Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. What utility is used to see what accounts cached on RODC?
Enable Windows Remote Management (WinRM) on each server.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Configure caching on the shared folder (offline files)
Active Directory Users and Computers

2. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Create a Network Load Balancing cluster.
Win2000

3. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Group Policy Preferences

4. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Attach VHD file created by Windows server backup
Deploy a failover cluster that uses Node and File Share Disk Majority
Disable Site Link Bridging from the IP properties

5. You need to relocate an AD LDS instance from C: Drive to D: Drive
Implement Network Access Protection (NAP)
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Deploy a GPO for the Sales OU
File Server Resource Manager (FSRM) quotas and file screens

6. To allow connection to a 256 Kbps ISDN...
DISABLE slow link detection in the GPO
Then configure auto enrollment of certificates and Credential Roaming.
Dsmgmt
The Group Policy Management Console

7. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Dsmgmt
Configure separate application pools for each application
Implement a domain-based DFS namespace that uses replication
Creating a data collector set that kick off a scritp that either move or delete files.

8. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Discover the run Microsoft Baseline Security Analyzer (MBSA)

9. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
DSMOD
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Run adprep /forestprep and adprep /domainprep
net stop ntds

10. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Assign the application to all client computers by using a GPO.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition

11. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
PDC emulator with w32tm.exe
Purchase one additional Enterprise License
Then install new Server 2008 R2 Enterprise subordinate CA.

12. If you need to be able to create shared folders on Server 2008 R2
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Additional DFS Targets
Dfsrdiag
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.

13. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
PDC emulator with w32tm.exe
Create a standard secondary of domain and create standard secondary of other domain.
Deploy the Root CA certificate to the external computers.
dnscmd

14. An AD LDS instance needs to be replicated from one server to another...
Recommend Offline Files
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Service user account for AD LDS
PowerShell 2.0

15. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Assign the application to computers in the PC OU
Configure Firewall Group Policies and link them at the Domain level
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd

16. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

17. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Install Windows Server Backup and modify the Windows firewall settings
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO

18. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Implement Windows System Resource Manager (WSRM)
Site
Install the RSAT tool on their workstation to provide for more efficient network management
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.

19. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

20. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Authorization Manager

21. Auditing the deletion of Registry keys on all Domain Controllers
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Deploy a GPO to the WebSrvOU
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

22. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Create an e-mail account in AD DS for your RMS users
Event Subscriptions
Upgrading DFS to Windows Server 2008 R2
Create an Active Directory-Integrated zone.

23. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Implement one LUN for the quorum and another LUN for the data
Dsmgmt
Configure offline files and enable manual caching
The Group Policy Management console

24. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Assign the application to computers in the PC OU
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Install From Media IFM

25. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology

26. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Subnet object needs to be created
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Active Directory Right Management Services (AD RMS)
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop

27. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Deploy a GPO for the Sales OU
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
DSMOD

28. If you need to delegate control of server to remote admins group
Use Netsh tool from administrator's computer.
Configure RODC for Administrator Role Separation
Incoming external trust
Domain based Distributed File System (DFS) namespace and DFS Replication.

29. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Deploy a GPO to the WebSrvOU
dnscmd tool
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.

30. You need to ensure that the guest account on all servers is disabled to
Increase the tombstone lifetime for the forest.
DSMOD
net stop ntds
Discover the run Microsoft Baseline Security Analyzer (MBSA)

31. To determine size of AD database file...
Refresh the zone on DNS2
Then use Windows Deployment Services (WDS)
Perform an authoritative restore
View properties of %systemroot%ntdsntds.dit

32. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Add the new UPN Suffix to the forest
Dynamically expanding VHD's

33. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
ntdsutil
Implement the Windows Search Service.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.

34. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Recommend GPT and basic disks
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Then install new Server 2008 R2 Enterprise subordinate CA.
Active Directory snapshots and Tombstone reanimation

35. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Event Viewer
Modify the GPO to include folder redirection
Subnet object needs to be created
IIS Chared Configuration

36. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Implement the Windows Search Service.
Deploy a failover cluster that uses Node and File Share Disk Majority
Active Directory Users and Computers

37. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Enable Credential Roaming

38. 4 steps to perform authoritative restore of a deleted OU...
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
FILES option within Ntdsutil
Increase the tombstone lifetime for the forest.

39. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Create a Central Store
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Basic Authentication and SSL

40. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Use local roles options within "dsmgmt"
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Create and deploy a logon script that runs Auditpol.
WDS

41. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Administrators is the minimum group membership required to complete this procedure.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Configure separate application pools for each application
New ACCOUNT STORE should be added and configured

42. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Configure Firewall Group Policies and link them at the Domain level
PDC emulator with w32tm.exe
Import-Module
Passive file screens

43. To update ADRMS password...
Install Windows Server Backup and modify the Windows firewall settings
Changed manually
AD Rights Management Services
Administrators is the minimum group membership required to complete this procedure.

44. To recover objects deleted from Active Directory you should recommend
Active Directory snapshots and Tombstone reanimation
Create a new Password Settings Object (PSO) for the IT users.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Recommend Offline Files

45. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary

46. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
802.1.x NAP
Storage manager for SANs
Incoming external trust
Implement the Windows Search Service.

47. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Recommend GPT and basic disks
Win2000
Jill came down with 2.50.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.

48. When deploying an application using the Group Policy distribution method assign the...
Service user account for AD LDS
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Execute the Set-ADServiceAccount cmdlet
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.

49. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Install the RSAT tool on their workstation to provide for more efficient network management
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
DSMOD - ADUC

50. What should be done first to defragment the AD database?
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Run net stop ntds
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.