SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If users complain that it is hard to find the shared folders on the network implement
Additional DFS Targets
Configure block inheritance on the IT OU
Active Directory Users and Computers
Role Separation
2. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Install From Media IFM
Recommend GPT and basic disks
Multipath I/O feature
3. You need a solution that meets policy while minimizing hardware and software costs
Create a new Password Settings Object (PSO) for the IT users.
Microsoft System Center Data Protection Manager 2010
Microsoft Application Virtualization (AppV)
Create a MEDV workspace
4. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Changed manually
AD Domains and Trusts
Microsoft System Center Data Protection Manager 2010
5. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Group Policy Preferences
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
6. The Computer Management snap-in allows you to create shares both on...
CAPublishGP group should have the Manage CA permission.
Implement the Windows Search Service.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Your machine and remote desktops
7. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Distributed File System (DFS) Replication
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Creating a data collector set that kick off a scritp that either move or delete files.
8. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
9. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
10. When recommending a monitoring solution for an application so that it's events can be stored in a central
802.1.x NAP
Event Subscriptions
Run the Delegation of Control Wizard on the Staff OU
fsconfig on FSSrv2
11. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
12. New password settings object (PSO) created and needs to be applied to user
Then use Windows Deployment Services (WDS) on DHCP1.
Creating a data collector set that kick off a scritp that either move or delete files.
Properties of PSO need modified
Dsmgmt
13. If you need to be able to create shared folders on Server 2008 R2
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Recommend Group Policy preferences
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
14. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Ldp
Import-Module
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
15. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
802.1.x NAP
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Create a standard secondary of domain and create standard secondary of other domain.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
16. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Include a server that runs Microsoft Office SharePoint Server 2010
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
17. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Refresh the zone on DNS2
Storage manager for SANs
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
18. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Configure Audit Special Logon and define Special Groups
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
19. If a file server reaches 15% free disk space - you could free up some disk space by
Administrators is the minimum group membership required to complete this procedure.
New ACCOUNT STORE should be added and configured
Creating a data collector set that kick off a scritp that either move or delete files.
WSUS server in the branch office in replica mode.
20. To build a highly secure server cluster with a reduced attack surface area
Incoming external trust
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Dfsrdiag
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
21. Jack and Jill go up the hill - both with a buck and a quarter
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Create an e-mail account in AD DS for your RMS users
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Jill came down with 2.50.
22. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
The Group Policy Management console
Implement a GPO for each domain
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Configure caching on the shared folder and configure offline files to use encryption
23. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Create and deploy a logon script that runs Auditpol.
FILES option within Ntdsutil
Implement a Remote Desktop Connection Broker (RD Connection Broker)
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
24. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
The Group Policy Management console
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
25. To be able to user an application from one AD FS with authentication server to another...
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
A relying party trust should be created.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
26. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Dynamically expanding VHD's
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Properties of PSO need modified
27. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Properties of PSO need modified
Add the new UPN Suffix to the forest
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Ntfrsutil
28. What should be done to ensure changes made to AD objects can be logged?
Configure Audit Special Logon and define Special Groups
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Then use on install image file that contains a single install image.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
29. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Add the Windows Server Backup feature and Windows System Image recovery.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Deploy a failover cluster that contains one node in each office.
Ntfrsutil
30. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Restore-ADObject cmdlet
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
31. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Create a standard secondary of domain and create standard secondary of other domain.
Active Directory Users and Computers utility
Network Load Balancing (NLB) cluster
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
32. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Software Restriction Polices
Implement Distributed File System Replication (DFSR) on both servers
Assign the application to all client computers by using a GPO.
Dfsrdiag
33. Need to ensure users receive updated template within five days...
AD Domains and Trusts
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Recommend Group Policy preferences
Registry on users computer needs to be modified
34. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Create a MEDV workspace
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Role Separation
35. To ensure that a file on a file server do not leave the organization you must implement this.
AD RMS
Configure Firewall Group Policies and link them at the Domain level
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
36. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Use Netsh tool from administrator's computer.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
From Server1 - run the Create Basic Task Wizard
37. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Recommend Group Policy preferences
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Creating a data collector set that kick off a scritp that either move or delete files.
Multipath I/O feature
38. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install Hyper-V role and convert physical machines into virtual machines
dnscmd tool
AD Domains and Trusts
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
39. If subnets are connected by CISCO router that is RFC-1542 compliant
Configure RODC for Administrator Role Separation
Use CISCO IP Helper command to configure.
Backup operator's domain local group
Dsmgmt
40. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Modify the local policy to point to the Internal WSUS server
Dsmgmt
Authorization Manager role assignment
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
41. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
AD Rights Management Services
42. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Creating a data collector set that kick off a scritp that either move or delete files.
Then use Windows Deployment Services (WDS)
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Autonomous mode...This allows the local administrator to approve their own updates.
43. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Raise the DFL to Windows Server 2008 R2.
Role Separation
Test-AppLockerPolicy
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
44. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Create a new Password Settings Object (PSO) for the IT users.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Implement Windows System Resource Manager (WSRM)
45. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Ntdsutil
FFL Windows Server 2008 R2
Microsoft Desktop Optimization Pack (MDOP) to your company
Use CISCO IP Helper command to configure.
46. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Upgrading DFS to Windows Server 2008 R2
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Windows System Resource Manager (WSRM)
47. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Enable - ADoptionalFeature cmdlet
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Configure caching on the shared folder and configure offline files to use encryption
Set-ADServiceAccount cmdlet
48. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
FILES option within Ntdsutil
Subnet object needs to be created
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
49. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Basic Authentication and SSL
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Event Subscriptions
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
50. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
