SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What role to keep same time as an external server?
Administrative Role Separation
Configure authorization rules for Web developers on each web server
PDC emulator with w32tm.exe
Registry on users computer needs to be modified
2. To allow connection to a 256 Kbps ISDN...
DISABLE slow link detection in the GPO
Disable Site Link Bridging from the IP properties
Add the user to the Domain Admins global group
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
3. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
NOT be able to store that data on an iSCSI SAN
Zone transfer settings
Add the new UPN Suffix to the forest
4. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Microsoft SharePoint Foundation 2010
Group Policy Preferences
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Event Subscriptions
5. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Ldp
Assign the application to computers in the PC OU
dnscmd
6. If you want to implement BitLocker and store recovery informaiton in a central location
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Configure block inheritance on the IT OU
7. What utility is used to see what accounts cached on RODC?
Then use Windows Deployment Services (WDS)
Active Directory Users and Computers
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Zone transfer settings
8. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Install and share a printer on a server and then enable printer pooling.
FILES option within Ntdsutil
Configure authorization rules for Web developers on each web server
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
9. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
The Group Policy Management console
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
10. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Passive file screens
Configure offline files and enable manual caching
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
11. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Use a GPO to configure device installation restrictions
12. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Microsoft Desktop Optimization Pack (MDOP) to your company
Dfsrdiag
Windows XP Mode
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
13. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Raise the DFL to Windows Server 2008 R2.
Utilize IFM (Install From Media)
Administrators is the minimum group membership required to complete this procedure.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
14. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Implement a GPO for each domain
Win2000
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
15. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Discover the run Microsoft Baseline Security Analyzer (MBSA)
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Then configure auto enrollment of certificates and Credential Roaming.
16. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
PDC emulator with w32tm.exe
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
17. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Active Directory snapshots and Tombstone reanimation
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Create a standard secondary of domain and create standard secondary of other domain.
18. When one needs to audit files - folders - printers and the registry enable
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Ntdsutil
WSUS server in the branch office in replica mode.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
19. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Create a standard secondary of domain and create standard secondary of other domain.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Creating a data collector set that kick off a scritp that either move or delete files.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
20. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy a GPO to the WebSrvOU
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Create and deploy a logon script that runs Auditpol.
Use CISCO IP Helper command to configure.
21. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
FFL Windows Server 2008 R2
Add the new UPN suffix to the forest.
Properties of PSO need modified
22. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Configure Firewall Group Policies and link them at the Domain level
File Server Resource Manager (FSRM) quotas and file screens
23. To back up your Hyper-VMs and the Hyper-V host; for each VM -
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Create a new Password Settings Object (PSO) for the IT users.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
24. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
DSMOD - ADUC
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Purchase one additional Enterprise License
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
25. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Purchase one additional Enterprise License
Execute the Set-ADServiceAccount cmdlet
Discover the run Microsoft Baseline Security Analyzer (MBSA)
26. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Windows System Resource Manager (WSRM)
Implement GPO for all client computers
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Get-ADUser cmdlet
27. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Use local roles options within "dsmgmt"
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Create an e-mail account in AD DS for your RMS users.
Winrm quickconfig
28. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
29. If you want to allow single-label name resolution
net stop ntds
Deploy the Root CA certificate to the external computers.
Then configure GlobalNames zones on each domain controller.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
30. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
802.1.x NAP
Implement a domain-based DFS namespace that uses replication
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Import-Module
31. to protect file servers and hard disks that may be at risk of being accessed or stolen
DSMOD - ADUC
Back up to an external USB drive by using Windows Server Backup
Implement Windows BitLocker Drive Encryption (BitLocker)
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
32. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Then use Windows BitLocker Drive Encryption
Enable Windows Remote Management (WinRM) on the servers.
33. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Create a new Password Settings Object (PSO) for the IT users.
Group Policy Preferences
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Network Load Balancing (NLB)
34. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Autonomous mode...This allows the local administrator to approve their own updates.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Event Log Subscriptions
35. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Distributed File System (DFS) Replication
Enable Credential Roaming
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
36. To determine size of AD database file...
Basic Authentication and SSL
View properties of %systemroot%ntdsntds.dit
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
IIS Manager user account
37. To create and additional AD LDS applicaiton directory partition in existing instance...
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Ldp
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
38. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Implement a GPO for each domain
Ntfrsutil
Microsoft SharePoint Foundation 2010
Add George to the Domain Admins group.
39. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Win2000 Native
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
40. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Test-AppLockerPolicy
Data Recovery Agent
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
41. To replicate SYSVOL using Distributed File System Replication (DFSR)...
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Implement Windows System Resource Manager (WSRM) and configure user policies
DFL needs to be Windows Server 2008
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
42. To modify several user accounts to a new UPN suffix
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Active Directory Users and Computers utility
Run adprep /forestprep and adprep /domainprep
43. To backup Virtual Machines
Recommend Group Policy preferences
Create a Central Store
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
44. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Get-ADUser cmdlet
Create a Central Store
Implement Windows BitLocker Drive Encryption (BitLocker)
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
45. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Group Policy Preferences
DISABLE slow link detection in the GPO
Basic Authentication and SSL
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
46. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Run net stop ntds
Create a MEDV workspace
47. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. You need a solution that meets policy while minimizing hardware and software costs
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
DSMOD
Authorization Manager role assignment
Create a new Password Settings Object (PSO) for the IT users.
49. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
The Group Policy Management Console
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
50. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Event Log Subscriptions
Implement a domain-based DFS namespace that uses replication
Event Subscriptions
Configure caching on the shared folder (offline files)
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests