• Online, Self-Paced

Understanding the Active Directory forest structure; the mechanics of domain controllers, hosted services and strategic placement, along with Active Directory replication is fundamental to effective planning, appropriate design and efficient deployment of a Active Directory forest infrastructure. Forest and domain planning and design is a team effort, and should be a methodical, sequential, and cyclical process. The forest stakeholders and IT designers should support the forest and domain design process; functional outlines and defined security requirement specifications, and detailed service and resource isolation and autonomy requirements. This course discusses Active Directory forest models, forest design guidelines, and domain design model guidelines and deployment.
The selection of the forest model and the domain models should be underpinned by a formal specification and build plan and timescale, and should be signed off by the stakeholders and owners; continuous review and testing should be integral activities within the forest design, deployment and operational phases. This course details the design concept and implementation of Active Directory forest and domain trusts, forest and domain functional level options, and the processes and options involved in upgrading Active Directory, a domain controller upgrade.

Learning Objectives

Designing and Implementing an AD DS Forest

  • describe Active Directory forest design models
  • recognize forest design requirements
  • describe the process of forest design creation
  • identify factors that will influence domain design model selection
  • identify the advantages of using a dedicated forest root
  • plan an AD forest design model based on a set of requirements

 

Designing and Implementing AD DS Domains

  • match the Server 2012 R2 trust types with their correct descriptions
  • differentiate between trust direction and trust transitivity
  • identify the considerations when creating an Active Directory trust
  • differentiate between domain functional levels and forest functional levels
  • identify AD design and deployment requirements
  • recognize the key issues that must be factored in when planning and designing the required upgrade to Server 2012 R2
  • recognize the features and capabilities of the ADMT utility
  • identify the requirements for domain rename
  • plan an AD DS Domain

 

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.