- Course number: IIS-200
- Duration: 2 days
This 2-day course teaches attendees the principles of web server administration for Microsoft's Internet Information Server (IIS) version 8, 8.5, and 10 (Windows Server 2012, 2012 R2, and 2016). Although other web development frameworks are mentioned, the course is primarily focused on hosting ASP.NET-based applications.
- Comprehensive course manual
- Detailed hands-on lab exercise manual
- Training guide and slides for the course instructor
No prior IIS or web server administration experience is presumed.
The hands-on lab exercises are designed for an environment where each student has an instance of Windows Server.
- Role of a Web Server
- Static and Dynamic Content
- Security
- Authentication and Authorization
- Evolution of IIS
- HTTP/2
- Windows Server Editions
- Nano Server
- Windows Installation Options
- Active Directory vs. Standalone
- IIS Modules
- Server Manager
- PowerShell
- Upgrading from a Previous Version of IIS
- Automated Installation
- Folders and Files
- System Services
- Windows Users and Groups
- IIS Manager
- AppCmd
- PowerShell
- Microsoft.Web.Administration API
- Virtual Directories
- Applications
- Sites and Bindings
- Application Pools
- Architecture
- Feature Delegation
- Configuration Editor
- Configuration Backups
- IIS Management Service
- Users and Permissions
- HTTP.sys
- Worker Processes
- World Wide Web Publishing Service (W3SVC)
- Windows Activation Service (WAS)
- Classic vs. Integrated Pipeline Mode
- Request Lifecycle Events
- IIS Modules
- ISAPI Handlers and Filters
- Static File Handler and MIME Types
- Failed Request Tracing (FRT)
- Modifying Execution Sequence
- URL Rewriting
- Real-Time Monitoring
- Request Logging
- IIS Sub-Status Codes
- Application-Level Logging
- Centralized and Cloud-Based Logging
- Blocking Improper and Malicious Requests
- IP and Domain Restrictions
- Dynamic IP Restrictions
- Bandwidth Throttling
- Connection Limits and Timeouts
- Worker Process Initialization
- Automatic Recycling
- Effects of Recycling
- On Demand vs. Always Running
- Idle Timeout
- Idle Worker Process Page-Out
- Overlapped Recycle
- .NET Application Domain Recycling
- CPU Affinity and Limits
- Rapid Fail Protection
- App Pool Identity vs. Authenticated User
- NTFS Permissions
- Use of Domain Accounts
- Interaction with Configuration System
- Debugging Permission Issues
- Anonymous Authentication
- HTTP Basic and Digest Authentication
- Kerberos and NTLM Authentication
- .NET Forms Authentication
- Authentication for Web Services
- Delegation
- NTFS-Based Authorization
- URL-Based Authorization
- Application-Level Authorization
- Impersonation
- SSL, TLS, and HTTPS
- Obtaining and Installing a Server Certificate
- HTTPS Site Bindings
- Server Name Indication (SNI)
- Centralized Certificate Management
- Certificate Rebind
- Requiring HTTPS
- Client Certificates
- Client Certificate Account Mapping
- Kernel-Mode Output Caching
- User-Mode Output Caching
- Downstream and Client Caching
- Response Compression
- Session IDs
- In-Process Session State
- Using a State Server
- Introduction
- Shared Configuration
- Shared Website Content
- Session State
- Machine Key
- Load Balancing
- Application Request Routing (ARR)
- Pushing vs. Pulling Content
- FTP and WebDAV
- Microsoft Web Deploy
- Dev, Staging, and Production Environments
- .NET Core and Kestrel
- Deployment using Docker