100% Real Microsoft 70-668 Exam Questions & Answers, Accurate & Verified By IT Experts
Instant Download, Free Fast Updates, 99.6% Pass Rate
Microsoft 70-668 Practice Test Questions in VCE Format
Archived VCE files
| File | Votes | Size | Date |
|---|---|---|---|
File Microsoft.Certkey.70-668.v2011-11-22.by.Willem.134q.vce |
Votes 2 |
Size 27.1 MB |
Date Nov 22, 2011 |
File Microsoft.Passguide.70-668.v2011-03-07.by.Burgos.125q.vce |
Votes 1 |
Size 24.71 MB |
Date Mar 14, 2011 |
File Microsoft.Passguide.70-668.v20110-02-03.by.Dizzlin.125q.vce |
Votes 1 |
Size 24.62 MB |
Date Feb 03, 2011 |
File Microsoft.Test4pass.70-668.v2010-12-03.by.vs2010junkie.125q.vce |
Votes 1 |
Size 24.62 MB |
Date Dec 05, 2010 |
File Microsoft.Passguide.70-668.v2010-09-09.by.TranVo.125q.vce |
Votes 1 |
Size 596.15 KB |
Date Sep 12, 2010 |
Microsoft 70-668 Practice Test Questions, Exam Dumps
Microsoft 70-668 (PRO: Microsoft SharePoint 2010, Administrator) exam dumps vce, practice test questions, study guide & video training course to study and pass quickly and easily. Microsoft 70-668 PRO: Microsoft SharePoint 2010, Administrator exam dumps & practice test questions and answers. You need avanset vce exam simulator in order to study the Microsoft 70-668 certification exam dumps & Microsoft 70-668 practice test questions in vce format.
Welcome to the first installment of our in-depth series dedicated to preparing you for the Microsoft 70-668 Exam, PRO: SharePoint 2010, Administrator. This certification validates the skills and knowledge required for IT professionals to install, configure, deploy, and manage SharePoint Server 2010 in a variety of business environments. Passing this exam demonstrates your expertise in handling the day-to-day operations of a SharePoint farm, including its maintenance, security, and monitoring. This series is designed to be a comprehensive guide, breaking down the complex topics of the exam into manageable and understandable segments.
Throughout this five-part journey, we will explore the core competencies measured by the 70-668 Exam. We will begin with the fundamentals of SharePoint 2010 architecture, installation, and initial farm configuration. Subsequent parts will delve into the intricacies of service applications, which form the functional heart of SharePoint. We will then cover the critical aspects of maintenance, monitoring, and implementing robust backup and recovery strategies. Following that, we will navigate the multi-layered security model, and finally, we will discuss the deployment of solutions and the process of upgrading to SharePoint 2010, ensuring you have a holistic understanding of the subject matter.
The 70-668 Exam is specifically targeted at experienced IT professionals who are responsible for the administration of SharePoint 2010. The ideal candidate typically has at least one year of hands-on experience with the product. The exam does not just test theoretical knowledge; it heavily emphasizes practical skills in real-world scenarios. It assesses your ability to plan a SharePoint topology, install and configure the necessary prerequisites, and build a functioning farm from the ground up. This includes a deep understanding of how different server roles interact within the farm.
Furthermore, the examination delves into the configuration of core platform services that provide functionality to end-users. This includes managing web applications, site collections, and the powerful service application architecture. A successful test-taker must prove their proficiency in configuring services like Search, User Profiles, and Managed Metadata. The exam also covers business continuity, requiring candidates to demonstrate competence in creating and executing backup and restore plans. Essentially, it covers the entire lifecycle of a SharePoint environment from an administrator's perspective, making it a thorough test of your capabilities as a SharePoint professional.
Before diving into installation and configuration, it is crucial to understand the fundamental architecture of SharePoint 2010. A SharePoint deployment is known as a "farm," which consists of one or more servers working together to provide SharePoint services. These servers are categorized into specific roles to distribute the workload efficiently. The three primary server roles are Web Front-End (WFE), Application Server, and Database Server. The WFE server is responsible for handling user requests, rendering web pages, and serving content. It runs the Microsoft Internet Information Services (IIS) web server.
The Application Server role is dedicated to running the various service applications that provide the core functionality of SharePoint. These services can include search indexing, user profile management, and Excel calculation services. By offloading these tasks to dedicated application servers, the WFE servers can remain responsive to user requests. Finally, the Database Server, running Microsoft SQL Server, is the backbone of the farm. It stores all the content, configuration data, and service application data. The topology of your farm—whether it is a small, medium, or large deployment—will determine the number of servers and how these roles are distributed among them.
A successful SharePoint 2010 installation begins with ensuring all prerequisites are met. The 70-668 Exam expects you to know these requirements thoroughly. On the hardware side, SharePoint 2010 requires a 64-bit processor and a significant amount of RAM, typically starting at 8 GB for a single-server farm and increasing with the size and complexity of the deployment. Sufficient disk space is also critical, not only for the SharePoint installation files but also for log files and the search index, which can grow quite large over time.
On the software side, the operating system must be a 64-bit version of Windows Server 2008 or Windows Server 2008 R2. The database server must be a 64-bit edition of Microsoft SQL Server 2008 or later. SharePoint also has several other software dependencies, including specific versions of the .NET Framework, IIS roles, and Windows PowerShell. Fortunately, SharePoint 2010 includes a Prerequisite Installer tool that can automatically detect, download, and install most of these required components. Running this tool is the first practical step in any SharePoint installation process.
Once all prerequisites are in place, you can proceed with the actual installation of SharePoint Server 2010. The process is initiated by running the setup executable from the installation media. You will be prompted to enter your product key, accept the license terms, and then choose the type of installation. For a farm environment, you will select the "Server Farm" option. This choice allows you to specify the role of the server you are currently installing, such as a complete installation or a standalone installation. A "Complete" install provides the flexibility to later configure the server for any role.
During the installation process, you will specify the file location for the installation binaries and the search index. It is a best practice to install these on a non-system drive to optimize performance and simplify management. After the setup program finishes copying the necessary files, the installation phase is complete. However, the farm is not yet functional. The next crucial step is to run the SharePoint Products Configuration Wizard, which will create the configuration database, install necessary services, and configure the initial components of your new SharePoint farm. This wizard is a central part of the 70-668 Exam curriculum.
The SharePoint Products Configuration Wizard is the tool that breathes life into a SharePoint installation. After the binaries are laid down on each server in the farm, this wizard must be run. On the first server, you will choose to create a new server farm. This process involves specifying a database server and a name for the configuration database. SharePoint will use this database to store all settings and configuration details for the entire farm. You will also need to provide a passphrase, which is used to secure the farm's configuration data and is required when adding other servers to the farm.
On subsequent servers that you wish to add to the farm, you will run the same wizard but choose the option to "Connect to an existing server farm." You will be prompted to provide the database server name and the passphrase you created earlier. This action registers the new server with the farm, allowing it to access the shared configuration database and participate in providing SharePoint services. Running this wizard successfully on all servers is a critical step in establishing a multi-server farm, a common scenario covered in the 70-668 Exam.
After the configuration wizard completes, you will be taken to the SharePoint Central Administration website. This is the primary hub for managing and configuring your entire SharePoint farm. One of the first tasks you should perform is to configure the service and managed accounts. SharePoint uses various service accounts to run application pools, services, and perform administrative tasks. The 70-668 Exam stresses the importance of following the principle of least privilege, meaning each account should only have the permissions necessary to perform its specific function.
SharePoint 2010 introduced the concept of managed accounts, which allows you to register your service accounts within SharePoint. This enables SharePoint to manage the passwords for these accounts automatically, enhancing security and reducing administrative overhead. From Central Administration, you can register new managed accounts and associate them with different services. Properly configuring these accounts from the outset is a foundational best practice for building a secure and stable SharePoint environment, and a key topic you will need to master for the exam.
With the basic farm configured, the next step is to create a web application. A web application is essentially an IIS website that acts as a container for all your SharePoint sites. It is the top-level entity that users will access. Creating a web application is done through Central Administration, where you will define several important settings. You will need to specify the IIS port and optional host header, the authentication provider, and the application pool that the website will run under.
A critical decision during web application creation is the choice of authentication method. SharePoint 2010 offers Classic Mode and the more flexible Claims-Based Authentication. Claims-based is the recommended approach as it supports a wider variety of identity providers, including Windows authentication, forms-based authentication, and trusted identity providers like ADFS. You will also specify the name of the content database that will be created to store all the data for the sites within this web application. Understanding the implications of each of these settings is vital for the 70-668 Exam.
Once a web application is in place, you can create one or more site collections within it. A site collection is a hierarchical group of sites that share a common owner and administrative settings, such as quotas and features. Each web application has at least one root site collection. When creating a site collection, you must select a site template, which defines the initial structure and content of the top-level site. SharePoint offers various templates, such as Team Site, Publishing Portal, and Enterprise Wiki, each tailored to a specific purpose.
Within Central Administration, you can manage all aspects of your site collections. This includes setting storage quotas to prevent a single site collection from consuming excessive disk space on the content database. You can also define the primary and secondary site collection administrators, who have full control over all content and settings within that collection. Understanding the distinction between a web application and a site collection, and knowing how to create and manage these containers, is a fundamental skill for any SharePoint administrator and a core objective of the 70-668 Exam.
Following our introduction to SharePoint 2010 architecture and installation, this second part of our series for the 70-668 Exam focuses on the powerful and flexible service application framework. This architecture represents a significant evolution from the Shared Services Provider (SSP) model used in previous versions of SharePoint. Understanding how to provision, configure, and manage these services is not just a major component of the exam; it is a fundamental skill for any competent SharePoint administrator. These services provide the core functionality that users interact with daily, from search to social features.
In this installment, we will dissect the most critical service applications you are expected to master. We will begin with an overview of the architecture itself, explaining how services can be shared across different web applications and even across farms. We will then provide detailed guidance on configuring essential services like the Managed Metadata Service for enterprise taxonomy, the User Profile Service for social computing and personalization, and the Search Service for content discovery. We will also cover Business Connectivity Services and the Secure Store Service, which are vital for integrating external data.
The service application architecture in SharePoint 2010 was a game-changer, providing unprecedented flexibility. Unlike the monolithic SSP model, this new framework allows administrators to deploy and configure individual services independently. Each service application runs in its own process, ensuring that an issue with one service does not impact the others. This modularity also means you only need to provision the services your organization actually requires, leading to more efficient resource utilization. A key concept to grasp for the 70-668 Exam is that a service application consists of the service itself and a corresponding database.
To make a service available to users, a web application must connect to it. This connection is managed through a service application proxy. When you create a service application, a proxy is typically created along with it. Administrators can then associate these proxies with specific web applications. This allows for scenarios where, for example, one web application uses a particular Search service instance while another web application uses a completely different one. This level of granularity in service provisioning is a core theme you will encounter in exam questions related to farm topology and configuration.
The Managed Metadata Service is a cornerstone of content management in SharePoint 2010 and a key topic for the 70-668 Exam. It provides a centralized way to manage enterprise-wide taxonomies and folksonomies. This service enables you to create and manage term sets, which are hierarchical collections of terms that can be used as metadata for content across the entire farm. This ensures consistency in tagging and makes it easier for users to find and organize information. To provision this service, you use Central Administration or PowerShell.
The configuration process involves creating a new Managed Metadata Service Application. During this process, you will specify a name for the service, the application pool it will run under, and a name for its dedicated database. Once the service is created, you can access the Term Store Management Tool from Central Administration. This is where you will define your term groups, term sets, and individual terms. You will also configure permissions, delegating the management of specific term sets to different business groups, empowering them to manage their own vocabularies within the enterprise framework.
The User Profile Service Application, or UPS, is arguably one of the most complex yet powerful services in SharePoint 2010. It is central to the platform's social computing features, such as My Sites, tagging, and newsfeeds. The 70-668 Exam places a strong emphasis on your ability to configure it correctly. The primary function of UPS is to aggregate user profile information from various business systems, most commonly Active Directory Domain Services. This process is known as profile synchronization.
Setting up UPS involves creating the service application and its three associated databases: Profile, Social, and Sync. After provisioning, the most critical task is configuring a synchronization connection. This involves specifying the source directory, such as an Active Directory forest, and providing credentials with the necessary "Replicating Directory Changes" permissions. You can then map attributes from Active Directory to properties in the SharePoint user profile. Finally, you initiate a full synchronization to import the profiles. Troubleshooting synchronization failures is a common real-world task and a likely scenario on the exam.
Effective search is critical to the success of any SharePoint implementation, and the 70-668 Exam requires a deep understanding of its configuration. The Search Service Application in SharePoint 2010 is responsible for crawling content and building an index to provide fast and relevant search results. The architecture consists of several components, including crawl components, query components, and property and administration databases. Configuring this service starts with creating the Search Service Application from Central Administration.
Once the service is provisioned, the main administrative task is to configure content sources. A content source defines a starting location for the search crawler, such as the local SharePoint farm, a file share, or an external website. For each content source, you must create crawl schedules to specify how frequently the content should be indexed. You can create full crawl schedules for initial indexing and incremental crawl schedules for picking up changes. You also need to manage crawl rules to include or exclude specific paths, and define server name mappings for environments with alternate access mappings.
Business Connectivity Services, or BCS, allows SharePoint to connect to and interact with data from external systems, such as databases, web services, and line-of-business applications. This enables you to surface external data within SharePoint lists, user profiles, and search results. The 70-668 Exam will test your ability to configure the necessary components to make this happen. The core of BCS is the External Content Type (ECT), which defines the schema and data access methods for the external system.
While ECTs are often created by developers or power users with tools like SharePoint Designer, the administrator's role is to configure the BCS service application itself. This involves creating the service application and its database from Central Administration. You must also manage permissions for the metadata store, which controls who can create and execute ECTs. A crucial related service is the Secure Store Service, which is used to securely store credentials required to access the external systems, a topic we will cover next.
The Secure Store Service is a critical companion to services like BCS and Excel Services that need to access external data sources. It provides a secure database for storing credentials and mapping them to users or groups. Instead of embedding connection strings with passwords in your external content types, you can reference a target application within the Secure Store. This is a much more secure and manageable approach, and the 70-668 Exam expects you to know how to configure it.
The first step is to create the Secure Store Service Application. This process includes generating a new encryption key, which is used to protect the credentials stored in its database. You will be required to back up this key securely. After the service is running, you can create target applications. A target application represents the external system you need to connect to. When creating it, you define the fields for the credentials (e.g., User ID and Password) and specify whether the credential mapping is one-to-one (individual) or many-to-one (group).
Beyond the major services we have discussed, SharePoint 2010 offers several other service applications that you should be familiar with for the 70-668 Exam. Excel Services enables users to view and interact with Excel workbooks in a browser without needing the Excel client. Its configuration involves setting up trusted file locations and data connection libraries. Word Automation Services provides capabilities for server-side document conversion, allowing you to automate tasks like converting Word documents to PDF format.
PerformancePoint Services is a business intelligence service that allows you to create and host interactive dashboards with scorecards and reports. Visio Services allows for the rendering of Visio diagrams in the browser. While you may not need to know the intricate details of each, you should understand their purpose, how to create the service application, and how to manage their basic settings from Central Administration. Knowing which service provides which functionality is a key part of the exam's scope.
A unique feature of the service application architecture is how web applications connect to them. This is managed through service application associations, often referred to as proxy groups. By default, every web application is associated with a single "default" proxy group. When you provision a new service application and choose to add its proxy to the default group, it immediately becomes available to all web applications using that group. This simplifies administration in most common scenarios.
However, the 70-668 Exam will test your understanding of more complex scenarios. You can create custom proxy groups in Central Administration. A custom group can contain a specific subset of service application proxies. You can then associate a particular web application with this custom group. This allows you to create isolated environments where one web application consumes a different set of services than another. For example, you could have a separate, dedicated Search service for a specific department's portal, completely isolated from the general enterprise search.
Having established a SharePoint 2010 farm and configured its core service applications, our focus now shifts to the ongoing operational tasks that ensure the environment remains healthy, performant, and reliable. This third part of our series for the 70-668 Exam delves into the critical domains of maintenance and monitoring. Proactive administration is key to preventing outages and degradation of service. The exam thoroughly tests your knowledge of the tools and best practices required to keep a SharePoint farm running smoothly, making this a crucial area of study for any aspiring certified administrator.
In this section, we will explore the built-in health and monitoring capabilities of SharePoint 2010. We will cover the SharePoint Health Analyzer, which acts as an early warning system for potential issues. We will also discuss the configuration of usage and diagnostic logging to capture valuable data for troubleshooting and analysis. Furthermore, we will examine the implementation of robust backup and restore strategies, a non-negotiable skill for any administrator. Finally, we will touch upon performance monitoring and how to manage resources like quotas to maintain a stable environment for all users.
The SharePoint Health Analyzer is a powerful, built-in tool designed to help administrators identify and resolve potential problems within the farm. It is a fundamental component you must understand for the 70-668 Exam. The Health Analyzer operates by running a series of predefined health rules on a scheduled basis. These rules check for a wide range of issues related to security, performance, configuration, and availability. For example, a rule might check if the farm's service accounts have the correct permissions or if a server is running low on disk space.
When a rule detects a problem, it generates a health report that is displayed in Central Administration. Each report provides a detailed explanation of the issue, highlights its severity, and often includes a link to an article with step-by-step instructions on how to resolve it. The Health Analyzer not only helps you fix existing problems but also teaches you best practices for SharePoint configuration. As an administrator, your routine should include regularly reviewing these reports and taking corrective action to maintain the overall health of your farm.
To effectively monitor and analyze your SharePoint environment, you need to collect data about its usage and performance. SharePoint 2010 provides a centralized service for this purpose, known as the Usage and Health Data Collection service application. This service gathers a vast amount of information, such as which sites are being visited, which features are being used, page load times, and system performance counters. This data is written to a central logging database, which you must create and configure. This is a key administrative task covered in the 70-668 Exam.
In Central Administration, you can configure which specific events you want to log. For example, you can enable logging for page requests, search queries, and timer job executions. You can also configure the schedule for data collection and the retention period for the log data to manage the growth of the logging database. The collected data can be used to generate administrative reports on site usage and search activity, providing valuable insights into how your SharePoint platform is being utilized and helping you identify potential performance bottlenecks.
Timer jobs are the workhorses of SharePoint administration, performing countless scheduled background tasks necessary for the farm's operation. They handle everything from running Health Analyzer rules and processing user profile synchronizations to cleaning up log files and rolling over usage data. The 70-668 Exam expects you to understand what timer jobs are and how to manage them. You can view the status of all timer jobs in the farm through Central Administration, under the Monitoring section.
The "Job Definitions" page lists every available timer job, while the "Running Jobs" page shows which jobs are currently executing. From here, you can see their schedule, last run time, and status. While most timer jobs are configured to run on an optimal schedule by default, there are times when you may need to manually intervene. For instance, after applying a patch or performing a major configuration change, you might need to run a specific timer job immediately rather than waiting for its next scheduled run. Understanding this process is crucial for effective farm management.
When troubleshooting complex issues in SharePoint, the Unified Logging Service (ULS) logs are often your most valuable resource. These are detailed, event-by-event text files that capture diagnostic information from every component of SharePoint. The 70-668 Exam will test your ability to configure and manage this logging. From Central Administration, you can control various aspects of ULS logging for the entire farm. You can specify the path where the log files are stored, which should ideally be on a separate, high-performance disk drive to avoid impacting system performance.
You can also control the verbosity of the logs. For each category of events, such as "General" or "Search", you can set a logging level for both the event log and the trace log. Levels range from "Unexpected" (logging only critical errors) to "Verbose" (logging detailed diagnostic information). While running in Verbose mode can be helpful for deep troubleshooting, it generates a massive amount of data and should only be used for short periods. Knowing how to adjust these levels to capture the right information without overwhelming the system is a key administrative skill.
No topic is more critical to a SharePoint administrator than backup and restore. The ability to recover from data loss or system failure is paramount, and the 70-668 Exam dedicates a significant portion to this objective. SharePoint 2010 provides several tools and methods for backing up your environment. The most comprehensive option is the farm backup, which can be initiated from Central Administration or using PowerShell. A farm backup creates a complete copy of the farm's configuration and all its content databases.
