Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Use local roles options within "dsmgmt"
Install Microsoft Secure Socket Tunneling Protocol (SSTP)

2. If you need to encrypt all data on all disks
Configure block inheritance on the IT OU
Dfsrdiag
Then use Windows BitLocker Drive Encryption
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.

3. In order to ensure highly available Windows Update servers you should create this.
Set-ADServiceAccount cmdlet
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Enable Windows Remote Management (WinRM) on each server.

4. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Zone transfer settings
Then configure GlobalNames zones on each domain controller.
Run adprep /forestprep and adprep /domainprep
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition

5. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Configure folder redirection
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.

6. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Raise the DFL to Windows Server 2008 R2.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.

7. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
Assign the application to computers in the PC OU
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Group Policy Preferences
dnscmd

8. To restore deleted user account from AD Recycle Bin...
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Restore-ADObject cmdlet
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

9. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Configure Firewall Group Policies and link them at the Domain level
The Group Policy Management Console
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.

10. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Add the new UPN Suffix to the forest
Modify the schema of LDSInst1
Then configure auto enrollment of certificates and Credential Roaming.
Configure Firewall Group Policies and link them at the Domain level

11. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
A relying party trust should be created.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Incoming external trust

12. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
DSMOD
Windows BitLocker Drive Encryption (Bit Locker)
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.

13. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.

14. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
Multipath I/O feature
CAPublishGP group should have the Manage CA permission.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Raise the DFL to Windows Server 2008 R2.

15. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Windows System Resource Manager (WSRM)
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Implement Shadow Copies
Then install new Server 2008 R2 Enterprise subordinate CA.

16. 4 steps to perform authoritative restore of a deleted OU...
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Certificate Templates
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller

17. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Create a MEDV workspace
Windows BitLocker Drive Encryption (Bit Locker)
Recommend GPT and basic disks

18. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
From Server A - run Create Basic Task Wizard
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.

19. To determine size of AD database file...
View properties of %systemroot%ntdsntds.dit
Distributed File System (DFS) Replication
Subnet object needs to be created
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.

20. To join a server/PC outside of the domain to the network...
Get-ADUser cmdlet
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations

21. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Data Recovery Agent
Domain based DFS namespace and configure a DFS replication group
Active Directory Right Management Services (AD RMS)

22. To prevent account password from being cached on RODC server...
Modify properties of RODC server computer account.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
From Server A - run Create Basic Task Wizard
Then use on install image file that contains a single install image.

23. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Implement Windows System Resource Manager (WSRM)
Deploy it by using Group Policy Software Installation method
Offline domain join
Group Policy Preferences

24. If you need to ensure that data is protected by BitLocker then you will...
Install From Media IFM
Modify properties of RODC server computer account.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
NOT be able to store that data on an iSCSI SAN

25. to increase the reliability of the print server - configure...
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Add George to the Domain Admins group.
Printer driver isolation
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.

26. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Create an e-mail account in AD DS for your RMS users
Winrm quickconfig
MEDV to deploy virtual desktops

27. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Implement a GPO for each domain
Domain based Distributed File System (DFS) will reduce network traffic
Recommend Group Policy preferences
Install From Media IFM

28. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Microsoft System Center Data Protection Manager 2010
Windows Server 2003
Role Separation
Recommend GPT and basic disks

29. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
CAPublishGP group should have the Manage CA permission.
Site

30. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Then configure auto enrollment of certificates and Credential Roaming.
Enable Windows Remote Management (WinRM) on each server.
Encrypting File System (EFS). This can be enabled locally or through a GPO.

31. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
CAPublishGP group should have the Manage CA permission.
Zone transfer settings
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Configure folder redirection

32. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

33. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Distributed File System (DFS) Replication
Winrm quickconfig
Implement Shadow Copies
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.

34. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Modify the schema of LDSInst1
Add the Windows Server Backup feature and Windows System Image recovery.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events

35. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Deploy a failover cluster that contains one node in each office.
Microsoft Application Virtualization (AppV)
Microsoft System Center Data Protection Manager
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.

36. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Windows BitLocker Drive Encryption (Bit Locker)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.

37. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Configure block inheritance on the IT OU
Windows System Resource Manager (WSRM)
Dsmgmt
Deploy a failover cluster that contains one node in each office.

38. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Encrypting File System (EFS). This can be enabled locally or through a GPO.
The Group Policy Management Console
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Recommend Active Directory delegation

39. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Role Separation
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Assign the application to all client computers by using a GPO.

40. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Backup operator's domain local group
Upgrading DFS to Windows Server 2008 R2
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement a GPO for each domain

41. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Configure block inheritance on the IT OU
Then configure GlobalNames zones on each domain controller.

42. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Microsoft Desktop Optimization Pack (MDOP) to your company
FFL Windows Server 2008 R2
Improve the performance of File Servers
Implement a GPO for each domain

43. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Enable Credential Roaming
Set-ADServiceAccount cmdlet
Use local roles options within "dsmgmt"
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.

44. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Authorization Manager role assignment
Creating a data collector set that kick off a scritp that either move or delete files.
Configure caching on the shared folder and configure offline files to use encryption

45. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Event Log Subscriptions
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.

46. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Deploy it by using Group Policy Software Installation method
Domain based Distributed File System (DFS) will reduce network traffic
Increase the tombstone lifetime for the forest.
IIS Chared Configuration

47. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Implement Windows System Resource Manager (WSRM)
Configure folder redirection
Import-Module
Network Load Balancing (NLB)

48. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Backup operator's domain local group
Disable Site Link Bridging from the IP properties
Add the Windows Server Backup feature and Windows System Image recovery.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.

49. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Domain based Distributed File System (DFS) will reduce network traffic
Microsoft Desktop Optimization Pack (MDOP) to your company
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Ntfrsutil

50. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
Microsoft Desktop Optimization Pack (MDOP)
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
The Group Policy Management Console
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

MSITP

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests