SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To compact AD database...
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
FILES option within Ntdsutil
2. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Deploy a failover cluster that uses Node and File Share Disk Majority
Additional DFS Targets
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
3. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Then configure GlobalNames zones on each domain controller.
DSMOD - ADUC
Purchase one additional Enterprise License
Configure block inheritance on the IT OU
4. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
Passive file screens
Restore-ADObject cmdlet
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
5. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Event Viewer
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Implement GPO for all client computers
Microsoft Desktop Optimization Pack (MDOP)
6. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Recommend Active Directory delegation
Configure Firewall Group Policies and link them at the Domain level
Implement a GPO for each domain
Create an e-mail account in AD DS for your RMS users.
7. Can be used to install the Windows RE on existing servers
Raise the DFL to Windows Server 2008 R2.
WDS
Implement Windows System Resource Manager (WSRM) and configure user policies
Add George to the Domain Admins group.
8. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Use CISCO IP Helper command to configure.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
9. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Use a GPO to configure device installation restrictions
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Domain based DFS namespace and configure a DFS replication group
10. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Passive file screens
Implement Windows System Resource Manager (WSRM)
11. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Administrative Role Separation
Autonomous mode...This allows the local administrator to approve their own updates.
Active Directory Right Management Services (AD RMS)
12. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Create an e-mail account in AD DS for your RMS users
AD RMS
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
13. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Implement Network Access Protection (NAP)
Creating a data collector set that kick off a scritp that either move or delete files.
Test-AppLockerPolicy
Autonomous mode...This allows the local administrator to approve their own updates.
14. to prevent VMs from receiving updats from a group policy
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Printer driver isolation
Repadmin
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
15. Striped volumes
Authorization Manager
Implement Network Access Protection (NAP)
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Improve the performance of File Servers
16. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Winrm quickconfig
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
17. Capture all replication errors from all your DCs to a central location...
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Configure event log subscriptions
Then use on install image file that contains a single install image.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
18. A specific application requires registry modifications to be in place before installing; you should use
Group Policy Preferences
Create a Central Store
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
19. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Enable Credential Roaming
dsa.msc - dsamain.exe - ntdsutil.exe
Administrators is the minimum group membership required to complete this procedure.
Microsoft SharePoint Foundation 2010
20. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Deploy a failover cluster that contains one node in each office.
DSMOD
Use Netsh tool from administrator's computer.
Create a Central Store
21. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Microsoft System Center Data Protection Manager
Active Directory Users and Computers utility
Include a server that runs Microsoft Office SharePoint Server 2010
IIS Chared Configuration
22. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Distributed File System (DFS) Replication
Winrm quickconfig
23. You need to recommend a BitLocker recovery method you should recommend this.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Data Recovery Agent
ntdsutil
24. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Domain based Distributed File System (DFS) will reduce network traffic
Repadmin
Create a Central Store
25. You need to allow a user to add a single computer to a domain - without any additional rights...
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Prestage the computer account in AD
Install From Media IFM
Disable Site Link Bridging from the IP properties
26. If subnets are connected by CISCO router that is RFC-1542 compliant
Configure authorization rules for Web developers on each web server
Configure caching on the shared folder and configure offline files to use encryption
Use CISCO IP Helper command to configure.
Get-ADUser cmdlet
27. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Additional DFS Targets
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
CAPublishGP group should have the Manage CA permission.
28. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
View properties of %systemroot%ntdsntds.dit
Storage manager for SANs
Network Load Balancing (NLB) cluster
Configure an audit policy by editing the default domain policy and configure Event Forwarding
29. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Enable Windows Remote Management (WinRM) on each server.
Recommend Group Policy preferences
Implement Windows System Resource Manager (WSRM) and configure user policies
30. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Install From Media IFM
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Test-AppLockerPolicy
31. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
IIS Chared Configuration
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
32. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Run net stop ntds
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Modify the schema of LDSInst1
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
33. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Microsoft SharePoint Foundation 2010
Dfsrdiag
Raise the DFL to Windows Server 2008 R2.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
34. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Windows BitLocker Drive Encryption (Bit Locker)
Microsoft System Center Data Protection Manager
Site
Enable Windows Remote Management (WinRM) on each server.
35. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Zone transfer settings
Implement one LUN for the quorum and another LUN for the data
PDC emulator with w32tm.exe
36. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Disable Site Link Bridging from IP Properties
AD Rights Management Services
Configure caching on the shared folder and configure offline files to use encryption
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
37. If you need to encrypt all data on all disks
DISABLE slow link detection in the GPO
Group Policy Preferences
Then use Windows BitLocker Drive Encryption
Configure block inheritance on the IT OU
38. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Enable Windows Remote Management (WinRM) on the servers.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Storage manager for SANs
39. You need to design your WSUS infrastructure so that updates are highly available. To do so
Domain based Distributed File System (DFS) namespace and DFS Replication.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
File Server Resource Manager (FSRM) quotas and file screens
40. To ensure that recovery is possible if a file on a file server is deleted accidentally
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Raise the DFL to Windows Server 2008 R2.
Implement Shadow Copies
41. GPO setting to prevent all users from running an application
An Active Directory subnet object needs to be created.
Software Restriction Polices
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
dnscmd
42. An AD LDS instance needs to be replicated from one server to another...
Implement the Windows Search Service.
The Group Policy Management Console
Service user account for AD LDS
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
43. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Active Directory Right Management Services (AD RMS)
Add the new UPN Suffix to the forest
44. to increase the reliability of the print server - configure...
Printer driver isolation
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Include a server that runs Microsoft Office SharePoint Server 2010
Implement a Remote Desktop Connection Broker (RD Connection Broker)
45. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Use the Local Roles options with dsmgmt.
Add the new UPN Suffix to the forest
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Implement File Server Resource Manager (FSRM) quotas on the desired servers
46. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Microsoft System Center Data Protection Manager
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Site
47. FFL is...
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Win2000
Prestage the computer account in AD
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
48. To recover objects deleted from Active Directory you should recommend
Domain based Distributed File System (DFS) namespace and DFS Replication.
Active Directory snapshots and Tombstone reanimation
Microsoft System Center Data Protection Manager
Disable Site Link Bridging from the IP properties
49. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Create a Central Store
Windows Server 2003
50. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Perform an authoritative restore
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Set-ADServiceAccount cmdlet
