SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
DSMOD
Set-ADServiceAccount cmdlet
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
2. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Ntfrsutil
Implement Network Access Protection (NAP) that uses 802.1x enforcement
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
3. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Authorization Manager
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Use local roles options within "dsmgmt"
4. to prevent VMs from receiving updats from a group policy
Configure Firewall Group Policies and link them at the Domain level
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
DFL needs to be Windows Server 2008
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
5. An AD LDS instance needs to be replicated from one server to another...
Service user account for AD LDS
Then use Windows Deployment Services (WDS)
ntdsutil
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
6. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
ntdsutil
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Ntfrsutil
7. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Create ADMX and ADML files. Configure the GPO and link it to the domain.
dsa.msc - dsamain.exe - ntdsutil.exe
Distributed File System (DFS) Replication
Basic Authentication and SSL
8. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Modify the GPO to include folder redirection
Raise the DFL to Windows Server 2008 R2.
dsa.msc - dsamain.exe - ntdsutil.exe
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
9. What role to keep same time as an external server?
PDC emulator with w32tm.exe
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Use local roles options within "dsmgmt"
10. You need to ensure that the guest account on all servers is disabled to
IIS Manager user account
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Then configure auto enrollment of certificates and Credential Roaming.
11. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Enable Credential Roaming
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Dfsrdiag
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
12. FFL is...
Microsoft System Center Data Protection Manager
Dsmgmt
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Win2000
13. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Then use Windows Deployment Services (WDS)
The Group Policy Management Console
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
14. In order to manage websites without having to logon you can use
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
PowerShell 2.0
From Server A - run Create Basic Task Wizard
15. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Recommend GPT and basic disks
Install Windows Server Backup and modify the Windows firewall settings
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
16. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
dnscmd tool
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Enable Windows Remote Management (WinRM) on each server.
17. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Import-Module
Modify zone transfer settings for company.com zone on DCA
18. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Implement Distributed File System Replication (DFSR) on both servers
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
20. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Configure Firewall Group Policies and link them at the Domain level
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Administrators is the minimum group membership required to complete this procedure.
21. A specific application requires registry modifications to be in place before installing; you should use
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Group Policy Preferences
22. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Add the Windows Server Backup feature and Windows System Image recovery.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Create a new Password Settings Object (PSO) for the IT users.
23. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Create an e-mail account in AD DS for your RMS users.
Add the user to the Domain Admins global group
Active Directory Domains and Trusts
Incoming external trust
24. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
Then install new Server 2008 R2 Enterprise subordinate CA.
Add the new UPN suffix to the forest.
CAPublishGP group should have the Manage CA permission.
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
25. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Configure event log subscriptions
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
IIS Manager user account
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
26. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
From Server A - run Create Basic Task Wizard
Microsoft Application Virtualization (AppV)
27. You need to recommend a BitLocker recovery method you should recommend this.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Data Recovery Agent
Modify the GPO to include folder redirection
28. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Role Separation
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Implement a GPO for each domain
29. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Test-AppLockerPolicy
Install the RSAT tool on their workstation to provide for more efficient network management
Install From Media IFM
30. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
NOT be able to store that data on an iSCSI SAN
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Windows XP Mode
An Active Directory subnet object needs to be created.
31. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Test-AppLockerPolicy
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Configure authorization rules for Web developers on each web server
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
32. File that contains the last logon time and custom attributes values for each user in your forest.
Active Directory snapshots and Tombstone reanimation
Get-ADUser cmdlet
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Repadmin
33. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Implement Shadow Copies
Add the user to the Domain Admins global group
Run adprep /forestprep and adprep /domainprep
34. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Properties of PSO need modified
35. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Perform an authoritative restore
Windows XP Mode
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
36. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Raise the DFL to Windows Server 2008 R2.
Passive file screens
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Deploy a GPO to the WebSrvOU
38. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Modify the local policy to point to the Internal WSUS server
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Configure Audit Special Logon and define Special Groups
Then use Windows Deployment Services (WDS) on DHCP1.
39. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Modify properties of RODC server computer account.
FFL Windows Server 2008 R2
Enable Credential Roaming
Authorization Manager role assignment
40. To enable the AD Recycle Bin
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Enable - ADoptionalFeature cmdlet
Create a Central Store
Ensure your account - or the group is a member of the local Administrators group for that specific server.
41. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Domain based DFS namespace and configure a DFS replication group
42. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Create an Active Directory-Integrated zone.
Install From Media IFM
Recommend Group Policy preferences
Backup operator's domain local group
43. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Set-ADServiceAccount cmdlet
Win2000 Native
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Configure caching on the shared folder (offline files)
44. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
45. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
PDC emulator with w32tm.exe
Configure separate application pools for each application
46. To allow a user to administer Active Directory
Add the user to the Domain Admins global group
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Disable Site Link Bridging from IP Properties
47. When recommending a monitoring solution for an application so that it's events can be stored in a central
Create a Central Store
Implement a domain-based DFS namespace that uses replication
Event Subscriptions
Network Load Balancing (NLB)
48. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Offline domain join
Microsoft Application Virtualization (AppV)
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
49. If you need to be able to create shared folders on Server 2008 R2
Increase the tombstone lifetime for the forest.
Enable - ADoptionalFeature cmdlet
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
50. Tool to change Directory Services Restore Mode password on Domain Controller...
ntdsutil
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Use local roles options within "dsmgmt"
