BigLabV1

8/6/2019 BigLabV1

1/7

TRUNG TM O TO MNG MY TNHNHT NGH105 B Huyn Thanh Quan 205 V Th Su , Q3, TP. HCM

Tel: 9322735 0913735906 Fax: 9322734 Website: www.nhatnghe.com

LAB TNG HP CUI KHA MCSA Trang 1 / 7

LAB TNG HP CUI KHO MCSA (VERSION 1)

Trong mi phng Lab, Ging Vin chun b t nht 01 PC Test c kh nng truy cp Internet.

Hiu hnh: Firewall v Server : Windows Server 2003 Enterprise Service Pack 1Work Station : Windows XP Professional Service Pack 1

FirewallThng s IPExternal Interface Internal Interface

Server WorkStation

IP Address 192.168.0.1 192.168.1.1 192.168.1.2

Network Mask 255.255.255.0 255.255.255.0 255.255.255.0

Default Gateway 192.168.0.100 Khng 192.168.1.1

Preferred DNS server Khng 192.168.1.2 192.168.1.2

Obtainautomatically

I. CSH TNG MNG1. Nng cp Server thnh domain controller:

Domain name l NhomX.com (X l s my ca Firewall). Sau khi nng cp xong, b sung reversed lookup zone ca DNS (primary reversed

lookup zone: 192.168.1.X; secured dynamic update; to pointer). Sau khi b sung,phn gii th internet name ca Server.

Cu hnh DNS Forwarder: All other DNS domains ch v DNS ca mt nh cungcp dch v internet (V d: 210.245.31.130).

2. Cu hnh Server thnh DHCP server. Ci DHCP service. Authorize DHCP server. To scope:

- Scope name: Company LAN- Address range: 192.168.1.11 192.168.1.200- Default gateway: 192.168.1.1- Domain name: NhomX.com- DNS server: 192.168.1.2

3. Work Station xin IP (cmd-line: IPCONFIG / RENEW) v join domain.4. Firewall join domain.

8/6/2019 BigLabV1

2/7

8/6/2019 BigLabV1

3/7




12. Trn Server, to 01 shared printert tn l Prn01. Cc user Sp c quyn in, iu chnh my in v xa job ca mi user Cc user Nhn vin c quyn in Cu hnh sao cho print job ca sp lun lun in trc print job ca nhn vin. Chuyn spool folder v E:\PrinterSpool.

13. Cu hnh h thng ghi nhn cc s kin:Cu hnh: ng nhp tri php bng domain user account ng nhp tri php bng local user account (trn my Work Station) Truy cp tri php vo th mc DataKeToan. Yu cu: Ch ghi nhn cc s kin nu trn, khng ghi nhn cc s kin khc.Kim tra: Thc hin cc hnh ng tri php v theo di bng event viewer

14. Back up Back up system state ca Firewall v Server vo cc ngy 15 v 30 hng thng. Ring

thng 2 thc hin vo ngy 15 v 28. Mi ngy Backup ton b th mc D:\DATA Quan st Schedule Task thy backup task va c lp schedule. Volume shadow copies cho a D trn Server. Shadow copy lu ti a E

15. Cu hnh Server thnh mail server (Exchange 2003), to cc recipient. Install ASP.net, SMTP v NNTP. Install Exchange 2003. To mail box cho tt c cc user. To mail-enabled contact HocVien vi a ch webmail (yahoo, gmail ) ca hc

vin.

16. Cu hnh Server thnh Enterprise root CA. Ci Certificate Service. CA name: NhatNgheCA Restart Work Station v Firewall. Ln lt thc hin trn Work Station v Firewall:

Log on Domain Administrator, to console Certificate (computer account) nhnc NhatNgheCA l mt trong nhng Trusted Root CA.

17. Xin Certificate Key Recovery Agent cho Domain Administrator. To user template mi ckh nng m ha mail v tng lu tr key. Cc user xin certificate.

Thc hin trn Server: Duplicate template User to 1 certificate template mi tn User Version 2 C p cc quyn Read, Enroll v Autoenroll cho cc group Authenticated Users v

Domain Users i vi template User Version 2 Pht hnh cc Certificate Template KRA v User Version 2 Log on Administrator xin certificate KRA, issue v install certificate KRA. Kch hot chc nng archive the key ca KRA va to. To console cetificate quan st certificate KRA va install.Thc hin trn Work Station : Log on cc user KT1, NS1 xin certificate theo template User Version 2 Log on cc user KT1, NS1 , to console cetificate quan st certificate va install.

