Cbt Nugget 70-411 Chapter 11

```markdown

Cbt Nugget 70-411 Chapter 11: How to Configure and Manage File Servers

If you are preparing for the Microsoft 70-411 exam, which covers the administration of Windows Server 2012 R2, you need to master the topic of file servers. File servers are essential for storing and sharing data across a network, and they require careful configuration and management to ensure security, performance, and reliability.

In this article, we will summarize the main points of Cbt Nugget 70-411 Chapter 11, which is a video course by James Conrad that teaches you how to configure and manage file servers in Windows Server 2012 R2. You will learn how to:

Create and configure file shares

Implement file access auditing

Configure file screening and storage reports

Enable and configure BranchCache

Configure DFS namespaces and replication

By the end of this article, you will have a solid understanding of the concepts and skills required to pass the 70-411 exam and become a certified Windows Server administrator. Let's get started!

Create and Configure File Shares

A file share is a folder on a server that can be accessed by other users or computers over a network. File shares allow you to store and share data easily and efficiently. To create a file share in Windows Server 2012 R2, you can use the Server Manager, the File and Storage Services role, or the New-SmbShare PowerShell cmdlet.

When you create a file share, you need to configure some settings such as:

The name and path of the share

The type of share (SMB or NFS)

The encryption level (default or AES)

The caching mode (manual or automatic)

The access permissions (share and NTFS)

You can also enable advanced features such as access-based enumeration, which hides files and folders that users do not have permission to access, or offline availability, which allows users to access files even when they are not connected to the network.

To manage file shares, you can use the Server Manager, the File Server Resource Manager (FSRM), or the PowerShell cmdlets for SMB and NFS. You can perform tasks such as modifying share properties, deleting shares, or viewing share sessions and open files.

Implement File Access Auditing

File access auditing is a feature that allows you to track and record who accesses what files and folders on your file servers. This can help you monitor user activity, detect unauthorized access, or comply with security policies and regulations.

To implement file access auditing in Windows Server 2012 R2, you need to follow these steps:

Enable the Audit File System policy in the Local Group Policy Editor or the Group Policy Management Console.

Configure the audit settings on the files and folders that you want to audit. You can specify which users or groups and which actions (read, write, delete, etc.) you want to audit.

View the audit events in the Security log of the Event Viewer or use the Get-WinEvent PowerShell cmdlet.

You can also use FSRM to create file access audit reports that summarize the audit events in a graphical or tabular format. You can schedule these reports to run automatically or run them on demand.

Configure File Screening and Storage Reports

File screening is a feature that allows you to control what types of files can be stored on your file servers. You can create file screening rules that block or allow certain file extensions or categories. For example, you can prevent users from storing audio or video files on your file servers to save disk space.

To configure file screening in Windows Server 2012 R2, you need to use FSRM. You can create file groups that define which file extensions or categories you want to block or allow. Then you can create file screen templates that apply these file groups to a path or volume. Finally, you can create file screens that apply aa16f39245