Case Study: Northwind Traders

Existing Network Infrastructure Exhibit 

Overview 

Northwind Traders is a stockbroker company in Northern Europe. The company provides advice and the resources to buy and sell stocks for individual investors. 

Currently, the company operates between the hours of 8:00 A.M. and 6:00 P.M. 

However, with the upcoming changes, business hours will be expanded. 

Physical locations 

The company’s main office is located in Stockholm. The company has two branch offices in the following locations: 

• Helsinki 
  
• Copenhagen 
  

The company plans to establish a new branch office in Oslo. 

The number of users in each location is shown in the following table. 

Location           Number of users 

Stockholm                350 

Helsinki                    100 

Copenhagen             150 

Oslo                         15 

Planned Changes 

All stock trading is currently done by telephone or fax. 

The company wants to provide a Web site to allow customers to trade directly by using the Internet. It is also providing a new Web application named NewApp to trade stocks. 

To support this new environment, the company will upgrade its servers to Windows Server 2003. 

Existing Environment 

Business Processes 

Each office of Northwind Traders has its own IT staff. 

The company currently hosts a mainframe application that tracks customers’ stock traders. Each office uses its own instance of this application. 

Stock trades that have been initiated by telephone must be recorded within two hours of the call. 

Infrastructure 

Directory Services 

Currently, the company is using a Windows NT 4.0 domain infrastructure consisting of three domains, one for each office. The information about these domains is not well documented. 

All links between offices are highly reliable. 

All IT staff is members of the Domain Admins group in their own domain. 

All domain controllers run Windows NT Server 4.0 with the latest service pack and security fixes installed. 

Network Infrastructure 

The existing network infrastructure is shown in the Existing Network Infrastructure Exhibit. 

The local network in each office is a 10/100-Mbps Ethernet network. 

Client computers run Windows NT Workstation 4.0 and Windows 98. There are also *** missing *** 

Problem Statements 

The following business problems must be considered: 

• Currently, employees need to remember different user names and password for different computers and offices. The company wants a single sign-on process in the new environment, which will also help to improve security. 
• In the last year, the company had some instances of data being compromised. The company wants to be able to trace which computer used which IP address at the time that the compromise occurred. The company wants to be able to store this information for at least one month. 

Chief Executive Officer 

I want customers of Northwind Traders to be able to trade stocks more directly. Because migration can take months, we need our employees to be able to access both the current environment and the new environment during migration. However, after the migration is completed, employees should not be allowed to log on to the current environment. 

Chief Information Officer 

I want to introduce a new application named NewApp. NewApp is multitier application that will run on the Windows Server 2003 computers. NewApp will enable us to provide our customers with a tool to trade stocks online. 

NewApp will be hosted on computers in the Stockholm and Oslo offices. The NewApp Web servers will be accessible from the Internet. The NewApp database servers will be accessible from all sites. 

Business requirements 

Business Drivers 

The following business requirements must be considered: 

• Northwind Trders will use an Internet Web site hosted as www.northwindtraders.com. 
  
• For the internal DNS name, the company wants to use a contiguous namespace. 
  
• For internal name resolution, all computers are required to first use a local DNS server. 
  
• NewApp needs to be highly available. Maximum downtime of this application and its services will be one hour per month. 
• Because the customer transactions are increasing, the company wants to increase productivity and service levels without employing more traders. 
• The company wants to test the disaster recovery model at least once a year. 
  
• During this test, only the password changes and resource access will be tested. 
  



Organizational Goals 

The following organizational requirements must be considered: 

Currently there is no information about how much bandwidth is needed for…. 

*** MISSING *** 

Security 

The following security requirements must be considered: 

• Employees need access to customer data. The company needs to secure the customer data. 
  
• All IT staff is trusted. However, only a selected group of IT staff will have access to customer data.  
• To secure the stock transactions as much as possible, we need all customers to use client certificates for all Web-based stock trading. 
• The company wants to be able to grant and revoke certificates. 
  
• All NewApp database servers need a common set of security settings. 
  