8/6/2019 BigLabV1

4/7



Trang 4 / 7 LAB TNG HP CUI KHA MCSA

18. User log on WorkStation dng Outlook Express gi mail cho nhau c sign v encrypt. Log on Administrator trn Server, enable service Microsoft Exchange POP3. Log on KT1 trn Work Station, to account trong chng trnh Outlook Express. KT1

gi mail cho NS1 c signature. Cu hnh account ca KT1 lu bn sao camessage trn server sau khi check mail.

Log on NS1 trn Work Station, to account trong chng trnh Outlook Express. NS1gi mail cho KT1 c signature v encryption.

Log on KT1 trn Work Station, check mail Outlook Express19. Gi lp user b hng certificate, KRA phc hi certificate cho user. Thc hin trn Work

Station.

Log on Administrator, xo profile ca user KT1. Log on KT1, to li account ca KT1 trong Outlook Express v check mail. Log on Administrator, phc hi key cho KT1. Log on KT1, import key v check mail Outlook Express.

20. User log on WorkStation dng MS Outlook gi mail cho nhau c sign v encrypt. Log on KT1 trn Work Station, to account trong chng trnh MS Outlook. KT1 gi

mail cho NS1 c signature. Log on NS1 trn Work Station, to account trong chng trnh MS Outlook. NS1 gi

mail cho KT1 c signature v encryption. Log on KT1 trn Work Station, check mail MS Outlook.

21. Server poilcy - Mail box poilcyThc hin trn Server: To System policy container. To system policy Message Tracking. Cu hnh policy d tm v hin th thng tin

v message. p policy ln server Exchange. To mailbox store mi, t tn 6000KB Store Chuyn mailbox ca cc user KT3 v NS3 sang 6000KB Store To mailbox policy Mailbox Limit. Cu hnh policy hn ch dung lng

mailbox mc 6000KB v cm gi mail i khi mailbox t mc 5000KB. p policyln mailbox 6000KB

Thc hin trn WorkStation: Log on Administrator, gi mail km file dung lng 4000KB cho KT3 v NS3. Ln lt log on KT2 v NS2, gi mail km file dung lng 1000KB cho

Administrator. Log on Administrator, gi mail km file dung lng 1000KB cho KT3 v NS3. Ln lt log on KT2 v NS2, gi mail cho Administrator.Thc hin trn Server: D tm cc message c gi n Administrator.

22. Query-based distribution group Recipient poilcyThc hin trn Server: t thuc tnh Office cho cc user KT2 v NS2 l SaiGon Chuyn Operation mode ca server Exchange sang Native mode. To query-based distribution group: tn SaiGon; iu kin vn tin: Office Location

= SaiGon. Kim tra li danh sch thnh vin ca group SaiGon To recipient policy SaiGon Addr iu chnh a ch e-mail ca KT2 v NS2

thnh (user log on name) @ NhatNgheOpenLab.net

8/6/2019 BigLabV1

5/7




To recipient policy Mailbox Cleaning dn d p mail box ca cc user thucgroup SaiGon. Policy ny s chuyn cc message ln hn 5000KB v c hn 2 ngyvo folder Deleted Items. Lu nh km thng bo cho user.

Thc hin trn WorkStation: Log on KT2, dng MS Outlook gi mail n a ch [email protected].

Log on NS2 dng MS Outlook gi mail n a ch [email protected] kim tra tc ng ca policy SaiGon Addr.

Log on Administrator, gi mail km file dung lng 6000KB cho KT2 v NS2. Ln lt log on KT2 v NS2, dng MS Outlook check mail. Domain Administrator log on Server chnh ngy h thng tng ln 3 ngy so vi ngy

hin hnh. Start mailbox management process. Trn Work Station, log on Domain Administrator, ng b gi vi DC bng lnh:

NET TIME / SET / Y / DOMAIN: NHOMX.COM Ln lt log on KT2 v NS2, dng MS Outlook kim tra tc ng ca policy

Mailbox Cleaning

23. To public folder v phn quyn cho user.Thc hin trn Server: Log on Domain Administrator, to public folder Thong Bao Chung. Phn quyn trn Thong Bao Chung: Sp c quyn post bi, nhn vin c c. Post mt thng bo.Kim tra trn Work Station: Log on KT1, c v post bi ln Thong Bao Chung Log on KT2, c v post bi ln Thong Bao Chung

24. Cu hnh chn spam mail trn Exchange server (dng ORDB.org v Exchange IMF)25. SMTP connector

Thc hin trn Server: To SMTP connector: Restraint vi cc yu cu : Khng cho KT3 v NS3 gi mail ra internet. Cc message ln hn 5000KB chc chuyn ra internet trong khong t 10:00pm

n 6:00am. Cc message c dung lng hn 10000KB khng c gi ra internet.Kim tra trn Work Station: Log on KT3, xo ton b mail trong Inbox v trong Deleted Items, gi mail cho

contact HocVien. Log on KT2, gi mail cho contact HocVien, km file dung lng 6000KB Log on KT1, gi mail cho contact HocVien, km file dung lng 11000KBTrn Server, log on Domain Administrator, kho st Queued Message.