While a full farm backup is essential for disaster recovery, it may not be the most efficient option for all scenarios. SharePoint also provides more granular backup options. You can perform a site collection backup, which is useful if you only need to protect or move a specific collection of sites. For even more specific needs, you can use the export functionality to back up an individual site, list, or library. A sound backup strategy often involves a combination of these methods, such as daily granular backups and weekly full farm backups, to meet your organization's specific recovery point objectives.
Having a backup is useless if you do not know how to restore it. The 70-668 Exam will test your knowledge of the various restore processes. A full farm restore is typically used in a disaster recovery scenario to rebuild the entire farm. This requires a new set of servers with SharePoint installed, and then you can use the recovery tools to apply the backup. For more common requests, such as restoring an accidentally deleted site collection, you would use the site collection restore functionality.
SharePoint 2010 also introduced the Recycle Bin with two stages, which can handle many simple recovery needs without administrator intervention. Users can restore items they delete from the first-stage Recycle Bin. If an item is deleted from there, it moves to the second-stage Recycle Bin, which only site collection administrators can access. For restoring specific content from a database backup without performing a full restore, you can use an unattached content database recovery. This feature allows you to browse the content of a backup and export the specific site, list, or library you need.
Disaster recovery planning goes beyond simple backup and restore operations. It involves creating a comprehensive strategy to ensure business continuity in the event of a catastrophic failure of your primary data center. The 70-668 Exam touches on the high-level concepts you need to consider. A common disaster recovery strategy involves maintaining a standby or "warm" farm in a secondary location. This standby farm would have SharePoint installed and configured but would not be actively serving users.
To keep the standby farm up to date, you can use techniques like SQL Server log shipping. This process automatically backs up the transaction logs from the primary farm's databases and restores them to the standby farm's SQL Server instance. In the event of a disaster, you can bring the standby databases online, point DNS records to the standby farm's servers, and resume service. While setting this up is complex, understanding the concept and its role in a business continuity plan is important for the exam.
Maintaining optimal performance is an ongoing task for a SharePoint administrator. You should regularly monitor key performance indicators (KPIs) to identify potential bottlenecks before they impact users. The Windows Performance Monitor (PerfMon) is the primary tool for this. You should monitor counters related to CPU, memory, and disk I/O on all your SharePoint and SQL servers. There are also specific SharePoint performance counters that can provide insight into things like page request times and the health of the search service.
Another aspect of performance and resource management is controlling content growth. SharePoint allows you to set quotas on site collections to limit the amount of storage they can consume. This prevents a single team's site from filling up the content database and impacting everyone else. You can also set warning thresholds to notify site collection administrators when they are approaching their limit. Regularly reviewing storage metrics and adjusting quotas as needed is a routine but important maintenance task that the 70-668 Exam may cover.
Welcome to the fourth part of our comprehensive guide for the 70-668 Exam. So far, we have built our SharePoint 2010 farm, configured its services, and established a robust maintenance and monitoring plan. Now, we turn to one of the most critical aspects of any enterprise platform: security. A SharePoint administrator is the gatekeeper of the organization's collaborative data, and as such, must have a deep understanding of how to secure the environment at every level. The exam places a heavy emphasis on your ability to configure authentication, manage authorization, and implement security best practices.
This installment will serve as your detailed guide to the multifaceted security model of SharePoint 2010. We will begin by exploring the fundamental shift from classic to claims-based authentication, a core concept in this version of the product. We will then break down the layers of authorization, from securing the farm itself with service accounts and administrative roles, to managing permissions for users and groups at the site collection, site, and item levels. We will also cover tools like web application policies and auditing that provide further layers of control and oversight.
SharePoint 2010 introduced a significant change in how it handles user authentication. While it still supports the "Classic Mode" authentication found in previous versions, the new and preferred method is "Claims-Based Authentication." The 70-668 Exam requires you to understand the differences and benefits of the claims model. Classic mode is limited to Windows-based identity stores like Active Directory. In contrast, claims-based authentication is a far more flexible and extensible framework that can work with a wide variety of identity providers.
