more questions you are likely to see on that content area on the exam.

The information after “This objective may include but is not limited to” is intended to further define or scope the objective by describing the types of skills and topics that may be tested for the objective. However, it is not an exhaustive list of skills and topics that could be included on the exam for a given skill area. You may be tested on other skills and topics related to the objective that are not explicitly listed here.
Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements
  • Analyze the impact of Active Directory on the existing technical environment.
    • Analyze hardware and software requirements.
    • Analyze interoperability requirements.
    • Analyze current level of service within an existing technical environment.
    • Analyze current network administration model.
    • Analyze network requirements.
  • Analyze DNS for Active Directory directory service implementation.
    • Analyze the current DNS infrastructure.
    • Analyze the current namespace.
  • Analyze existing network operating system implementation.
    • Identify the configuration details of all servers on the network. Server types might include primary domain controllers, backup domain controllers, file servers, print servers, and Web servers.
    • Identify the existing domain model.
    • Identify the number and location of domain controllers on the network.
  • Analyze security requirements for the Active Directory directory service.
    • Identify the existing trust relationships.
    • Analyze current security policies, standards, and procedures.
    • Identify the impact of Active Directory on the current security infrastructure.
  • Design the Active Directory infrastructure to meet business and technical requirements.
    • Design the envisioned administration model.
    • Create the conceptual design of the Active Directory forest structure.
    • Create the conceptual design of the Active Directory domain structure.
    • Design the Active Directory replication strategy.
    • Create the conceptual design of the organizational unit (OU) structure.
  • Design the network services infrastructure to meet business and technical requirements.
    • Create the conceptual design of the DNS infrastructure.
    • Create the conceptual design of the WINS infrastructure.
    • Create the conceptual design of the DHCP infrastructure.
    • Create the conceptual design of the remote access infrastructure.
  • Identify network topology and performance levels.
    • Identify constraints in the current network infrastructure.
    • Interpret current baseline performance requirements for each major subsystem.
  • Analyze the impact of the infrastructure design on the existing technical environment.
    • Analyze hardware and software requirements.
    • Analyze interoperability requirements.
    • Analyze current level of service within the existing technical environment.
    • Analyze network requirements.
Creating the Logical Design for an Active Directory Infrastructure
  • Design an OU structure.
    • Identify the Group Policy requirements for the OU structure.
    • Design an OU structure for the purpose of delegating authority.
  • Design a security group strategy.
    • Define the scope of a security group to meet requirements.
    • Define resource access requirements.
    • Define administrative access requirements.
    • Define user roles.
  • Design a user and computer authentication strategy.
    • Identify common authentication requirements.
    • Select authentication mechanisms.
    • Optimize authentication by using shortcut trust relationships.
  • Design a user and computer account strategy.
    • Specify account policy requirements.
    • Specify account requirements for users, computers, administrators, and services.
  • Design an Active Directory naming strategy.
    • Identify Internet domain name registration requirements.
    • Specify the use of hierarchical namespace within Active Directory.
    • Identify NetBIOS naming requirements.
  • Design migration paths to Active Directory.
    • Define whether the migration will include an in-place upgrade, domain restructuring, or migration to a new Active Directory environment.
  • Design a strategy for Group Policy implementation.
    • Create a strategy for configuring the computer environment with Group Policy.
    • Design the administration of Group Policy objects (GPOs).
    • Design the deployment strategy of GPOs.
    • Create a strategy for configuring the user environment with Group Policy.
  • Design an Active Directory directory service site topology.
    • Design sites.
    • Identify site links.
Creating the Logical Design for a Network Services Infrastructure
  • Design a DNS name resolution strategy.
    • Design a DNS strategy for interoperability with UNIX Berkeley Internet Name Domain (BIND) to support Active Directory.
    • Create the namespace design.
    • Identify DNS interoperability with Active Directory, WINS, and DHCP.
    • Specify zone requirements.
    • Specify DNS security.
  • Design a NetBIOS name resolution strategy.
    • Design a WINS replication strategy.
  • Design security for remote access users.
    • Specify logging and auditing settings.
    • Identify security host requirements.
    • Identify the authentication and accounting provider.
    • Design remote access policies.
  • Design a DNS service implementation.
    • Design a strategy for DNS zone storage.
    • Specify the use of DNS server options.
    • Identify the registration requirements of specific DNS records.
  • Design a remote access strategy.
    • Specify the remote access method.
    • Specify the authentication method for remote access.
  • Design an IP address assignment strategy.
    • Specify DHCP integration with DNS infrastructure.
    • Specify DHCP interoperability with client types.
Creating the Physical Design for an Active Directory and Network Infrastructure
  • Design DNS service placement.
  • Design an Active Directory implementation plan.
    • Design the placement of domain controllers and global catalog servers.
    • Plan the placement of flexible operations master roles.
    • Select the domain controller creation process.
  • Specify the server specifications to meet system requirements.
  • Design Internet connectivity for a company.
  • Design a network and routing topology for a company.
    • Design a TCP/IP addressing scheme through the use of IP subnets.
    • Specify the placement of routers.
    • Design IP address assignment by using DHCP.
    • Design a perimeter network.
  • Design the remote access infrastructure.
    • Plan capacity.
    • Ascertain network settings required to access resources.
    • Design for availability, redundancy, and survivability.
Preparation Tools and ResourcesTo help you prepare for this exam, Microsoft Learning recommends that you have hands-on experience with the product and that you use the following training resources. These training resources do not necessarily cover all of the topics listed in the "Skills Measured" tab.
Learning Plans and Classroom Training
Microsoft E-Learning
Microsoft Press Books There are no Microsoft Press books currently available.
Practice Tests
Microsoft Online Resources
  • Learning Plan : Get started with a step-by-step study guide that is based on recommended resources for this exam.
  • Microsoft Learning Community : Join newsgroups and visit community forums to connect with peers for suggestions on training resources and advice on your certification path and studies.
  • TechNet : Designed for IT professionals, this site includes how-to instructions, best practices, downloads, technical resources, newsgroups, and chats.
  • MSDN : Designed for developers, the Microsoft Developer Network (MSDN) features code samples, technical articles, downloads, newsgroups, and chats.
Have Questions? For advice about training and certification, connect with peers: For questions about a specific certification, chat with a Microsoft Certified Professional (MCP): To find out about recommended blogs, Web sites, and upcoming Live Meetings on popular topics, visit our community site: