+ Reply to Thread
Results 1 to 20 of 20

Thread: RRAS studying

  1. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #1

    Default RRAS studying

    Still studying for the 293. I know there aren't a ton of questions on RRAS but for those who did really well on the section (a.p.a?) what would be a good study plan to cover for the material on the 293?

    I'm reading the RRAS sections but my eyes are glazing over and nothing is really sinking in. It's like a fight to really try to know this stuff.

    I know the basic network stuff from the CCNA like RIP/OSPF so I don't need to know that stuff. Is there a recommended lab I could setup at home that would be a real help to me? Or is there a powerful section from some other reading material (not MS or Syngress) that would do me well?

    Thanks
    Reply With Quote Quote  

  2. SS -->
  3. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #2

    Default Re: RRAS studying

    Quote Originally Posted by Mishra
    Still studying for the 293. I know there aren't a ton of questions on RRAS but for those who did really well on the section (a.p.a?) what would be a good study plan to cover for the material on the 293?

    I'm reading the RRAS sections but my eyes are glazing over and nothing is really sinking in. It's like a fight to really try to know this stuff.

    I know the basic network stuff from the CCNA like RIP/OSPF so I don't need to know that stuff. Is there a recommended lab I could setup at home that would be a real help to me? Or is there a powerful section from some other reading material (not MS or Syngress) that would do me well?

    Thanks
    Im at the RRAS part in the MS Press book as well. I CANNOT STAND RRAS. Probably my only pet peeve with the MCSE track is RRAS. Its tough material to retain for me. From my understanding, its lighter than the 291 portions. But dont take my word for it.
    Reply With Quote Quote  

  4. One Man Wolfpac NetAdmin2436's Avatar
    Join Date
    Mar 2008
    Location
    Minnesota
    Posts
    1,077

    Certifications
    AAS in Computer Networking, MCSE 2003, Network+, Security+, A+
    #3
    Don't expect any help from me
    http://www.techexams.net/forums/viewtopic.php?t=35564

    I'm actually just on chapter 2 of the MS Press book for 70-293 so far. I don't care for RRAS either. Have you gone through the exercise in the MS press booK? With a quick techexams search, i found this...
    http://www.techexams.net/forums/viewtopic.php?t=24223
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #4
    I don't remember much new RRAS material from 291. What're you having problems with?
    Reply With Quote Quote  

  6. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #5
    Here is a good post I found

    IP (Subnetting, TCP/IP, DHCP• Netcap – captures network traffic in Network Monitor – used to get MAC addresses
    • Net start dhcpserver
    • DHCP Relay Agent – part of RRAS
    • DHCP Backup & Transfer – Move backed up file to prevent address conflicts
    • DHCP Superscope - Creating a superscope with multiple subnets will cause clients to retain current scope addresses
    • DHCP know difference of Reservation & Exclusion
    • Reservation – Range is reserved for client with set MAC Addresses
    • Exclusion – Range is excluded from DHCP Scope
    • 169.254.X.X = APIPA Address
    • DHCP Server States:
    • White X in Red Circle – Service not started
    • Green Up Arrow in White Circle – Server active and connected
    • White Exclamation Mark in Blue Circle – Out of Addresses (Error 14)
    • Red Down Arrow in White Circle – DHCP not authorized
    • Connectivity issues between 2 router separated networks are probably gateway related, then subnet
    • ICS has IP addressing built in & can’t coexist easily with a DHCP configured network
    • For network router setting, ALWAYS use IP address of network router/connector, not company’s NAT/RRAS or ISP
    • Subnet mask determines whether packet destination is internal or remote bound via gateway
    • DHCP Servers must have an IP address on the subnet of each scope, including superscopes

    DNS
    • Use WINS forward lookup to connect to a NT4 network without a DNS server unless DHCP dynamically allocated
    • Understand Root Hints
    • Understand Application Directory Partitions
    • Active Directory Integrated DNS Servers should also be Domain Controllers
    • Stub zones and Delegations are used to make child domains of ALREADY CREATED Primary/Secondary/ADI Zones
    • Zone Options Tabs: General, SOZ, NS, WINS, Zone Transfers. Security
    • SOA Tab: Refresh: 15 Min, Retry (Should be less than refresh): 10 Min, Expire: 1 Day, Min TTL: 1 Hour, TTL for Zone: 1 Day
    • Increment S/N of zone by clicking increment button
    • Transfer Zone – force zone transfer from Primary. Option available on Secondary. Occurs automatically at Refresh Interval.
    • Reload Zone- reinitialize zone from local DNS file
    • DNS Suffix Search List setting in the GPO allows multiple suffixes to be queried
    • Dynamically Hosted NS Records without hosting zone => Stub Zone
    • Use WINS Forward Lookup that is close to the requesting DNS server.
    • Stub Zone & Delegation queries forward child zone DNS info to client, which might be blocked by firewall.
    • Ports: 25-SMTP; 53-DNS; 80-HTTP; 110-POP3; 483-HTTPS
    • Conditional Forwarding routes certain domain requests
    • Simple Forwarding routes all names external to server
    • Shorten expiration times for branch offices with unreliable connections to reduce incorrect query responses.
    • Create a unique host name (A) and, if needed, CNAME records for multiple servers pointing to one address.
    • Nslookup – lists all/specific records in a zone; netdiag; dnscmd
    • Host/Server Options Tabe: Debug Logging, Event Logging, Monitoring, Security, Interfaces, Forwarders, Advanced, Root Hints

    Network Infrastructure (Network Monitor, System Monitor, Service Dependency, Connectivity)• c:\windows\system32\parser.ini & parsers folder for netmon protocol parshing
    • DHCP process DORA/DORN
    • Task Manager>Networking Tab
    • Performance Console>System Monitor View (Other Views: Counter Logs, Trace Logs, Alerts)
    • Netstat – DOS based network usage/settings displayer (i.e. ports in use)
    • Nslookup – check ns records being returned by DNS
    • Net Logon service registers SRV records in DNS – allows domain logon authentication
    • shutdown /i allows remote shutdown

    Security• Security Configuration and Analysis MMC Snap-in
    • secedit – Security Configuration and Analysis in command line –either can be used to modify templates
    • IP Security Monitor MMC Snap – in
    • netsh ipsec – IP Security Monitor in command line
    • netdiag – command line tool to display IPSec Info & test/view network configuration
    • IP Security Monitor 0 monitor & troubleshoot ACTIVE IPSec policy
    • netcap.exe – capture network data from command line to view later
    o Network Monitor does not have to be installed and it works on Windows XP
    • mbsaclie.exe – MS Baseline Security Analyzer in command line
    • SUS clients must have client installer installed, or 2000 SP2, XP SP1, or 2003
    • SUS Client Installer – WUAU22.msi
    • Only 2000, XP & 2003 can be SUS clients
    • Performance log user have more rights than power users, less than administrators
    • Domain Controllers do not have a power users group

    Miscellaneous
    • Audit Logon Events in GPO is using local user accounts
    • Audit Account Logon Events in GPO is using domain user accounts
    • Newly created user accounts must be able to contact a Global Catalog Server

    Routing and Remote Access Server (VPN, Router, DHCP Relay, NAT, Firewall, Demand Dial, etc.)• RRAS member servers of a domain must be added to RAS and IAS Servers domain local security group
    • DCs are automatically added to RAS and IAS Servers group
    • Route print – view routing table
    • Remote access routers calling in must have exact credentials to answering router’s demand dial interface configuration, or be considered a remote access user
    • ICS automatically assigns addresses from beginning of 192.168.0.0/24 range and can’t access other ranges
    • RIP is for smaller networks, less configuration.
    • OSPF is complicated to set up and install, but more versatile and less bandwidth for larger networks
    • RIP has a 15 hop limit
    • RIP can use password only authentication, but it is sent in clear text
    • RIP can use a list of authorized routers
    • RI can filter routes that it receives from other routers by IP range (i.e. accept only 10.X.X.X ranges)
    • RIP can advertise with broadcasts (v1, v2) or multicast (v2) or listed neighbors
    • OSPF uses a map of the internetwork called a Link State Database
    • DHCP Relay Agents and RFC1542 compliant routers can pass DHCP Broadcasts
    • DHCP Relay Agent can’t be run on a server with DHCP, ICS or NAT with auto addressing enabled since they all assign IP addresses already
    • RRAS reserves DHCP addresses in blocks of 10
    • EAP-TLS is not supported on standalone servers - used for smartcards
    • Windows 95 does not support MS-CHAP v2, only 2000/2003/XP support EAP
    • Remote Access Policies – understand them
    • Control access through Remote Access Policies is disabled in a Windows 2000 mixed domain functional level
    • If using EAP-TLS for VPN authentication, all VPN clients require a user certificate
    • IAS servers can use RADIUS to authenticate multiple RRAS servers.

    http://www.mcmcse.com/forums/viewtopic.php?p=51323
    Reply With Quote Quote  

  7. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #6
    Quote Originally Posted by dynamik
    I don't remember much new RRAS material from 291. What're you having problems with?
    I get the basic points that they try to teach like "RRAS supports several authentication protocols, including EAP, MS-CHAP (versions 1 and 2), CHAP, SPAP, and PAP". But from my 291 experience I just know they are going to ask something crazy situation which I'm not going to understand their angle at all... Even the labs aren't very comprehensive. "make a VPN connection".

    With the DNS questions they basically asked things you could relate back to your studies. And things that people repeatedly ask on this forum.. But with the RRAS questions it's almost like you needed to lab it out before you understood their angle... I just can't see the full picture (ever read my taco example? lol http://www.techexams.net/forums/view...er=asc&start=0) like I can with DNS (something I have to understand on a day to day basis [meaning the protocol.. I don't manage any DNS servers])
    Reply With Quote Quote  

  8. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #7
    Quote Originally Posted by Mishra
    Quote Originally Posted by dynamik
    I don't remember much new RRAS material from 291. What're you having problems with?
    I get the basic points that they try to teach like "RRAS supports several authentication protocols, including EAP, MS-CHAP (versions 1 and 2), CHAP, SPAP, and PAP". But from my 291 experience I just know they are going to ask something crazy situation which I'm not going to understand their angle at all... Even the labs aren't very comprehensive. "make a VPN connection".

    With the DNS questions they basically asked things you could relate back to your studies. And things that people repeatedly ask on this forum.. But with the RRAS questions it's almost like you needed to lab it out before you understood their angle... I just can't see the full picture (ever read my taco example? lol http://www.techexams.net/forums/view...er=asc&start=0) like I can with DNS (something I have to understand on a day to day basis [meaning the protocol.. I don't manage any DNS servers])

    well I finally stomached the chapter on RRAS, and it looks like our assumptions were correct (at least in the MSPress book). Like you, I try to relate everything I study into my workplace. Since RRAS is seldom used anywhere (including my workplace), its hard to relate this crap to anything, making it difficult for me to understand. So I just keep plugging away on the labs until it somewhat clicks in my brain. Unfortunately, the only thing I found working for RRAS is constant repetition.
    Reply With Quote Quote  

  9. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #8
    Set my lab back up last night. Glad to see it in order again.




    Will be working on some other projects before breaking into the 293 lab wise.
    Reply With Quote Quote  

  10. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #9
    From the top

    Cisco 2950, P3 rack server, Sun Sparc, Cisco 1711, Netwinder MIPS processor (not in the pic), 2 single xeon machines, 3 Cisco 2501s, another P3 rack server

    P2 Endian Firewall, P3 apache server, P3, Dual Xeon VMware machine

    P3, AMD XP 2100, Another AMD XP 2100
    Reply With Quote Quote  

  11. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #10
    if you don't mind me asking; what kind of lab scenarios are you creating? Since we are both studying for the same exam, I figure I would ask. Maybe I'm missing something on RRAS I should lab up.
    Reply With Quote Quote  

  12. One Man Wolfpac NetAdmin2436's Avatar
    Join Date
    Mar 2008
    Location
    Minnesota
    Posts
    1,077

    Certifications
    AAS in Computer Networking, MCSE 2003, Network+, Security+, A+
    #11
    Kind of looks like my shelf a couple years ago before I threw away a bunch of really old P1 and AMD K6 stuff.

    In your studies, know your PKI stuff too. I got my arse kicked on it today.
    Reply With Quote Quote  

  13. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #12
    Quote Originally Posted by NetAdmin2436
    Kind of looks like my shelf a couple years ago before I threw away a bunch of really old P1 and AMD K6 stuff.

    In your studies, know your PKI stuff too. I got my arse kicked on it today.
    Actually I have been putting the majority of my focus on PKI and clustering. Its funny because I scored a perfect on the RRAS part in 291, and its probably my weakest subject

    netadmin, you took 293 today and not going to post a review of how it went????? Isn't that against forum code or something?

    I hope it went well!

    EDIT: Sorry bro
    Reply With Quote Quote  

  14. One Man Wolfpac NetAdmin2436's Avatar
    Join Date
    Mar 2008
    Location
    Minnesota
    Posts
    1,077

    Certifications
    AAS in Computer Networking, MCSE 2003, Network+, Security+, A+
    #13
    Quote Originally Posted by snadam
    Quote Originally Posted by NetAdmin2436
    Kind of looks like my shelf a couple years ago before I threw away a bunch of really old P1 and AMD K6 stuff.

    In your studies, know your PKI stuff too. I got my arse kicked on it today.
    Actually I have been putting the majority of my focus on PKI and clustering. Its funny because I scored a perfect on the RRAS part in 291, and its probably my weakest subject

    netadmin, you took 293 today and not going to post a review of how it went????? Isn't that against forum code or something?

    I hope it went well!

    EDIT: Sorry bro
    No worries.

    So you were actually talking to me and not jimmy. I was kinda of wondering where that came from.

    I actually had my failure 'I got kicked in the face' post up before you posted the first time. Besides I'm not afraid to admit defeat.....or in this case humiliation.
    Reply With Quote Quote  

  15. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #14
    Quote Originally Posted by snadam
    if you don't mind me asking; what kind of lab scenarios are you creating? Since we are both studying for the same exam, I figure I would ask. Maybe I'm missing something on RRAS I should lab up.
    What are the book(s) you are reading exactly?
    Reply With Quote Quote  

  16. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #15
    Quote Originally Posted by Mishra
    Quote Originally Posted by snadam
    if you don't mind me asking; what kind of lab scenarios are you creating? Since we are both studying for the same exam, I figure I would ask. Maybe I'm missing something on RRAS I should lab up.
    What are the book(s) you are reading exactly?
    mspress and syngress at the moment. Havent dabbled with syngress much yet, Ill tackle this book this weekend and next week. Generally, I feel comfortable with RRAS, but any other tips/suggestions are always good.




    netadmin: Yea I thought that jimmypizzle wrote that, and I went back and changed it. Which would explain why I didnt see your original thread earlier.
    Reply With Quote Quote  

  17. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #16
    I'm guessing you have

    MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Second Edition

    right?
    Reply With Quote Quote  

  18. One Man Wolfpac NetAdmin2436's Avatar
    Join Date
    Mar 2008
    Location
    Minnesota
    Posts
    1,077

    Certifications
    AAS in Computer Networking, MCSE 2003, Network+, Security+, A+
    #17
    Quote Originally Posted by snadam
    Quote Originally Posted by Mishra
    Quote Originally Posted by snadam
    if you don't mind me asking; what kind of lab scenarios are you creating? Since we are both studying for the same exam, I figure I would ask. Maybe I'm missing something on RRAS I should lab up.
    What are the book(s) you are reading exactly?
    mspress and syngress at the moment. Havent dabbled with syngress much yet, Ill tackle this book this weekend and next week. Generally, I feel comfortable with RRAS, but any other tips/suggestions are always good.
    I know you guys seen this on the other thread, but Yeah I added the Syngress book too. I used the same MS Press book Self Paced Training Kit (Exam 70-293).
    Reply With Quote Quote  

  19. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #18
    Quote Originally Posted by Mishra
    I'm guessing you have

    MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Second Edition

    right?

    yep sure do. Read mspress front to back already. did the labs in there. Havent looked for any other practice labs in the syngress yet; but I probably will start tonight.
    Reply With Quote Quote  

  20. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #19
    Have you been doing labs with NAT?
    Reply With Quote Quote  

  21. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #20
    Quote Originally Posted by Mishra
    Have you been doing labs with NAT?
    nope not yet. I should to refresh myself though...I can definitely squeeze it in before the exam.

    BTW as umdomiel knows, I'm probably over-stressing this exam but I would rather stress out and pass then be calm and fail; even with 2nd shot.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks