SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
2. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Configure Audit Special Logon and define Special Groups
Printer driver isolation
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Deploy a GPO to the WebSrvOU
3. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Test-AppLockerPolicy
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
4. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Execute the Set-ADServiceAccount cmdlet
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
dnscmd
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
5. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Utilize IFM (Install From Media)
Dfsrdiag
Microsoft Application Virtualization (AppV)
802.1.x NAP
6. To compact AD database...
net stop ntds
Changed manually
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
FILES option within Ntdsutil
7. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Network Load Balancing (NLB) cluster
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
8. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Enable Credential Roaming
Windows Deployment Services (WDS)
Folder redirection. Folder redirection is also useful when using roamin profiles.
9. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Printer driver isolation
Microsoft SharePoint Foundation 2010
Administrators is the minimum group membership required to complete this procedure.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
10. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Create an Active Directory-Integrated zone.
Modify the GPO to include folder redirection
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
11. File that contains the last logon time and custom attributes values for each user in your forest.
Autonomous mode...This allows the local administrator to approve their own updates.
Registry on users computer needs to be modified
Windows XP Mode
Get-ADUser cmdlet
12. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
WDS
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
13. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Test-AppLockerPolicy
Install Hyper-V role and convert physical machines into virtual machines
Data Recovery Agent
Site
14. What should be done to resolve names by using GlobalNames zone?
dnscmd tool
Improve the performance of File Servers
Event Viewer
Active Directory Right Management Services (AD RMS)
15. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Raise the DFL to Windows Server 2008 R2.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
16. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Configure caching on the shared folder (offline files)
Encrypting File System (EFS). This can be enabled locally or through a GPO.
From Server1 - run the Create Basic Task Wizard
Implement one LUN for the quorum and another LUN for the data
17. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Windows Server 2003
Prestage the computer account in AD
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
18. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Implement Distributed File System Replication (DFSR) on both servers
Role Separation
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
19. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
20. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Backup operator's domain local group
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Implement one LUN for the quorum and another LUN for the data
21. An AD LDS instance needs to be replicated from one server to another...
Create an Active Directory-Integrated zone.
Recommend GPT and basic disks
Service user account for AD LDS
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
22. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Implement a domain-based DFS namespace that uses replication
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
23. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Configure authorization rules for Web developers on each web server
Execute the Set-ADServiceAccount cmdlet
Then use Windows Deployment Services (WDS) on DHCP1.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
24. New Password Policy needs to be created for OU different from domain password policy
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Win2000
Then configure auto enrollment of certificates and Credential Roaming.
25. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Disable Site Link Bridging from IP Properties
Implement the Windows Search Service.
Administrative Role Separation
26. If you want to implement BitLocker and store recovery informaiton in a central location
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Authorization Manager
CAPublishGP group should have the Manage CA permission.
27. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Windows BitLocker Drive Encryption (Bit Locker)
fsconfig on FSSrv2
28. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Dfsrdiag
Deploy Microsoft System Center Operations Manager (SCOM)
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Attach VHD file created by Windows server backup
29. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Assign the application to all client computers by using a GPO.
Disable Site Link Bridging from the IP properties
Windows System Resource Manager (WSRM)
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
31. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Run adprep /forestprep and adprep /domainprep
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Disable Site Link Bridging from IP Properties
32. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Enable Credential Roaming
IIS Chared Configuration
Deploy it by using Group Policy Software Installation method
33. 4 steps to perform offline Defragmentation of AD database...
Use a GPO to configure device installation restrictions
Deploy a failover cluster that contains one node in each office.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
34. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
Disable Site Link Bridging from IP Properties
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
35. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Ntfrsutil
Domain based DFS namespace and configure a DFS replication group
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Enable Credential Roaming
36. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Set-ADServiceAccount cmdlet
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
37. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Dfsrdiag
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Deploy a GPO to the WebSrvOU
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
38. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Additional DFS Targets
Add George to the Domain Admins group.
Configure Audit Special Logon and define Special Groups
Configure block inheritance on the IT OU
39. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
DSMOD
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
A relying party trust should be created.
40. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Win2000
Event Subscriptions
41. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Raise the DFL to Windows Server 2008 R2.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Run the Delegation of Control Wizard on the Staff OU
Printer driver isolation
43. To enable the AD Recycle Bin
IIS Chared Configuration
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
PDC emulator with w32tm.exe
Enable - ADoptionalFeature cmdlet
44. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Install Windows Server Backup and modify the Windows firewall settings
Service user account for AD LDS
Recommend GPT and basic disks
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
45. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Dfsrdiag
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
46. 4 steps to perform authoritative restore of a deleted OU...
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Recommend Offline Files
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Multipath I/O feature
47. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Configure authorization rules for Web developers on each web server
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
48. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Enable Credential Roaming
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
IIS Chared Configuration
Deploy the Root CA certificate to the external computers.
49. If subnets are connected by CISCO router that is RFC-1542 compliant
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Dynamically expanding VHD's
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Use CISCO IP Helper command to configure.
50. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Add the user to the Domain Admins global group
Upgrading DFS to Windows Server 2008 R2
Domain based Distributed File System (DFS) namespace and DFS Replication.
Autonomous mode...This allows the local administrator to approve their own updates.