SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
MEDV to deploy virtual desktops
Active Directory Right Management Services (AD RMS)
2. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Create a Network Load Balancing cluster.
Prestage the computer account in AD
Domain based DFS namespace and configure a DFS replication group
WSUS server in the branch office in replica mode.
3. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Deploy a failover cluster that contains one node in each office.
Zone transfer settings
4. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Assign the application to all client computers by using a GPO.
Group Policy Preferences
Storage manager for SANs
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
5. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Create a MEDV workspace
NOT be able to store that data on an iSCSI SAN
Distributed File System (DFS) Replication
6. To defragment and AD database...
Authorization Manager
Then use on install image file that contains a single install image.
net stop ntds
From Server1 - run the Create Basic Task Wizard
7. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
Then configure GlobalNames zones on each domain controller.
FFL Windows Server 2008 R2
Modify the GPO to include folder redirection
Create a MEDV workspace
8. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Role Separation
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Windows XP Mode
9. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Recommend GPT and basic disks
Modify the GPO to include folder redirection
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
10. Striped volumes
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Improve the performance of File Servers
11. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Implement the Windows Search Service.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Passive file screens
Test-AppLockerPolicy
12. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Create ADMX and ADML files. Configure the GPO and link it to the domain.
13. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Then use Windows Deployment Services (WDS) on DHCP1.
Configure caching on the shared folder (offline files)
Basic Authentication and SSL
Install Windows Server Backup and modify the Windows firewall settings
14. To configure Administrator Role Separation for an RODC
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Refresh the zone on DNS2
Dfsrdiag
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
15. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Configure the zone as an Activde Directory-Integrated zone.
Increase the tombstone lifetime for the forest.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
16. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Upgrading DFS to Windows Server 2008 R2
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Deploy a GPO for the Sales OU
Implement one LUN for the quorum and another LUN for the data
17. If you need to be able to create shared folders on Server 2008 R2
Refresh the zone on DNS2
Encrypting File System (EFS). This can be enabled locally or through a GPO.
WSUS server in the branch office in replica mode.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
18. To delegate authority to users to manage only certain areas in Hyper-V use the
Authorization Manager role assignment
Domain based Distributed File System (DFS) will reduce network traffic
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
802.1.x NAP
19. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Test-AppLockerPolicy
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
IIS Chared Configuration
20. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Configure the zone as an Activde Directory-Integrated zone.
A Distributed File System (DFS) namespace
Windows Deployment Services (WDS)
Run net stop ntds
21. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
22. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Modify zone transfer settings for company.com zone on DCA
Multipath I/O feature
A Distributed File System (DFS) namespace
An Active Directory subnet object needs to be created.
23. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Include a server that runs Microsoft Office SharePoint Server 2010
Import-Module
Group Policy Preferences
Modify zone transfer settings for company.com zone on DCA
24. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Add the new UPN Suffix to the forest
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
25. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Active Directory Users and Computers utility
Configure RODC for Administrator Role Separation
Execute the Set-ADServiceAccount cmdlet
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
26. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. To backup Virtual Machines
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
28. To create and additional AD LDS applicaiton directory partition in existing instance...
Win2000 Native
AD Rights Management Services
Disable Site Link Bridging from the IP properties
Ldp
29. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Configure caching on the shared folder and configure offline files to use encryption
FFL Windows Server 2008 R2
Distributed File System (DFS) Replication
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
31. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Then use Windows BitLocker Drive Encryption
ntdsutil
Dfsrdiag
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
32. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
dnscmd
Modify properties of RODC server computer account.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
33. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Winrm quickconfig
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
34. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Microsoft Desktop Optimization Pack (MDOP)
Then configure auto enrollment of certificates and Credential Roaming.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Then configure GlobalNames zones on each domain controller.
35. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Add the Windows Server Backup feature and Windows System Image recovery.
View properties of %systemroot%ntdsntds.dit
Deploy it by using Group Policy Software Installation method
Software Restriction Polices
36. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Purchase one additional Enterprise License
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
37. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Ldp
Changed manually
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Enable Windows Remote Management (WinRM) on each server.
38. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Utilize IFM (Install From Media)
Implement folder redirection by using GPO. Then backup the folder redirection target.
Microsoft System Center Data Protection Manager
Microsoft System Center Data Protection Manager 2010
39. If you need to delegate control of server to remote admins group
Repadmin
From Server A - run Create Basic Task Wizard
Windows System Resource Manager (WSRM)
Configure RODC for Administrator Role Separation
40. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
A Distributed File System (DFS) namespace
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Authorization Manager
41. To enable the AD Recycle Bin
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Enable - ADoptionalFeature cmdlet
AD Domains and Trusts
42. You need to recommend a BitLocker recovery method you should recommend this.
View properties of %systemroot%ntdsntds.dit
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Recommend Group Policy preferences
Data Recovery Agent
43. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Assign the application to computers in the PC OU
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Raise the DFL to Windows Server 2008 R2.
44. A specific application requires registry modifications to be in place before installing; you should use
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Recommend Group Policy preferences
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Group Policy Preferences
45. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
46. You need to ensure that the guest account on all servers is disabled to
Create a Central Store
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Install From Media IFM
47. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Authorization Manager role assignment
Create a standard secondary of domain and create standard secondary of other domain.
Implement one LUN for the quorum and another LUN for the data
Deploy a failover cluster that uses Node and File Share Disk Majority
48. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Then use Windows BitLocker Drive Encryption
Configure caching on the shared folder (offline files)
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Implement Distributed File System Replication (DFSR) on both servers
49. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Run adprep /forestprep and adprep /domainprep
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
50. For the users that work remotely that need access to files from the corporate office you should...
Recommend Offline Files
Modify the schema of LDSInst1
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
