Term
Active Directory Certificate Services |
|
Definition
Active Directory Certificate Services (AD CS) provides a customizable set of services that allow you to issue and manage public key infrastructure (PKI) certificates. These certificates can be used in software security systems that employ public key technologies.
|
|
|
Term
Active Directory Domain Services |
|
Definition
Active Directory Domain Services (AD DS) includes new features that make deploying domain controllers simpler and that let you implement them faster. AD DS also makes the domain controllers more flexible, both to audit and to authorize for access to files. Moreover, AD DS has been designed to make performing administrative tasks easier through consistent graphical and scripted management experiences.
|
|
|
Term
Activ Directory Rights Management Services |
|
Definition
Active Directory Rights Management (ADRMS) provides managment and development tools that let you work with industry security technlogies, including encryption, certificates, and authentication. Using these technologies allows organizations to create reliable information protection solutions. |
|
|
Term
|
Definition
BitLocker is a tool that allows you to encrypt the hard drives of your computer. By encrypting the hard drives, you can provide enhanced protection against data theft or unauthorized exposure of your computers or removable drives that are lost or stolen.
|
|
|
Term
|
Definition
BranchCache allows data from files and web servers on a wide area network (WAN) to be cached on computers at a local branch office. By using BranchCache, you can improve application response times while also reducing WAN traffic. Cached data can be either distributed across peer client computers (distributed cache mode) or centrally hosted on a server (hosted cache mode). BranchCache is included with Windows Server 2012 R2 and Windows 8.
|
|
|
Term
|
Definition
DHCP Dynamic Host Configuration Protocol (DHCP) is an Internet standard that allows organizations to reduce the administrative overhead of configuring hosts on a TCP/ IP-based network. Some of the new features are DHCP failover, policy-based assignment, and the ability to use |
|
|
Term
|
Definition
DHCP Dynamic Host Configuration Protocol (DHCP) is an Internet standard that allows organizations to reduce the administrative overhead of configuring hosts on a TCP/ IP-based network. Some of the new features are DHCP failover, policy-based assignment, and the ability to use |
|
|
Term
|
Definition
DNS Domain Name System (DNS) services are used in TCP/ IP networks. DNS will convert a computer name or fully qualified domain name (FQDN) to an IP address. DNS also has the ability to do a reverse lookup and convert an IP address to a computer name. DNS allows you to locate computers and services through user-friendly names.
|
|
|
Term
|
Definition
Failover Clustering Failover Clustering gives an organization the ability to provide high availability and scalability to networked servers. Failover clusters can include file share storage for server applications, such as Hyper-V and Microsoft SQL Server, and those that run on physical servers or virtual machines.
|
|
|
Term
File Server Resource Manager |
|
Definition
File Server Resource Manager File Server Resource Manager is a set of tools that allows administrators to manage and control the amount and type of data stored on the organization’s servers. By using File Server Resource Manager, administrators have the ability to set up file management tasks, use quota management, get detailed reports, set up a file classification infrastructure, and configure file-screening management.
|
|
|
Term
|
Definition
Hyper-V is one of the most changed features in Windows Server 2012 R2. Microsoft’s new slogan is “Windows Server 2012 R2, built from the cloud up,” and this has a lot to do with Hyper-V. It allows an organization to consolidate servers by creating and managing a virtualized computing environment. It does this by usingvirtualization technology that is built into Windows Server 2012 R2. Hyper-V allows you to run multiple operating systems simultaneously on one physical computer. Each virtual operating system runs in its own virtual machine environment.
|
|
|
Term
|
Definition
IPAM IP Address Management (IPAM) is one of the features introduced with Windows Server 2012 R2. IPAM allows an administrator to customize and monitor the IP address infrastructure on a corporate network.
|
|
|
Term
|
Definition
Kerberos Authentication Windows Server 2012 R2 uses the Kerberos authentication (version 5) protocol and extensions for password-based and public key authentication. The Kerberos client is installed as a security support provider (SSP), and it can be accessed through the Security Support Provider Interface (SSPI).
. |
|
|
Term
Managed Service Accounts (gMSAs) |
|
Definition
Managed Service Accounts (gMSAs) Stand-alone managed service accounts, originally created for Windows Server 2008 R2 and Windows 7, are configured domain accounts that allow automatic password management and service principal names (SPNs) management, including the ability to delegate management to other administrators.
|
|
|
Term
|
Definition
Networking There are many networking technologies and features in Windows Server 2012 R2, including BranchCache, Data Center Bridging (DCB), NIC Teaming, and many more.
|
|
|
Term
|
Definition
Remote Desktop Services Before Windows Server 2008, we used to refer to this as Terminal Services. Remote Desktop Services allows users to connect to virtual desktops, RemoteApp programs, and session-based desktops. Using Remote Desktop Services allows users to access remote connections from within a corporate network or from the Internet.
|
|
|
Term
|
Definition
Security Auditing Security auditing gives an organization the ability to help maintain the security of an enterprise. By using security audits, you can verify authorized or unauthorized access to machines, resources, applications, and services. One of the best advantages of security audits is to verify regulatory compliance.
|
|
|
Term
|
Definition
Smart Cards Using smart cards (referred to as two-factor authentication) and their associated personal identification numbers (PINs) is a popular, reliable, and cost-effective way to provide authentication. When using smart cards, the user not only must have the physical card but also must know the PIN to be able to gain access to network resources. This is effective because even if the smart card is stolen, thieves can’t access the network unless they know the PIN.
Panek, William. MCSA Windows Server 2012 R2 Complete Study Guide: Exams 70-410, 70-411, 70-412, and 70-417 (p. 6). Wiley. Kindle Edition. |
|
|
Term
|
Definition
TLS/ SSL (Schannel SSP) Schannel is a security support provider (SSP) that uses the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols together. The Security Support Provider Interface is an API used by Windows systems to allow security-related functionality, including authentication. |
|
|
Term
WDS-Windows Deployment Service |
|
Definition
Windows Deployment Services Windows Deployment Services allows an administrator to install Windows operating systems remotely. Administrators can use Windows Deployment Services to set up new computers by using a network-based installation.
|
|
|
Term
Active Directory Certificate Services |
|
Definition
Active Directory Certificate Services The AD CS server role in Windows Server 2012 R2 allows you to build a PKI and provide public key cryptography, digital certificates, and digital signature capabilities for your organization.
Feature AD CS provides a customizable set of services that allows you to issue and manage PKI certificates. These certificates can be used in software security systems that employ public key technologies.
Role AD CS in Windows Server 2012 R2 is the server role that allows you to build a PKI and provide public key cryptography, digital certificates, and digital signature capabilities for your organization. |
|
|
Term
Active Directory Domain Services |
|
Definition
Active Directory Domain Services The AD DS server role allows you to create a scalable, secure, and manageable infrastructure for user and resource management and to provide support for directory-enabled applications, such as Microsoft Exchange Server. |
|
|
Term
Active Directory Federation Services |
|
Definition
Active Directory Federation Services (AD FS) provides Internet-based clients with a secure identity access solution that works on both Windows and non-Windows operating systems. AD FS gives users the ability to do a single sign-on (SSO) and access applications on other networks without needing a secondary password. |
|
|
Term
Active Directory Lightweight Directory Services. |
|
Definition
Active Directory Lightweight Directory Services (AD LDS) is a Lightweight Directory Access Protocol (LDAP) directory service that provides flexible support for directory-enabled applications, without the dependencies and domain-related restrictions of AD DS. Active Directory Rights |
|
|
Term
Active Directory Rights Management Services |
|
Definition
Active Directory Rights Management Services (AD RMS) in Windows Server 2012 R2 is the server role that provides you with management and development tools that work with industry security technologies including encryption, certificates, and authentication to help organizations create reliable information protection solutions. |
|
|
Term
|
Definition
Application Server provides an integrated environment for deploying and running custom, server-based business applications. |
|
|
Term
|
Definition
The Failover Clustering feature provides a way to create, configure, and manage failover clusters for up to 4,000 virtual machines or up to 64 physical nodes. |
|
|
Term
File and Storage Services |
|
Definition
File and Storage Services allows an administrator to set up and manage one or more file servers. These servers can provide a central location on your network where you can store files and then share those files with network users. If users require access to the same files and applications or if centralized backup and file management are important issues for your organization, administrators should set up network servers as a file server. |
|
|
Term
|
Definition
Group policies are a set of rules and management configuration options that you can control through the Group Policy settings. These policy settings can be placed on users’ computers throughout the organization. |
|
|
Term
|
Definition
The Hyper-V role allows administrators to create and manage a virtualized environment by taking advantage of the technology built into the Windows Server 2012 R2 operating system. When an administrator installs the Hyper-V role, all required virtualization components are installed. Some of the required components include the Windows hypervisor, Virtual Machine Management Service, the virtualization WMI provider, the virtual machine bus (VMbus), the virtualization service provider (VSP), and the virtual infrastructure driver (VID). |
|
|
Term
|
Definition
This feature allows administrators to design, deploy, and maintain a Windows Server 2012 R2 network. The networking features include 802.1X authenticated wired and wireless access, BranchCache, Data Center Bridging, low-latency workload technologies, and many more |
|
|
Term
|
Definition
The Network Load Balancing (NLB) feature dispenses traffic across multiple servers by using the TCP/ IP networking protocol. By combining two or more computers that are running applications in Windows Server 2012 R2 into a single virtual cluster, NLB provides reliability and performance for mission-critical servers. |
|
|
Term
|
Definition
Network Policy and Access Services Use the Network Policy and Access Services server role to install and configure Network Access Protection (NAP), secure wired and wireless access points, and RADIUS servers and proxies. |
|
|
Term
Network Policy and Access Services |
|
Definition
Network Policy and Access Services Use the Network Policy and Access Services server role to install and configure Network Access Protection (NAP), secure wired and wireless access points, and RADIUS servers and proxies. |
|
|
Term
Print and Document Services |
|
Definition
Print and Document Services allows an administrator to centralize print server and network printer tasks. This role also allows you to receive scanned documents from network scanners and route the documents to a shared network resource, Windows SharePoint Services site, or email addresses. Print and Document Services also provides fax servers with the ability to send and receive faxes while also giving the administrator the ability to manage fax resources such as jobs, settings, reports, and fax devices on the fax server. |
|
|
Term
|
Definition
Remote Desktop Services allows for faster desktop and application deployments to any device, improving remote user effectiveness while helping to keep critical data secure. Remote Desktop Services allows for both a virtual desktop infrastructure (VDI) and session-based desktops, allowing users to connect from anywhere. |
|
|
Term
|
Definition
Security and Protection Windows Server 2012 R2 has many new and improved security features for your organization. These security features include Access Control, AppLocker, BitLocker, Credential Locker, Kerberos, NTLM, passwords, security auditing, smart cards, and Windows Biometric Framework (WBF). |
|
|
Term
|
Definition
The Telemetry service allows the Windows Feedback Forwarder to send feedback to Microsoft automatically by deploying a Group Policy setting to one or more organizational units. Windows Feedback Forwarder is available on all editions of Windows Server 2012 R2, including Server Core. |
|
|
Term
|
Definition
Volume Activation Windows Server 2012 R2 Volume Activation will help your organization benefit from using this service to deploy and manage volume licenses for a medium to large number of computers. |
|
|
Term
|
Definition
The Web Server (IIS) role in Windows Server 2012 R2 allows an administrator to set up a secure, easy-to-manage, modular, and extensible platform for reliably hosting websites, services, and applications. |
|
|
Term
Windows Deployment Services |
|
Definition
Windows Deployment Services allows an administrator to install a Windows operating system over the network. Administrators do not have to install each operating system directly from a CD or DVD. |
|
|
Term
Windows Server Backup Feature |
|
Definition
The Windows Server Backup feature gives an organization a way to back up and restore Windows servers. You can use Windows Server Backup to back up the entire server (all volumes), selected volumes, the system state, or specific files or folders. |
|
|
Term
Windows Server Update Services |
|
Definition
Windows Server Update Services (WSUS) allows administrators to deploy application and operating system updates. By deploying WSUS, administrators have the ability to manage updates that are released through Microsoft Update to computers in their network. This feature is integrated with the operating system as a server role on a Windows Server 2012 R2 system. |
|
|
Term
|
Definition
Basic disks are divided into partitions and can be used with previous versions of Windows. |
|
|
Term
|
Definition
Dynamic disks are divided into volumes and can be used with Windows 2000 Server and newer releases. |
|
|
Term
|
Definition
A volume set is created from volumes that span multiple drives by using the free space from those drives to construct what will appear to be a single drive. |
|
|
Term
|
Definition
Simple volume uses only one disk or a portion of a disk. |
|
|
Term
|
Definition
Spanned volume is a simple volume that spans multiple disks, with a maximum of 32. Use a spanned volume if the volume needs are too great for a single disk. |
|
|
Term
|
Definition
Striped volume stores data in stripes across two or more disks. A striped volume gives you fast access to data but is not fault tolerant, nor can it be extended or mirrored. If one disk in the striped set fails, the entire volume fails. |
|
|
Term
|
Definition
Mirrored volume duplicates data across two disks. This type of volume is fault tolerant because if one drive fails, the data on the other disk is unaffected. |
|
|
Term
|
Definition
volume stores data in stripes across three or more disks. This type of volume is fault tolerant because if a drive fails, the data can be re-created from the parity off of the remaining disk drives. Operating system files and boot files cannot reside on the RAID-5 disks. |
|
|
Term
|
Definition
Storage pools are a group of physical disks that allows an administrator to delegate administration, expand disk sizes, and group disks together. |
|
|
Term
|
Definition
Storage spaces allow an administrator to take free space from storage pools and create virtual disks called storage spaces. Storage spaces give administrators the ability to have precise control, resiliency, and storage tiers. Storage spaces and storage pools can be managed by an administrator through the use of the Windows Storage Management API, Server Manager, or Windows PowerShell. One of the advantages of using the Storage Spaces technology is the ability to set up resiliency. There are three types of Storage Space resiliency: mirror, parity, and simple (no resiliency).
Now that you understand what storage spaces and storage pools do, let’s take a look at some of the other advantages of using these features in Windows Server 2012 R2. |
|
|
Term
|
Definition
Availability One advantage to the Storage Spaces technology is the ability to fully integrate the storage space with failover clustering. This advantage allows administrators to achieve service deployments that are continuously available. Administrators have the ability to set up storage pools to be clustered across multiple nodes within a single cluster. |
|
|
Term
|
Definition
The Storage Spaces technology allows virtual disks to be created with a two-tier storage setup. For data that is used often, you have an SSD tier; for data that is not used often, you use an HDD tier. The Storage Spaces technology will automatically transfer data at a subfile level between the two different tiers based on how often the data is used. Because of tiered storage, performance is greatly increased for data that is used most often, and data that is not used often still gets the advantage of being stored on a low-cost storage option. |
|
|
Term
|
Definition
One advantage of using storage pools is that administrators have the ability to control access by using access control lists (ACLs). What is nice about this advantage is that each storage pool can have its own unique access control lists. Storage pools are fully integrated with Active Directory Domain Services.
The ability to support drive sets and arrays using Redundant Array of Independent Disks (RAID) technology is built into Windows Server 2012 R2. RAID can be used to enhance data performance, or it can be used to provide fault tolerance to maintain data integrity in case of a hard disk failure. Windows Server 2012 R2 supports three types of RAID technologies: RAID-0, RAID-1, and RAID-5. |
|
|
Term
|
Definition
RAID-0 (Disk Striping) Disk striping is using two or more volumes on independent disks created as a single striped set. There can be a maximum of 32 disks. In a striped set, data is divided into blocks that are distributed sequentially across all of the drives in the set. With RAID-0 disk striping, you get very fast read and write performance because multiple blocks of data can be accessed from multiple drives simultaneously. However, RAID-0 does not offer the ability to maintain data integrity during a single disk failure. In other words, RAID-0 is not fault tolerant; a single disk event will cause the entire striped set to be lost, and it will have to be re-created through some type of recovery process, such as a tape backup. |
|
|
Term
|
Definition
Disk mirroring is two logical volumes on two separate identical disks created as a duplicate disk set. Data is written on two disks at the same time; that way, in the event of a disk failure, data integrity is maintained and available. Although this fault tolerance gives administrators data redundancy, it comes with a price because it diminishes the amount of available storage space by half. For example, if an administrator wants to create a 300GB mirrored set, they would have to install two 300GB hard drives into the server, thus doubling the cost for the same available space. |
|
|
Term
RAID-5 Volume (Disk Striping with Parity) |
|
Definition
RAID-5 Volume (Disk Striping with Parity) With a RAID-5 volume, you have the ability to use a minimum of three disks and a maximum of 32 disks. RAID-5 volumes allow data to be striped across all of the disks with an additional block of error-correction called parity. Parity is used to reconstruct the data in the event of a disk failure. RAID-5 has slower write performance than the other RAID types because the OS must calculate the parity information for each stripe that is written, but the read performance is equivalent to a stripe set, RAID-0, because the parity information is not read. Like RAID-1, RAID-5 comes with additional cost considerations. For every RAID-5 set, roughly an entire hard disk is consumed for storing the parity information. For example, a minimum RAID-5 set requires three hard disks, and if those disks are 300GB each, approximately 600GB of disk space is available to the OS and 300GB is consumed by parity information, which equates to 33.3 percent of the available space. Similarly, in a five-disk RAID-5 set of 300GB disks, approximately 1,200GB of disk space is available to the OS, which means that 20 percent of the total available space is consumed by the parity information. The words roughly and approximately are used when calculating disk space because a 300GB disk will really be only about 279GB of space. This is because vendors define a gigabyte as 1 billion bytes, but the OS defines it as 230 (1,073,741,824) bytes. Also, remember that file systems and volume managers have overhead as well. |
|
|
Term
|
Definition
Multipath I/ O (MPIO) is associated with high availability because a computer will be able to use a solution with redundant physical paths connected to a storage device. Thus, if one path fails, an application will continue to run because it can access the data across the other path. The MPIO software provides the functionality needed for the computer to take advantage of the redundant storage paths. MPIO solutions can also load-balance data traffic across both paths to the storage device, virtually eliminating bandwidth bottlenecks to the computer. What allows MPIO to provide this functionality is the new native Microsoft Device Specific Module (Microsoft DSM). The Microsoft DSM is a driver that communicates with storage devices— iSCSI, Fibre Channel, or SAS— and it provides the chosen load-balancing policies. |
|
|
Term
|
Definition
Failover In a failover configuration, there is no load balancing. There is a primary path that is established for all requests and subsequent standby paths. If the primary path fails, one of the standby paths will be used |
|
|
Term
|
Definition
Failback This is similar to failover in that it has primary and standby paths. However, with failback you designate a preferred path that will handle all process requests until it fails, after which the standby path will become active until the primary reestablishes a connection and automatically regains control. |
|
|
Term
|
Definition
Round Robin In a round-robin configuration, all available paths will be active and will be used to distribute I/ O in a balanced round-robin fashion. |
|
|
Term
Round Robin with a Subset of Paths |
|
Definition
In this configuration, a specific set of paths will be designated as a primary set and another as standby paths. All I/ O will use the primary set of paths in a round-robin fashion until all of the sets fail. Only at this time will the standby paths become active. |
|
|
Term
Dynamic Least Queue Depth |
|
Definition
Dynamic Least Queue Depth In a dynamic least queue depth configuration, I/ O will route to the path with the least number of outstanding requests. |
|
|
Term
|
Definition
Weighted Path In a weighted path configuration, paths are assigned a numbered weight. I/ O requests will use the path with the least weight— the higher the number, the lower the priority. |
|
|
Term
Internet Small Computer System Interface (iSCSI) |
|
Definition
(iSCSI) is an interconnect protocol used to establish and manage a connection between a computer (initiator) and a storage device (target). It does this by using a connection through TCP port 3260, which allows it to be used over a LAN, a WAN, or the Internet. Each initiator is identified by its iSCSI Qualified Name (iqn), and it is used to establish its connection to an iSCSI target. iSCSI was developed to allow block-level access to a storage device over a network. This is different from using a network attached storage (NAS) device that connects through the use of Common Internet File System (CIFS) or Network File System (NFS). |
|
|
Term
Internet Storage Name Service (iSNS) |
|
Definition
(iSNS) allows for central registration of an iSCSI environment because it automatically discovers available targets on the network. The purpose of iSNS is to help find available targets on a large iSCSI network. The Microsoft iSCSI initiator includes an iSNS client that is used to register with the iSNS. The iSNS feature maintains a database of clients that it has registered either through DCHP discovery or through manual registration. iSNS DHCP is available after the installation of the service, and it is used to allow iSNS clients to discover the location of the iSNS. However, if iSNS DHCP is not configured, iSNS clients must be registered manually with the iscsicli command. |
|
|
Term
Fibre Channel storage devices |
|
Definition
Fibre Channel storage devices are similar to iSCSI storage devices in that they both allow block-level access to their data sets and can provide MPIO policies with the proper hardware configurations. However, Fibre Channel requires a Fibre Channel HBA, fiber-optic cables, and Fibre Channel switches to connect to a storage device. |
|
|