• The maximum downtime of NewApp services is specified for one hour. If a downtime of NewApp services in Stockholm of more than one hour is anticipated, administrators must recover NewApp at the disaster recovery location. 

Technical requirements 

Active Directory 

The following Active Directory requirements must be considered: 

• Employee accounts and resources must be securely separated from the customer account and resources. 
• Web servers will not be part of a domain. 
  
• The company will use centralized authentication for Routing and Remote access. 
  
• IT management has decided to use a common namespace for all domains. 
  
• To make company-wide Active Directory changes, administrators from both the customer environment and the corporate environment must agree. 
• New hardware will be purchased for all Windows Server 2003 domain controllers. 
  
• The OU structure must align with the new administrative model. 
  

Network Infrastructure 

The following infrastructure requirements must be considered: 

• Front-end servers of NewApp will be a Network Load Balancing array of single processor servers. 
  
• Back-end servers of NewApp will be a cluster of eight-way 64-bit servers. 
  
• The company’s ISP does not allow updates to DNS made by customers. The company wants to manage its own namespace. 
• The company has only a limited number of public IP addresses. It can use these addresses only when needed. 
• Logon traffic across WAN links needs to be minimized. 
  
• All client computers will be upgraded to Windows XP Professional. 
  
• The company wants to create a disaster recovery location in the Oslo Office. 
  
• Employees who have remote access will be allowed to access only the NewApp servers when they connect from outside the office. The different remote access requirements are shown in the following table. 

 Northwind Traders (7 Questions) 

QUESTION NO: 1 

You are designing a strategy for migrating to the new environment. Which two factions from your current environment will affect your migration strategy? (Each correct answer presents part of the solution. (Choose two.) 

A. Trusts between domains 

B. Number of BDC s in each domain 

C. Users and resources in each domain 

D. Current hardware for domain controllers 

E. Current amount of replication traffic over WAN links 

QUESTION NO: 2 

You are designing an OU structure for IT staff at the branch offices. What should you do? 

A. Create an OU for the NewApp Web servers. Assign the IT staff at the branch offices user rights to this OU. 

B. Create an OU for the NewApp data servers. Assign the IT staff at the branch offices user rights to this OU. 

C. Create an OU for the IT staff at each branch office. Place network administrators at the branch offices in these OUs. 

D. Create an OU for each branch office. Place local servers in the OU for their respective office. Assign the IT staff at the branch offices user rights to these OUs. 

QUESTION NO: 3 

You are designing the Active Directory domain structure for the company. You need to create a diagram that shows the appropriate structure. What should you do? 

Move the appropriate domains to the correction location in the answer tree. 

QUESTION NO: 4 

You are designing a migration strategy to create user IDs for all company users in the new environment. What should you do? 

A. Create a script that uses Active Directory Services Interfaces (ADSI) to import all user account into the new environment. 

B. Create new accounts for all users. Create a trust relationship between the existing environment and the new environment to enable access to resources in the existing environment. 

C. Import all user accounts into the new environment by using the Active Directory Migration Tool (ADMT). 

D. Import all user accounts into the new environment. Instruct users to no change their passwords during 

the migration phase so that they can access resources in the existing environment. 

Answer: A 

QUESTION NO: 5 

You are designing a security strategy for users who need remote access to the corporate network. What should you do? 

A. Configure Internet Authentication Service (IAS) for accounting. 

B. Configure the server running Routing and Remote Access to support L2TP. 

C. Configure the server running Routing and Remote Access to restrict dial-in traffic to the NewApp servers only. 

D. Create a separate account for remote access users. Configure these accounts to access the NewApp server only. 

QUESTION NO: 6 

You need to test your disaster recovery solution. Which role should you transfer to the disaster recovery location during the test? 

A. RID master 

B. Schema master 

C. PDC emulator master 

D. Domain naming master 

QUESTION NO: 7 

You are designing a strategy to ensure that the Web servers will be accessible from the Internet. You need to identify the appropriate IP configuration components that need to be used. What should you do?