In a claims-based model, a user presents an identity provider with credentials, and in return, receives a security token containing a set of "claims." A claim is a statement about the user, such as their name, email address, or group membership. SharePoint then trusts the identity provider and uses these claims to grant the user access. This decoupling of SharePoint from the identity store allows it to easily integrate with systems like Forms-Based Authentication (FBA) using an SQL database, or with external identity providers using standards like SAML, making it a much more powerful option for modern enterprises.
Given that claims-based authentication is the strategic direction, you must know how to configure it for the 70-668 Exam. When you create a new web application in Central Administration, you will choose between Classic and Claims. If you select Claims, you must then specify which authentication types you want to enable for that web application. You can enable Windows authentication, which will convert Windows security identifiers into claims. This is the most common configuration for internal corporate environments.
You can also enable Forms-Based Authentication (FBA). This requires you to have an underlying membership and role provider, typically based on ASP.NET and a SQL database, where user credentials are stored. You will need to edit the web.config files for your web application and Central Administration to point to your configured providers. Finally, you can configure a trusted identity provider, which involves establishing a trust relationship with a Security Token Service (STS), like Active Directory Federation Services (ADFS), to enable single sign-on scenarios with partner organizations.
Security starts at the farm level. The 70-668 Exam will test your knowledge of securing the core infrastructure. A key principle is the concept of least privilege for service accounts. Each service in SharePoint, from the farm account itself to application pool identities, should run under a dedicated account that has only the specific permissions it needs to function. For example, the account used for crawling content should not be a farm administrator. This compartmentalization limits the potential damage if any single account is compromised.
To simplify the management of these numerous accounts, SharePoint 2010 introduced Managed Accounts. This feature allows you to register your service accounts within SharePoint. Once an account is registered, SharePoint can be configured to automatically change its password on a schedule you define. SharePoint will update the password in Active Directory and then propagate that change to all the services within the farm that use the account. This greatly enhances security by automating password rotation, a task that was difficult and error-prone to perform manually in previous versions.
Once a user is authenticated, the next step is authorization: determining what they are allowed to do. SharePoint's primary mechanism for this is a combination of SharePoint Groups and Permission Levels. A Permission Level is a named collection of specific rights, such as "View Items," "Add Items," or "Delete Items." SharePoint comes with several default permission levels like Read, Contribute, and Full Control. For the 70-668 Exam, you should also know that you can create custom permission levels to meet specific business requirements.
Instead of assigning these permission levels directly to individual users, the best practice is to assign them to SharePoint Groups. A SharePoint Group is a collection of users. By default, each site has groups for Owners, Members, and Visitors. You can then add Active Directory groups or individual users to these SharePoint Groups. This approach dramatically simplifies permission management. When a new person joins a team, you simply add them to the appropriate group, and they instantly inherit all the correct permissions throughout the site.
SharePoint uses a hierarchical permission model. By default, a subsite inherits all its permissions from its parent site. Likewise, lists and libraries inherit their permissions from the site they are in, and folders and items inherit from their parent list or library. This inheritance model is efficient and easy to manage for most use cases. However, there are often business needs to secure specific content for a more limited audience. This is achieved by breaking permission inheritance.
When you break inheritance on an object, such as a specific document library or even a single file, you create a unique set of permissions for it. You can then remove the inherited groups and grant permissions to a different set of users or groups. While this provides granular control, the 70-668 Exam expects you to understand the potential performance implications. Every uniquely secured item adds an entry to the access control list in the database. Overuse of fine-grained permissions can lead to slower page load times and is generally discouraged.
There are certain scenarios where you need to grant a user or group specific permissions across an entire web application, regardless of the permissions on individual site collections or sites. This is where Web Application User Policies come in. A user policy allows a farm administrator to grant permissions that effectively override all other security settings within that web application. This tool is powerful and should be used sparingly, a point the 70-668 Exam may test.
A common use case for a web application policy is for the search crawler account. To ensure the search service can index all content, you can create a policy that gives its service account "Full Read" access to the entire web application. This guarantees that the crawler can read everything without you needing to add the account to every single site collection. Another use case might be for an auditor who needs read-only access to all content for compliance purposes.
