SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Share and Storage Management
2. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Microsoft Application Virtualization (AppV)
Winrm quickconfig
Win2000
Then use Windows Deployment Services (WDS)
3. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Modify the schema of LDSInst1
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Configure RODC for Administrator Role Separation
FFL Windows Server 2008 R2
4. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Ntfrsutil
Dsmgmt
Administrators is the minimum group membership required to complete this procedure.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
5. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Get-ADUser cmdlet
Add the Windows Server Backup feature and Windows System Image recovery.
WSUS server in the branch office in replica mode.
6. Tool to change Directory Services Restore Mode password on Domain Controller...
Group Policy Preferences
ntdsutil
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
7. To update ADRMS password...
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
AD Rights Management Services
Create an e-mail account in AD DS for your RMS users
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
8. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Creating a data collector set that kick off a scritp that either move or delete files.
Implement Distributed File System Replication (DFSR) on both servers
9. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Purchase one additional Enterprise License
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Install the RSAT tool on their workstation to provide for more efficient network management
10. to make shares at a remote location available to users you should implement this.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Configure offline files and enable manual caching
Dfsrdiag
Deploy a GPO to the WebSrvOU
11. To recover objects deleted from Active Directory you should recommend
dnscmd tool
Active Directory snapshots and Tombstone reanimation
CAPublishGP group should have the Manage CA permission.
Add the new UPN Suffix to the forest
12. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Winrm quickconfig
Then configure auto enrollment of certificates and Credential Roaming.
13. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Domain based Distributed File System (DFS) will reduce network traffic
Assign the application to computers in the PC OU
PDC emulator with w32tm.exe
Add the user to the Domain Admins global group
14. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
Configure Audit Special Logon and define Special Groups
dsa.msc - dsamain.exe - ntdsutil.exe
Increase the tombstone lifetime for the forest.
Microsoft Desktop Optimization Pack (MDOP)
15. To configure Administrator Role Separation for an RODC
Storage manager for SANs
Run the Delegation of Control Wizard on the Staff OU
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Assign the application to all client computers by using a GPO.
16. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Zone transfer settings
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
17. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Basic Authentication and SSL
Event Log Subscriptions
Enable Windows Remote Management (WinRM) on each server.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
18. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Win2000 Native
Implement GPO for all client computers
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
19. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
FFL Windows Server 2008 R2
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
20. to protect file servers and hard disks that may be at risk of being accessed or stolen
Purchase one additional Enterprise License
Deploy Microsoft System Center Operations Manager (SCOM)
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Implement Windows BitLocker Drive Encryption (BitLocker)
21. To create AD Domain Services snapshot
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Ntdsutil
Back up to an external USB drive by using Windows Server Backup
22. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Dfsrdiag
Deploy a GPO for the Sales OU
23. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
DSMOD
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
24. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Repadmin
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Subnet object needs to be created
25. When service account passwords need to be changed for SQL they should be...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Changed manually
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Certificate Templates
26. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Test-AppLockerPolicy
Implement Windows System Resource Manager (WSRM)
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Network Load Balancing (NLB)
27. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Windows Server 2003
Implement Network Access Protection (NAP)
Implement Distributed File System Replication (DFSR) on both servers
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
28. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Event Log Subscriptions
Group Policy Preferences
Deploy a failover cluster that uses Node and File Share Disk Majority
Add the Windows Server Backup feature and Windows System Image recovery.
30. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Configure offline files and enable manual caching
Configure event log subscriptions
WDS
Configure an audit policy by editing the default domain policy and configure Event Forwarding
31. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Execute the Set-ADServiceAccount cmdlet
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
32. The Computer Management snap-in allows you to create shares both on...
Role Separation
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Event Viewer
Your machine and remote desktops
33. When recommending a monitoring solution for an application so that it's events can be stored in a central
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Enable Windows Remote Management (WinRM) on each server.
Improve the performance of File Servers
Event Subscriptions
34. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Deploy a failover cluster that contains one node in each office.
Distributed File System (DFS) Replication
Include a server that runs Microsoft Office SharePoint Server 2010
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
35. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
File Server Resource Manager (FSRM) quotas and file screens
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
ntdsutil
36. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Modify properties of RODC server computer account.
Implement Windows BitLocker Drive Encryption (BitLocker)
37. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Configure separate application pools for each application
Recommend Group Policy preferences
Add George to the Domain Admins group.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
38. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Site
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Additional DFS Targets
40. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
MEDV to deploy virtual desktops
Configure caching on the shared folder (offline files)
Properties of PSO need modified
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
41. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
PDC emulator with w32tm.exe
Deploy the Root CA certificate to the external computers.
42. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
IIS Chared Configuration
43. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Then use on install image file that contains a single install image.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Microsoft System Center Data Protection Manager 2010
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
44. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
PDC emulator with w32tm.exe
Add the new UPN Suffix to the forest
Create an Active Directory-Integrated zone.
Modify zone transfer settings for company.com zone on DCA
45. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Back up to an external USB drive by using Windows Server Backup
46. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Network Load Balancing (NLB)
DSMOD
Use the Local Roles options with dsmgmt.
Certificate Templates
47. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Implement one LUN for the quorum and another LUN for the data
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Test-AppLockerPolicy
48. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Refresh the zone on DNS2
Create and deploy a logon script that runs Auditpol.
Recommend Offline Files
49. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Creating a data collector set that kick off a scritp that either move or delete files.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Create an e-mail account in AD DS for your RMS users
50. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Microsoft SharePoint Foundation 2010
IIS Chared Configuration
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Modify zone transfer settings for company.com zone on DCA
