Planning network and application
services (23 percent)
- Plan for name resolution and
IP addressing.
May include but is not limited to: internal and external naming
strategy, naming resolution support for legacy clients, naming
resolution for directory services, IP addressing scheme, TCP/IP version
coexistence
- Design for network access.
May include but is not limited to: network access policies, remote
access strategy, perimeter networks, server and domain isolation
- Plan for application
delivery. May include but is not
limited to: application virtualization, presentation virtualization,
locally installed software, Web-based applications
- Plan for Remote
Desktop Services. May include but is not limited to: Terminal
Services licensing, Remote Desktop Services infrastructure
Designing core identity and access
management components (25 percent)
- Design Active Directory
forests and domains. May include but is not limited to: forest
structure, forest and domain functional levels, intra-organizational
authorization and authentication, schema modifications
- Design the Active Directory
physical topology. May include but is not limited to: placement of
servers, site and replication topology, printer location policies
- Design the Active Directory
administrative model. May include but is not limited to: delegation,
group strategy, compliance auditing, group administration,
organizational structure
- Design the enterprise-level
group policy strategy. May include but is not limited to: group policy
hierarchy and scope filtering, control device installation,
authentication and authorization
Designing support identity and
access management components (29 percent)
- Plan for domain or forest
migration, upgrade, and restructuring. May include but is not
limited to: cross-forest authentication, backward compatibility, object
migration, migration planning, implementation planning, environment
preparation
- Design the branch office
deployment. May include but is not limited to: authentication strategy,
server security
- Design and implement public
key infrastructure. May include but is not limited to: certificate
services, PKI operations and maintenance, certificate life cycle
management
- Plan for interoperability. May include but is not
limited to: inter-organizational authorization and authentication,
application authentication interoperability, cross-platform
interoperability
Designing for business continuity
and data availability (23 percent)
- Plan for business continuity. May include but is not
limited to: service availability, directory service recovery
- Design for software updates
and compliance management. May include but is not limited to: patch
management and patch management compliance, Microsoft Update and Windows
Update, security baselines, system health models
- Design the operating system
virtualization strategy. May include but is not limited to: server
consolidation, application compatibility, virtualization management,
placement of servers
- Design for data management
and data access. May include but is not limited to: data security, data
accessibility and redundancy, data collaboration
|