SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Microsoft Desktop Optimization Pack (MDOP)
Dynamically expanding VHD's
From Server A - run Create Basic Task Wizard
Implement Windows System Resource Manager (WSRM) and configure user policies
2. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Purchase one additional Enterprise License
Execute the Set-ADServiceAccount cmdlet
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
3. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Deploy a GPO to the WebSrvOU
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Configure event log subscriptions
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
4. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Then use Windows Deployment Services (WDS)
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
dnscmd tool
5. To add a new UPN for all user accounts...
Assign the application to computers in the PC OU
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
AD Domains and Trusts
Configure block inheritance on the IT OU
6. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Site
Multipath I/O feature
Jill came down with 2.50.
Microsoft Desktop Optimization Pack (MDOP)
7. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
8. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Jill came down with 2.50.
Implement a domain-based DFS namespace that uses replication
Configure RODC for Administrator Role Separation
Dfsrdiag
9. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
The Group Policy Management console
Dsmgmt
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
dsa.msc - dsamain.exe - ntdsutil.exe
10. To compact AD database...
Microsoft System Center Data Protection Manager 2010
Purchase one additional Enterprise License
DSMOD
FILES option within Ntdsutil
11. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Properties of PSO need modified
Jill came down with 2.50.
Microsoft SharePoint Foundation 2010
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
12. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
Active Directory Users and Computers
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
13. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Enable - ADoptionalFeature cmdlet
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Add the Windows Server Backup feature and Windows System Image recovery.
14. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Microsoft SharePoint Foundation 2010
Upgrading DFS to Windows Server 2008 R2
Properties of PSO need modified
Test-AppLockerPolicy
15. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Active Directory Right Management Services (AD RMS)
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
16. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
17. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
802.1.x NAP
Passive file screens
Recommend Active Directory delegation
18. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
fsconfig on FSSrv2
Configure folder redirection
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
19. To determine size of AD database file...
View properties of %systemroot%ntdsntds.dit
Creating a data collector set that kick off a scritp that either move or delete files.
Enable - ADoptionalFeature cmdlet
Implement GPO for all client computers
20. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Deploy the Root CA certificate to the external computers.
802.1.x NAP
Create ADMX and ADML files. Configure the GPO and link it to the domain.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
21. To join a server/PC outside of the domain to the network...
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Back up to an external USB drive by using Windows Server Backup
djoin /requesteodj from internal server - djoin /provision from outside server/PC
22. To back up your Hyper-VMs and the Hyper-V host; for each VM -
AD Rights Management Services
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Back up to an external USB drive by using Windows Server Backup
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
23. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Configure caching on the shared folder and configure offline files to use encryption
Microsoft Application Virtualization (AppV)
DISABLE slow link detection in the GPO
24. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Implement a GPO for each domain
Zone transfer settings
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Deploy Microsoft System Center Operations Manager (SCOM)
25. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Configure caching on the shared folder and configure offline files to use encryption
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Group Policy Preferences
Configure offline files and enable manual caching
26. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Modify zone transfer settings for company.com zone on DCA
Include a server that runs Microsoft Office SharePoint Server 2010
Deploy the Root CA certificate to the external computers.
27. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
28. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Implement Network Access Protection (NAP)
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
IIS Chared Configuration
Deploy a failover cluster that uses Node and File Share Disk Majority
29. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Upgrading DFS to Windows Server 2008 R2
Execute the Set-ADServiceAccount cmdlet
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
30. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Windows XP Mode
Deploy a failover cluster that contains one node in each office.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
31. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Windows BitLocker Drive Encryption (Bit Locker)
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
32. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Then use Windows BitLocker Drive Encryption
33. If users complain that it is hard to find the shared folders on the network implement
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Additional DFS Targets
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Attach VHD file created by Windows server backup
34. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Use local roles options within "dsmgmt"
Ntfrsutil
Then configure GlobalNames zones on each domain controller.
WSUS server in the branch office in replica mode.
35. To delegate authority to users to manage only certain areas in Hyper-V use the
Configure block inheritance on the IT OU
Authorization Manager role assignment
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
DFL needs to be Windows Server 2008
36. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Group Policy Preferences
Network Load Balancing (NLB)
Deploy the Root CA certificate to the external computers.
Network Load Balancing (NLB) cluster
37. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Windows XP Mode
Add the user to the Domain Admins global group
Active Directory Users and Computers
Install From Media IFM
38. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Deploy it by using Group Policy Software Installation method
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Then use Windows Deployment Services (WDS)
Printer driver isolation
39. What should be done to resolve names by using GlobalNames zone?
Set-ADServiceAccount cmdlet
Add the new UPN Suffix to the forest
Ldp
dnscmd tool
40. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Create a new Password Settings Object (PSO) for the IT users.
Recommend Offline Files
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Event Log Subscriptions
41. You need to allow a user to add a single computer to a domain - without any additional rights...
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Microsoft System Center Data Protection Manager
Prestage the computer account in AD
Configure an audit policy by editing the default domain policy and configure Event Forwarding
42. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Group Policy Preferences
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Repadmin
43. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
FFL Windows Server 2008 R2
Your machine and remote desktops
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
44. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
Passive file screens
Windows Deployment Services (WDS)
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
45. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Configure Firewall Group Policies and link them at the Domain level
Data Recovery Agent
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
46. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
A relying party trust should be created.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
An Active Directory subnet object needs to be created.
47. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
Deploy the Root CA certificate to the external computers.
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Then use Windows Deployment Services (WDS)
48. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Authorization Manager role assignment
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Modify the local policy to point to the Internal WSUS server
49. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Deploy it by using Group Policy Software Installation method
Recommend Group Policy preferences
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
50. To backup GPO's in domain and minimize bakcup...
Install and share a printer on a server and then enable printer pooling.
Configure RODC for Administrator Role Separation
DSMOD
The Group Policy Management Console
