Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
dnscmd tool
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Configure Audit Special Logon and define Special Groups
An Active Directory subnet object needs to be created.

2. To allow a specifc user or group to manage the address information for the user accounts...
fsconfig on FSSrv2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Recommend Active Directory delegation

3. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

4. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Disable Site Link Bridging from the IP properties
dsa.msc - dsamain.exe - ntdsutil.exe
Add the Windows Server Backup feature and Windows System Image recovery.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions

5. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Role Separation
Dsmgmt
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.

6. To determine size of AD database file...
View properties of %systemroot%ntdsntds.dit
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Jill came down with 2.50.
Use a GPO to configure device installation restrictions

7. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Purchase one additional Enterprise License
Software Restriction Polices

8. An AD LDS instance needs to be replicated from one server to another...
Service user account for AD LDS
Add the new UPN suffix to the forest.
Deploy a failover cluster that contains one node in each office.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

9. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Properties of PSO need modified
Raise the DFL to Windows Server 2008 R2.
Add George to the Domain Admins group.
Multipath I/O feature

10. A specific application requires registry modifications to be in place before installing; you should use
Group Policy Preferences
Microsoft System Center Data Protection Manager 2010
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Registry on users computer needs to be modified

11. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Implement Distributed File System Replication (DFSR) on both servers
Install Windows Server Backup and modify the Windows firewall settings
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.

12. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Implement folder redirection by using GPO. Then backup the folder redirection target.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Modify the local policy to point to the Internal WSUS server
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.

13. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
DFL needs to be Windows Server 2008
Increase the tombstone lifetime for the forest.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Windows Deployment Services (WDS)

14. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Event Subscriptions
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Upgrading DFS to Windows Server 2008 R2
Discover the run Microsoft Baseline Security Analyzer (MBSA)

15. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Active Directory snapshots and Tombstone reanimation

16. To enable the AD Recycle Bin
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Network Load Balancing (NLB)
Enable - ADoptionalFeature cmdlet

17. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Microsoft Application Virtualization (AppV)
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
djoin /requesteodj from internal server - djoin /provision from outside server/PC

18. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install Hyper-V role and convert physical machines into virtual machines
Implement one LUN for the quorum and another LUN for the data
Use Netsh tool from administrator's computer.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.

19. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Raise the DFL to Windows Server 2008 R2.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Modify the local policy to point to the Internal WSUS server
Get-ADUser cmdlet

20. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Microsoft SharePoint Foundation 2010
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Prestage the computer account in AD
Ldp

21. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

22. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Then use Windows Deployment Services (WDS) on DHCP1.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Utilize IFM (Install From Media)

23. To be able to user an application from one AD FS with authentication server to another...
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
A relying party trust should be created.
DFL needs to be Windows Server 2008
Dfsrdiag

24. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
dnscmd tool
Active Directory Right Management Services (AD RMS)
Modify the schema of LDSInst1
A relying party trust should be created.

25. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Microsoft SharePoint Foundation 2010
Modify the schema of LDSInst1
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise

26. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Disable Site Link Bridging from IP Properties
Group Policy Preferences
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Properties of PSO need modified

27. What role to keep same time as an external server?
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
PDC emulator with w32tm.exe
Subnet object needs to be created
Perform an authoritative restore

28. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
FFL Windows Server 2008 R2
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.

29. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Autonomous mode...This allows the local administrator to approve their own updates.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Run auditpol and then configure the Security settings of the Domain Controllers OU.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

30. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Jill came down with 2.50.
Create a standard secondary of domain and create standard secondary of other domain.

31. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Role Separation
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Create a Central Store

32. To backup GPO's in domain and minimize bakcup...
Software Restriction Polices
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
The Group Policy Management Console
Multipath I/O feature

33. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Event Subscriptions
Then use Windows Deployment Services (WDS) on DHCP1.
Install the RSAT tool on their workstation to provide for more efficient network management
Use the Local Roles options with dsmgmt.

34. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Role Separation
Modify zone transfer settings for company.com zone on DCA
Network Load Balancing (NLB) cluster

35. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
ntdsutil
Refresh the zone on DNS2
View properties of %systemroot%ntdsntds.dit

36. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
The Group Policy Management console
Subnet object needs to be created
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Attach VHD file created by Windows server backup

37. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Restore-ADObject cmdlet
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Deploy a GPO to the WebSrvOU
Create a GPO and link the GPO to the domain then configure the GPO to be enforced

38. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Configure authorization rules for Web developers on each web server
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)

39. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Add the Windows Server Backup feature and Windows System Image recovery.
FFL Windows Server 2008 R2
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Back up to an external USB drive by using Windows Server Backup

40. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Incoming external trust
File Server Resource Manager (FSRM) quotas and file screens
Recommend Active Directory delegation

41. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Raise the DFL to Windows Server 2008 R2.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Ntdsutil

42. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
WSUS server in the branch office in replica mode.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Dfsrdiag

43. To ensure that recovery is possible if a file on a file server is deleted accidentally
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Implement Shadow Copies

44. To backup to tape/robotic tape and to backup VMs you must use...
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Modify the schema of LDSInst1
Microsoft System Center Data Protection Manager 2010
Implement a GPO for each domain

45. Can be used to install the Windows RE on existing servers
Event Subscriptions
WDS
ntdsutil
Modify the local policy to point to the Internal WSUS server

46. to increase the reliability of the print server - configure...
Ntdsutil
Execute the Set-ADServiceAccount cmdlet
Printer driver isolation
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise

47. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Install Windows Server Backup and modify the Windows firewall settings
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Configure offline files and enable manual caching
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.

48. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Implement Windows BitLocker Drive Encryption (BitLocker)
Event Viewer
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Deploy a GPO to the WebSrvOU

49. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Subnet object needs to be created
dnscmd
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP

50. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Microsoft Desktop Optimization Pack (MDOP) to your company
Modify the schema of LDSInst1
Implement Windows System Resource Manager (WSRM)
Perform an authoritative restore