Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. You have a main office that contains two domain controllers and a branch office that has an RODC. What should be done so that a user named George can install updates on the RODC while preventing George from logging on to any other domain controller?
Use the Local Roles options with dsmgmt.
Active Directory Users and Computers utility
Site
Execute the Active Directory Diagnostics Data Collector Set and then review the report.

2. You need to design your WSUS infrastructure so that updates are highly available. To do so
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Install From Media IFM
AD Domains and Trusts
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files

3. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Assign the application to all client computers by using a GPO.
Repadmin
Data Recovery Agent
Active Directory Domains and Trusts

4. PowerShell script to create user accounts with passwords from a file called password.csv
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Use Netsh tool from administrator's computer.
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Deploy it by using Group Policy Software Installation method

5. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Software Restriction Polices
ntdsutil
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Microsoft Application Virtualization (AppV)

6. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Enable Windows Remote Management (WinRM) on each server.
FILES option within Ntdsutil
Implement a domain-based DFS namespace that uses replication
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.

7. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Then configure auto enrollment of certificates and Credential Roaming.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Install Microsoft Secure Socket Tunneling Protocol (SSTP)

8. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Offline domain join
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
IIS Manager user account
Restore-ADObject cmdlet

9. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Active Directory Domains and Trusts
The Group Policy Management console
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).

10. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Create and deploy a logon script that runs Auditpol.
Implement Network Access Protection (NAP)
Refresh the zone on DNS2

11. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install Hyper-V role and convert physical machines into virtual machines
WSUS server in the branch office in replica mode.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
WDS

12. DFL is...
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Administrative Role Separation
Refresh the zone on DNS2
Win2000 Native

13. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Active Directory Domains and Trusts
Use Netsh tool from administrator's computer.
Upgrading DFS to Windows Server 2008 R2
NOT be able to store that data on an iSCSI SAN

14. 4 steps to perform authoritative restore of a deleted OU...
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Execute the Set-ADServiceAccount cmdlet
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Add the new UPN Suffix to the forest

15. You need a solution that meets policy while minimizing hardware and software costs
Passive file screens
Implement one LUN for the quorum and another LUN for the data
Create a new Password Settings Object (PSO) for the IT users.
Then install new Server 2008 R2 Enterprise subordinate CA.

16. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Disable Site Link Bridging from IP Properties
Authorization Manager
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Windows XP Mode

17. To backup to tape/robotic tape and to backup VMs you must use...
Configure caching on the shared folder and configure offline files to use encryption
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Implement Distributed File System Replication (DFSR) on both servers
Microsoft System Center Data Protection Manager 2010

18. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Disable Site Link Bridging from the IP properties
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Then use on install image file that contains a single install image.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.

19. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

20. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
FILES option within Ntdsutil
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Configure the zone as an Activde Directory-Integrated zone.

21. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Windows System Resource Manager (WSRM)
Recommend Offline Files
Certificate Templates
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.

22. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Configure caching on the shared folder (offline files)
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Upgrading DFS to Windows Server 2008 R2
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.

23. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Then use Windows Deployment Services (WDS)
Creating a data collector set that kick off a scritp that either move or delete files.
Deploy Microsoft System Center Operations Manager (SCOM)
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.

24. Need to ensure users receive updated template within five days...
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Registry on users computer needs to be modified
Improve the performance of File Servers
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.

25. What should be done first to defragment the AD database?
Run net stop ntds
Recommend Offline Files
Add George to the Domain Admins group.
fsconfig on FSSrv2

26. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Install From Media IFM
Enable Credential Roaming
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up

27. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Import-Module
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.

28. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Implement one LUN for the quorum and another LUN for the data

29. If a file server reaches 15% free disk space - you could free up some disk space by
Test-AppLockerPolicy
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Creating a data collector set that kick off a scritp that either move or delete files.
Install the RSAT tool on their workstation to provide for more efficient network management

30. You need to ensure that the guest account on all servers is disabled to
AD RMS
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Run auditpol and then configure the Security settings of the Domain Controllers OU.

31. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Run the Delegation of Control Wizard on the Staff OU
Upgrading DFS to Windows Server 2008 R2
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management

32. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Recommend Group Policy preferences

33. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
A Distributed File System (DFS) namespace
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
From Server1 - run the Create Basic Task Wizard

34. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Attach VHD file created by Windows server backup
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Configure folder redirection
Dfsrdiag

35. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Add George to the Domain Admins group.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Windows Server 2003
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.

36. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Disable Site Link Bridging from the IP properties
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Group Policy Preferences

37. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Event Log Subscriptions
Use the Local Roles options with dsmgmt.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Utilize IFM (Install From Media)

38. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Autonomous mode...This allows the local administrator to approve their own updates.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Active Directory Users and Computers utility

39. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Ntfrsutil
Dfsrdiag
Enable Windows Remote Management (WinRM) on the servers.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.

40. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Active Directory Right Management Services (AD RMS)
Recommend Active Directory delegation

41. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Create an e-mail account in AD DS for your RMS users
Group Policy Preferences
Dfsrdiag

42. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Active Directory Right Management Services (AD RMS)
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
AD Rights Management Services

43. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Configure Audit Special Logon and define Special Groups
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Configure separate application pools for each application
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise

44. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Then install new Server 2008 R2 Enterprise subordinate CA.
Then configure GlobalNames zones on each domain controller.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology

45. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Add George to the Domain Admins group.
Implement Distributed File System Replication (DFSR) on both servers
Configure event log subscriptions
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.

46. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Microsoft System Center Data Protection Manager
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service

47. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Group Policy Preferences
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Create a standard secondary of domain and create standard secondary of other domain.
Add the new UPN suffix to the forest.

48. Enables you to receive emails when domain users locked out of accounts...
Create an e-mail account in AD DS for your RMS users.
Event Viewer
Site
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.

49. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

50. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
An Active Directory subnet object needs to be created.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.