Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Microsoft Desktop Optimization Pack (MDOP) to your company
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Raise the DFL to Windows Server 2008 R2.

2. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

3. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Deploy a failover cluster that uses Node and File Share Disk Majority
Assign the application to all client computers by using a GPO.
Then use Windows BitLocker Drive Encryption
Enable Credential Roaming

4. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Dfsrdiag
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Ntdsutil
Configure offline files and enable manual caching

5. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

6. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Distributed File System (DFS) Replication
Ntdsutil
Add the user to the Domain Admins global group
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions

7. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Implement Shadow Copies
Certificate Templates
Utilize IFM (Install From Media)
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.

8. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Implement Windows System Resource Manager (WSRM) and configure user policies
Import-Module
Configure separate application pools for each application
Create a Network Load Balancing cluster.

9. What should be done to resolve names by using GlobalNames zone?
dnscmd tool
ntdsutil
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Dsmgmt

10. To backup to tape/robotic tape and to backup VMs you must use...
Microsoft System Center Data Protection Manager 2010
Deploy a GPO to the WebSrvOU
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Subnet object needs to be created

11. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Configure separate application pools for each application
Upgrading DFS to Windows Server 2008 R2

12. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Create a MEDV workspace
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Deploy a GPO to the WebSrvOU

13. To prevent account password from being cached on RODC server...
fsconfig on FSSrv2
Configure caching on the shared folder and configure offline files to use encryption
Modify properties of RODC server computer account.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.

14. You need to deploy a sales application that only the sales users must have access to
Deploy a GPO for the Sales OU
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Back up to an external USB drive by using Windows Server Backup

15. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Modify properties of RODC server computer account.
Administrators is the minimum group membership required to complete this procedure.

16. Need to access some resources in another domain that is part of another forest...What trust is created?
Use the Local Roles options with dsmgmt.
Incoming external trust
Registry on users computer needs to be modified
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie

17. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Win2000 Native
Configure caching on the shared folder and configure offline files to use encryption
Site
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.

18. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Modify the local policy to point to the Internal WSUS server
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).

19. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Upgrading DFS to Windows Server 2008 R2
Test-AppLockerPolicy
Windows Server 2003
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.

20. Need to ensure users receive updated template within five days...
Improve the performance of File Servers
Import-Module
Configure offline files and enable manual caching
Registry on users computer needs to be modified

21. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
djoin /requesteodj from internal server - djoin /provision from outside server/PC

22. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Dfsrdiag
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).

23. To allow a specifc user or group to manage the address information for the user accounts...
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Recommend Active Directory delegation
Get-ADUser cmdlet
Enable Windows Remote Management (WinRM) on each server.

24. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
IIS Chared Configuration
Dsmgmt
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.

25. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Use CISCO IP Helper command to configure.
Implement Distributed File System Replication (DFSR) on both servers
Zone transfer settings
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.

26. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

27. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
dnscmd tool
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Deploy a failover cluster that contains one node in each office.
Event Viewer

28. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
ntdsutil
Implement a GPO for each domain
Passive file screens
Raise the DFL to Windows Server 2008 R2.

29. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Dfsrdiag
View properties of %systemroot%ntdsntds.dit
Set-ADServiceAccount cmdlet
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array

30. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Administrative Role Separation
Assign permissions for the Groups OU and Branch OU to the help desk technicians.

31. What should be done first to defragment the AD database?
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Run net stop ntds
Distributed File System (DFS) Replication
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise

32. To allow a user to administer Active Directory
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Use the Local Roles options with dsmgmt.
Add the user to the Domain Admins global group
Recommend Active Directory delegation

33. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
fsconfig on FSSrv2
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Dsmgmt
Install From Media IFM

34. If you want to allow single-label name resolution
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
DSMOD
Then configure GlobalNames zones on each domain controller.
PowerShell 2.0

35. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Deploy it by using Group Policy Software Installation method
Implement a domain-based DFS namespace that uses replication
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Microsoft SharePoint Foundation 2010

36. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
PowerShell 2.0
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Active Directory Users and Computers
Implement GPO for all client computers

37. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Deploy Microsoft System Center Operations Manager (SCOM)
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
PowerShell 2.0

38. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Install the RSAT tool on their workstation to provide for more efficient network management
Windows Server 2003
WSUS server in the branch office in replica mode.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array

39. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Active Directory Domains and Trusts
Add George to the Domain Admins group.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Configure block inheritance on the IT OU

40. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Add George to the Domain Admins group.
Configure offline files and enable manual caching
802.1.x NAP

41. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Implement GPO for all client computers
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

42. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.

43. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Microsoft Application Virtualization (AppV)
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Run net stop ntds

44. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Create a Central Store
Then install new Server 2008 R2 Enterprise subordinate CA.
802.1.x NAP
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array

45. To restore previous version of script without taking up too much of time...
MEDV to deploy virtual desktops
Attach VHD file created by Windows server backup
Windows XP Mode
Create an Active Directory-Integrated zone.

46. In order to manage websites without having to logon you can use
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
PowerShell 2.0
Create a Network Load Balancing cluster.
Improve the performance of File Servers

47. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
AD Domains and Trusts
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Windows XP Mode

48. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
AD Domains and Trusts
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Implement Windows System Resource Manager (WSRM)
Software Restriction Polices

49. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Configure caching on the shared folder and configure offline files to use encryption
Implement Network Access Protection (NAP) that uses 802.1x enforcement
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Authorization Manager role assignment

50. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Implement Shadow Copies
Dsmgmt
Windows Deployment Services (WDS)
Raise the DFL to Windows Server 2008 R2.