26. Backup Restore Administrator dng NTBACKUP sao lu mailbox store default. Gi lp hng mailbox: delete (v purge) mailbox ca user NS1. Kim tra: user NS1 check mail. Administrator phc hi mailbox cho user NS1. Kim tra: user NS1 check mail.

27. Ci v cu hnh ISA 2004 SP1 trn Firewall. Ci ISA 2004: Customize Installation: chn thm Firewall Client Installation Share. Internal Network: 192.168.1.0 192.168.1.200 Ci ISA service pack 1, restart my

8/6/2019 BigLabV1

6/7



Trang 6 / 7 LAB TNG HP CUI KHA MCSA

28. Trin khai MS Firewall Client trn Work Station.29. To trang web default trn Server.

Thc hin trn Server: To Alias www.NhomX.com tr v host Server To forward lookup zone: NhatNgheOpenLab.net To host record Mail.NhatNgheOpenLab.net tr v IP ca Server (to pointer tng

ng. To Mail Exchange record tr v host Mail.NhatNgheOpenLab.net To Alias www.NhatNgheOpenLab.net tr v host Mail.NhatNgheOpenLab.net To trang Web default (%systemroot% \ Inetpub \ wwwroot \ default.htm) ni dung:

Trang Web NhomX Trung Tam Nhat Nghe. Cu hnh ISA Server Internal Network truy cp domain NhomX.com khng thng

qua Firewall.Kim tra trn Work Station: Log on KT1 truy cp 2 a ch web va to.

30. Cu hnh secure web default vi a ch truy cp l HTTPS://www.NhatNgheOpenLab.net Xin Certificate cho Default Web Site. Lu khai bo common name:www.NhatNgheOpenLab.net. Trn Work Station: Log on KT1 truy cp HTTPS://www.NhatNgheOpenLab.net

31. Cu hnh secure OWA vi a ch truy cp l HTTP://Mail.NhatNgheOpenLab.net.Thc hin trn Server: dng console IIS: To Site Secured OWA c host header l Mail.NhatNgheOpenLab.net v redirect

v URL: HTTPS:// Mail.NhatNgheOpenLab.net/Exchange.Thc hin trn Server: dng console Exchange Server Management: chuyn cu hnh ngnhp OWA thnh form base.Kim tra trn Work Station: Log on KT2, dng Internet Explorer truy cp HTTP: // Mail.NhatNgheOpenLab.net. KT2 gi mail n a ch [email protected]. Log on NS2 dng Outlook Web Access (nh KT2) check mail.

32. Cu hnh access rule Server chc truy cp internet bng cc protocol DNS, HTTP, HTTPS, SMTP v

POP3. Work Station chc truy cp internet bng cc protocol HTTP v HTTPS. Mi user khng c ti v cc file *.exe v *.vbs. Cm user thng xem trang web www.ngoisao.net. Khi user truy cp vo trang web

ny th redirect v trang web ni b. Cc user thng chc xem trang web www.vnexpress.net trong gilm vic. Khi

user truy cp m

t trang web khc th redirect v

www.vnexpress.net. Cc user thng ch c xem mi trang web (ngoi tr www.ngoisao.net) trong

khong thi gian t 11:30am n 01:00pm. User Administrator v cc user Sp c truy cp mi trang web vo mi thi im.

33. Publish secure web www.NhatNgheOpenLab.net v secure Outlook Web AccessMail.NhatNgheOpenLab.net t ngoi internet c th truy cp c. Dng PC Test kim tra.

Thc hin trn Firewall: Cu hnh system policy cho php ISA server truy c p vo allowed site:

*.NhomX.com

8/6/2019 BigLabV1

7/7




Xin certificate cho ISA server: Truy cp HTTP : // Server.NhomX.com / certsrv. Lu khai bo name: www.NhatNgheOpenLab.net

Publish Secure Web. Publish Secure OWA. Ci v chy chng trnh Ducsetup.exe c p nht IP public (E-mail Add.:

[email protected], password: ). Lu chn cc host c p nht:NhatNgheOpenLab.net, www.NhatNgheOpenLab.net v Mail.NhatNgheOpenLab.net

Thc hin trn PC Test : truy cp cc a ch : HTTPS : // www.NhatNgheOpenLab.net vHTTP: // Mail.NhatNgheOpenLab.net

34. Cu hnh VPN client to gateway trn Firewall thng qua DSL router. Dng PC Test thkt ni.

-- --

Documents

BigLabV1