Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
802.1.x NAP
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Install and share a printer on a server and then enable printer pooling.
Implement Network Access Protection (NAP)

2. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Implement a GPO for each domain
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Then configure auto enrollment of certificates and Credential Roaming.

3. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise

4. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Run adprep /forestprep and adprep /domainprep
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Use a GPO to configure device installation restrictions
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).

5. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Configure Firewall Group Policies and link them at the Domain level
Implement Windows System Resource Manager (WSRM) and configure user policies
Disable Site Link Bridging from the IP properties
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.

6. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
CAPublishGP group should have the Manage CA permission.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Run the Delegation of Control Wizard on the Staff OU

7. To determine size of AD database file...
Service user account for AD LDS
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Then configure auto enrollment of certificates and Credential Roaming.
View properties of %systemroot%ntdsntds.dit

8. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Perform an authoritative restore
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Add George to the Domain Admins group.

9. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
From Server A - run Create Basic Task Wizard
Active Directory snapshots and Tombstone reanimation
Enable Windows Remote Management (WinRM) on each server.
Dsmgmt

10. Need to access some resources in another domain that is part of another forest...What trust is created?
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Include a server that runs Microsoft Office SharePoint Server 2010
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Incoming external trust

11. To recover objects deleted from Active Directory you should recommend
Configure block inheritance on the IT OU
Active Directory snapshots and Tombstone reanimation
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
dnscmd

12. For the users that work remotely that need access to files from the corporate office you should...
Recommend Offline Files
Implement Distributed File System Replication (DFSR) on both servers
Upgrading DFS to Windows Server 2008 R2
Event Viewer

13. To build a highly secure server cluster with a reduced attack surface area
Deploy a failover cluster that uses Node and File Share Disk Majority
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Modify the local policy to point to the Internal WSUS server
Winrm quickconfig

14. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Printer driver isolation
Install and share a printer on a server and then enable printer pooling.

15. To enable the AD Recycle Bin
Enable Credential Roaming
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Enable - ADoptionalFeature cmdlet
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology

16. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Microsoft Desktop Optimization Pack (MDOP) to your company
Back up to an external USB drive by using Windows Server Backup

17. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Event Log Subscriptions
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.

18. To identify users who bypass the new corporate security policy -
Microsoft System Center Data Protection Manager
Configure Audit Special Logon and define Special Groups
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie

19. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
View properties of %systemroot%ntdsntds.dit
Create a standard secondary of domain and create standard secondary of other domain.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd

20. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Share and Storage Management
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Data Recovery Agent
DSMOD

21. To update ADRMS password...
AD Rights Management Services
Enable - ADoptionalFeature cmdlet
Add the Windows Server Backup feature and Windows System Image recovery.
Assign the application to computers in the PC OU

22. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Storage manager for SANs
Configure event log subscriptions
Install the RSAT tool on their workstation to provide for more efficient network management
Then configure auto enrollment of certificates and Credential Roaming.

23. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Set-ADServiceAccount cmdlet
Software Restriction Polices
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Implement Network Access Protection (NAP)

24. The Computer Management snap-in allows you to create shares both on...
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Role Separation
Your machine and remote desktops
Disable Site Link Bridging from IP Properties

25. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Multipath I/O feature
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Storage manager for SANs
Deploy Microsoft System Center Operations Manager (SCOM)

26. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
The Group Policy Management console
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Then configure auto enrollment of certificates and Credential Roaming.

27. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Create a Network Load Balancing cluster.
Administrative Role Separation
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

28. In order to ensure highly available Windows Update servers you should create this.
Software Restriction Polices
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.

29. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Configure RODC for Administrator Role Separation
New ACCOUNT STORE should be added and configured

30. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Authorization Manager
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Include a server that runs Microsoft Office SharePoint Server 2010
Recommend Active Directory delegation

31. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
AD Domains and Trusts
Run net stop ntds
Deploy a failover cluster that uses Node and File Share Disk Majority

32. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Folder redirection. Folder redirection is also useful when using roamin profiles.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Deploy Microsoft System Center Operations Manager (SCOM)

33. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Site
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise

34. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Windows System Resource Manager (WSRM)
Domain based Distributed File System (DFS) will reduce network traffic
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Implement GPO for all client computers

35. To ensure that recovery is possible if a file on a file server is deleted accidentally
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement Shadow Copies
Configure folder redirection
dnscmd

36. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
DISABLE slow link detection in the GPO
An Active Directory subnet object needs to be created.

37. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Group Policy Preferences
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Run the Delegation of Control Wizard on the Staff OU

38. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
View properties of %systemroot%ntdsntds.dit
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
dnscmd
dnscmd tool

39. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Test-AppLockerPolicy

40. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Microsoft SharePoint Foundation 2010
Windows Server 2003
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology

41. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
IIS Chared Configuration
Modify the local policy to point to the Internal WSUS server
Certificate Templates
Import-Module

42. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
Network Load Balancing (NLB) cluster
Create a Network Load Balancing cluster.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.

43. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Modify the GPO to include folder redirection
Install Windows Server Backup and modify the Windows firewall settings
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

44. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Configure caching on the shared folder (offline files)
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.

45. To configure Administrator Role Separation for an RODC
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Authorization Manager
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).

46. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Share and Storage Management
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Dfsrdiag
Implement a GPO for each domain

47. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Install the RSAT tool on their workstation to provide for more efficient network management
Administrators is the minimum group membership required to complete this procedure.
Then use Windows Deployment Services (WDS)
Configure separate application pools for each application

48. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Windows System Resource Manager (WSRM)
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Then use on install image file that contains a single install image.
Active Directory snapshots and Tombstone reanimation

49. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Configure the zone as an Activde Directory-Integrated zone.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Increase the tombstone lifetime for the forest.

50. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Creating a data collector set that kick off a scritp that either move or delete files.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Use Netsh tool from administrator's computer.
Then use Windows BitLocker Drive Encryption