To maintain a secure environment, it is not enough to just set permissions; you also need to be able to track who is doing what. SharePoint 2010 provides a robust auditing framework to meet this need. Auditing can be configured at the site collection level. A site collection administrator can choose which specific events to audit. These events include actions like viewing or downloading documents, editing items, changing permissions, and deleting content.
Once auditing is enabled, SharePoint records these events in an audit log stored within the content database. You can then generate audit log reports from the Site Settings page to view this data. These reports can help you investigate a security incident, monitor for inappropriate access, or provide documentation for regulatory compliance. The 70-668 Exam expects you to know how to enable and configure these audit settings and how to access the resulting reports as part of a comprehensive security strategy.
When you use Business Connectivity Services (BCS) to surface data from external systems, you introduce another layer of security that must be managed. The 70-668 Exam will expect you to be familiar with this. Security for BCS operates at two main levels. First, you must secure the External Content Type (ECT) itself. This is done in the BCS metadata store, where you can grant users or groups permissions to execute the operations defined in the ECT, such as "Read List" or "Update Item."
The second level of security relates to the external system itself. BCS must provide credentials to the back-end data source to be authenticated. As we discussed in Part 2, this should be handled by the Secure Store Service (SSS). You can configure your ECT to use a Secure Store target application. This allows SharePoint to pass the appropriate credentials to the external system on behalf of the user, without the user ever knowing what those credentials are. This two-pronged approach ensures that access is controlled both within SharePoint and at the data source.
Welcome to the fifth and final part of our in-depth series preparing you for the 70-668 Exam. We have journeyed from the initial installation and configuration of a SharePoint 2010 farm, through the complexities of service applications, the rigors of maintenance and monitoring, and the critical layers of security. In this concluding installment, we will address the lifecycle management of a SharePoint environment. This includes deploying customizations that extend its functionality and the essential processes of patching, updating, and upgrading the platform itself. These are advanced administrative tasks that are core to the 70-668 Exam objectives.
This section will equip you with the knowledge to manage change within your SharePoint farm effectively. We will start by exploring the SharePoint solution framework, differentiating between farm solutions and the more isolated sandboxed solutions. We will cover the steps for deploying and managing these solutions and their associated features. Then, we will shift our focus to platform updates, detailing the correct procedures for applying cumulative updates and service packs. Finally, we will walk through the planning and execution of an upgrade to SharePoint 2010 from a previous version, focusing on the highly recommended database attach method.
Our five-part journey through the curriculum of the 70-668 Exam is now complete. We have covered the entire lifecycle of SharePoint 2010 administration, from the initial build and configuration to ongoing maintenance, security management, and finally, the deployment of customizations and platform upgrades. By understanding the solution framework, the proper patching procedures, and the database attach upgrade method, you have covered the final major objectives required to prove your expertise as a SharePoint 2010 administrator.
To succeed on the 70-668 Exam, combine the knowledge from this series with hands-on practice. Build a lab environment and work through these scenarios yourself. Install a farm, configure service applications, perform backups, manage permissions, deploy solutions, and if possible, run through a practice upgrade. This practical experience will solidify your understanding and give you the confidence you need to earn your certification. Good luck with your studies and your exam.
Go to testing centre with ease on our mind when you use Microsoft 70-668 vce exam dumps, practice test questions and answers. Microsoft 70-668 PRO: Microsoft SharePoint 2010, Administrator certification practice test questions and answers, study guide, exam dumps and video training course in vce format to help you study with ease. Prepare with confidence and study using Microsoft 70-668 exam dumps & practice test questions and answers vce from ExamCollection.
Top Microsoft Certification Exams
Site Search:
SPECIAL OFFER: GET 10% OFF
Pass your Exam with ExamCollection's PREMIUM files!
SPECIAL OFFER: GET 10% OFF
Use Discount Code:
MIN10OFF
A confirmation link was sent to your e-mail.
Please check your mailbox for a message from support@examcollection.com and follow the directions.
Download Free Demo of VCE Exam Simulator
Experience Avanset VCE Exam Simulator for yourself.
Simply submit your e-mail address below to get started with our interactive software demo of your free trial.