Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Network Load Balancing (NLB) cluster
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication

2. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Import-Module
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Network Load Balancing (NLB)

3. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Changed manually
Microsoft Application Virtualization (AppV)
Event Log Subscriptions
Then use Windows BitLocker Drive Encryption

4. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Microsoft Desktop Optimization Pack (MDOP)
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Add the Windows Server Backup feature and Windows System Image recovery.

5. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
IIS Chared Configuration
Backup operator's domain local group
The Group Policy Management Console

6. to increase the reliability of the print server - configure...
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Perform an authoritative restore
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Printer driver isolation

7. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
802.1.x NAP
Modify the GPO to include folder redirection
Refresh the zone on DNS2
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.

8. You need to design your WSUS infrastructure so that updates are highly available. To do so
dsa.msc - dsamain.exe - ntdsutil.exe
Upgrading DFS to Windows Server 2008 R2
net stop ntds
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

9. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Site

10. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Use Netsh tool from administrator's computer.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Autonomous mode...This allows the local administrator to approve their own updates.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.

11. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

12. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
File Server Resource Manager (FSRM) quotas and file screens
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop

13. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Event Log Subscriptions
Deploy a GPO for the Sales OU
Enable Credential Roaming

14. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Storage manager for SANs
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).

15. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Then use Windows Deployment Services (WDS) on DHCP1.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Run adprep /forestprep and adprep /domainprep

16. To backup GPO's in domain and minimize bakcup...
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
The Group Policy Management Console
Incoming external trust

17. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Group Policy Preferences
Microsoft Desktop Optimization Pack (MDOP) to your company

18. What utility is used to see what accounts cached on RODC?
Attach VHD file created by Windows server backup
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Active Directory Users and Computers
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.

19. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Windows XP Mode
Configure separate application pools for each application

20. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Dfsrdiag
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Service user account for AD LDS

21. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Microsoft Application Virtualization (AppV)
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Your machine and remote desktops
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

22. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Modify properties of RODC server computer account.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

23. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Domain based DFS namespace and configure a DFS replication group
Create and deploy a logon script that runs Auditpol.

24. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Basic Authentication and SSL
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

25. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Then configure GlobalNames zones on each domain controller.
MEDV to deploy virtual desktops
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.

26. UPN Suffix xxxx.com needs to be available for user accounts...
Install From Media IFM
Microsoft SharePoint Foundation 2010
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Add the new UPN Suffix to the forest

27. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Attach VHD file created by Windows server backup
IIS Manager user account
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP

28. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Active Directory Domains and Trusts
Win2000 Native
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.

29. A specific application requires registry modifications to be in place before installing; you should use
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Group Policy Preferences
Install the RSAT tool on their workstation to provide for more efficient network management

30. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Multipath I/O feature
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Then use Windows Deployment Services (WDS)
Your machine and remote desktops

31. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Enable Credential Roaming
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Run net stop ntds

32. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

33. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
Execute the Set-ADServiceAccount cmdlet
AD Rights Management Services
An Active Directory subnet object needs to be created.
Deploy a failover cluster that uses Node and File Share Disk Majority

34. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Deploy it by using Group Policy Software Installation method
Certificate Templates
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.

35. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Deploy a failover cluster that contains one node in each office.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
View properties of %systemroot%ntdsntds.dit
From Server A - run Create Basic Task Wizard

36. To backup Virtual Machines
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.

37. You need to deploy a sales application that only the sales users must have access to
Implement Windows System Resource Manager (WSRM) and configure user policies
Printer driver isolation
Deploy a GPO for the Sales OU
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)

38. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Storage manager for SANs
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Use a GPO to configure device installation restrictions
Assign the application to computers in the PC OU

39. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Back up to an external USB drive by using Windows Server Backup
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Configure Audit Special Logon and define Special Groups
Assign the application to computers in the PC OU

40. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Then install new Server 2008 R2 Enterprise subordinate CA.
ntdsutil
Printer driver isolation
Multipath I/O feature

41. What should be done to resolve names by using GlobalNames zone?
Backup operator's domain local group
Install the RSAT tool on their workstation to provide for more efficient network management
dnscmd tool
Create a GPO and link the GPO to the domain then configure the GPO to be enforced

42. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
New ACCOUNT STORE should be added and configured
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent

43. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Deploy a GPO to the WebSrvOU
Deploy a failover cluster that uses Node and File Share Disk Majority
Offline domain join
Configure folder redirection

44. When service account passwords need to be changed for SQL they should be...
Domain based DFS namespace and configure a DFS replication group
Recommend Offline Files
Changed manually
Run the Delegation of Control Wizard on the Staff OU

45. To configure Administrator Role Separation for an RODC
Attach VHD file created by Windows server backup
Ldp
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Disable Site Link Bridging from IP Properties

46. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Create a Central Store
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files

47. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
DSMOD - ADUC
Enable - ADoptionalFeature cmdlet
Add George to the Domain Admins group.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.

48. Can be used to install the Windows RE on existing servers
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
WDS
Configure authorization rules for Web developers on each web server
Additional DFS Targets

49. Jack and Jill go up the hill - both with a buck and a quarter
Software Restriction Polices
Jill came down with 2.50.
Create an e-mail account in AD DS for your RMS users
Purchase one additional Enterprise License

50. What role to keep same time as an external server?
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Dfsrdiag
Create an Active Directory-Integrated zone.
PDC emulator with w32tm.exe