SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To backup Virtual Machines
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
AD Domains and Trusts
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
2. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Windows BitLocker Drive Encryption (Bit Locker)
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Use CISCO IP Helper command to configure.
3. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Create a MEDV workspace
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
4. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
File Server Resource Manager (FSRM) quotas and file screens
Configure RODC for Administrator Role Separation
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Creating a data collector set that kick off a scritp that either move or delete files.
5. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
New ACCOUNT STORE should be added and configured
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
6. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
WDS
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Create a Network Load Balancing cluster.
7. An AD LDS instance needs to be replicated from one server to another...
Service user account for AD LDS
Implement a GPO for each domain
Dsmgmt
Implement File Server Resource Manager (FSRM) quotas on the desired servers
8. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
A Distributed File System (DFS) namespace
Disable Site Link Bridging from the IP properties
AD Rights Management Services
Incoming external trust
9. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Microsoft Desktop Optimization Pack (MDOP)
DSMOD
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Use the Local Roles options with dsmgmt.
10. What GPO setting should be configured to prevent all users from running an application?
AD Domains and Trusts
Prestage the computer account in AD
Software Restriction Polices
Event Subscriptions
11. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Create a standard secondary of domain and create standard secondary of other domain.
Run the Delegation of Control Wizard on the Staff OU
Implement a Remote Desktop Connection Broker (RD Connection Broker)
An Active Directory subnet object needs to be created.
12. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Configure caching on the shared folder and configure offline files to use encryption
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Run adprep /forestprep and adprep /domainprep
Group Policy Preferences
13. To allow a specifc user or group to manage the address information for the user accounts...
Use the Local Roles options with dsmgmt.
Incoming external trust
Recommend Active Directory delegation
Share and Storage Management
14. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
AD Rights Management Services
15. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Implement Network Access Protection (NAP)
Creating a data collector set that kick off a scritp that either move or delete files.
16. If you want to allow single-label name resolution
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Then configure GlobalNames zones on each domain controller.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Then use Windows BitLocker Drive Encryption
17. To enable the AD Recycle Bin
From Server1 - run the Create Basic Task Wizard
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Enable - ADoptionalFeature cmdlet
18. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Import-Module
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Win2000 Native
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
20. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Run the Delegation of Control Wizard on the Staff OU
Incoming external trust
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Test-AppLockerPolicy
21. to protect file servers and hard disks that may be at risk of being accessed or stolen
Use CISCO IP Helper command to configure.
Implement Windows BitLocker Drive Encryption (BitLocker)
Enable Windows Remote Management (WinRM) on each server.
Authorization Manager
22. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Then use on install image file that contains a single install image.
Modify the schema of LDSInst1
Run adprep /forestprep and adprep /domainprep
23. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
New ACCOUNT STORE should be added and configured
Create a new Password Settings Object (PSO) for the IT users.
Configure caching on the shared folder (offline files)
24. What role to keep same time as an external server?
ntdsutil
Then use Windows BitLocker Drive Encryption
PDC emulator with w32tm.exe
Zone transfer settings
25. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Offline domain join
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Configure event log subscriptions
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
26. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
CAPublishGP group should have the Manage CA permission.
Enable Windows Remote Management (WinRM) on the servers.
Ntfrsutil
Configure the zone as an Activde Directory-Integrated zone.
27. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
File Server Resource Manager (FSRM) quotas and file screens
Storage manager for SANs
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
IIS Chared Configuration
28. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Backup operator's domain local group
Then configure auto enrollment of certificates and Credential Roaming.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
29. To restore previous version of script without taking up too much of time...
Domain based DFS namespace and configure a DFS replication group
FFL Windows Server 2008 R2
Attach VHD file created by Windows server backup
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
30. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Dynamically expanding VHD's
Dfsrdiag
31. Striped volumes
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Improve the performance of File Servers
fsconfig on FSSrv2
32. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
CAPublishGP group should have the Manage CA permission.
Windows Deployment Services (WDS)
Deploy a GPO for the Sales OU
33. The Computer Management snap-in allows you to create shares both on...
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Your machine and remote desktops
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
34. to make shares at a remote location available to users you should implement this.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Domain based Distributed File System (DFS) namespace and DFS Replication.
Authorization Manager
Use CISCO IP Helper command to configure.
35. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
A Distributed File System (DFS) namespace
Enable - ADoptionalFeature cmdlet
Offline domain join
Active Directory Users and Computers utility
37. 2 ways to relocate user and computer accounts to different OUs
Implement folder redirection by using GPO. Then backup the folder redirection target.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
DSMOD - ADUC
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
38. To make deploying the custom Word dictionary easy
Add the Windows Server Backup feature and Windows System Image recovery.
Modify zone transfer settings for company.com zone on DCA
Recommend Group Policy preferences
Enable Windows Remote Management (WinRM) on the servers.
39. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Deploy Microsoft System Center Operations Manager (SCOM)
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
40. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Enable Credential Roaming
Domain based DFS namespace and configure a DFS replication group
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Multipath I/O feature
41. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Disable Site Link Bridging from IP Properties
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Event Log Subscriptions
42. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Configure folder redirection
Active Directory Right Management Services (AD RMS)
Deploy it by using Group Policy Software Installation method
Add the Windows Server Backup feature and Windows System Image recovery.
43. UPN Suffix xxxx.com needs to be available for user accounts...
Add the new UPN Suffix to the forest
Create a Central Store
The Group Policy Management Console
DFL needs to be Windows Server 2008
44. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Domain based Distributed File System (DFS) will reduce network traffic
45. To create AD Domain Services snapshot
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Repadmin
dnscmd
Ntdsutil
46. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Use CISCO IP Helper command to configure.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Implement a GPO for each domain
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
47. To configure Administrator Role Separation for an RODC
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Set-ADServiceAccount cmdlet
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
48. Tools to view contents of an OU in an AD snapshot...
Modify the local policy to point to the Internal WSUS server
dsa.msc - dsamain.exe - ntdsutil.exe
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Network Load Balancing (NLB)
49. To create and additional AD LDS applicaiton directory partition in existing instance...
Ldp
Properties of PSO need modified
Domain based Distributed File System (DFS) namespace and DFS Replication.
Creating a data collector set that kick off a scritp that either move or delete files.
50. To allow connection to a 256 Kbps ISDN...
DISABLE slow link detection in the GPO
Enable Windows Remote Management (WinRM) on the servers.
Add George to the Domain Admins group.
dnscmd tool
