SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Basic Authentication and SSL
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Then use Windows BitLocker Drive Encryption
2. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
3. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Include a server that runs Microsoft Office SharePoint Server 2010
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Modify zone transfer settings for company.com zone on DCA
4. Can be used to install the Windows RE on existing servers
AD RMS
WDS
Implement GPO for all client computers
Site
5. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Implement folder redirection by using GPO. Then backup the folder redirection target.
Enable Windows Remote Management (WinRM) on the servers.
Ntdsutil
Deploy a GPO for the Sales OU
6. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Your machine and remote desktops
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
7. If you need to delegate control of server to remote admins group
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Configure RODC for Administrator Role Separation
Add the new UPN suffix to the forest.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
8. New password settings object (PSO) created and needs to be applied to user
Creating a data collector set that kick off a scritp that either move or delete files.
Properties of PSO need modified
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Implement the Windows Search Service.
9. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Implement one LUN for the quorum and another LUN for the data
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
10. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Import-Module
Install From Media IFM
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
11. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Folder redirection. Folder redirection is also useful when using roamin profiles.
WSUS server in the branch office in replica mode.
Add the Windows Server Backup feature and Windows System Image recovery.
12. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Ntfrsutil
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Backup operator's domain local group
Disable Site Link Bridging from IP Properties
13. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
DISABLE slow link detection in the GPO
DSMOD - ADUC
Dsmgmt
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
14. To be able to manage all the corporate servers from a workstation - you must install the
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
15. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Test-AppLockerPolicy
802.1.x NAP
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Folder redirection. Folder redirection is also useful when using roamin profiles.
16. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Windows BitLocker Drive Encryption (Bit Locker)
17. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Printer driver isolation
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
18. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
Increase the tombstone lifetime for the forest.
FILES option within Ntdsutil
Ldp
Enable Windows Remote Management (WinRM) on the servers.
19. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Implement one LUN for the quorum and another LUN for the data
Raise the DFL to Windows Server 2008 R2.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Microsoft SharePoint Foundation 2010
20. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Deploy Microsoft System Center Operations Manager (SCOM)
A relying party trust should be created.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
21. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Basic Authentication and SSL
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
22. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
A Distributed File System (DFS) namespace
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
23. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Repadmin
Create a standard secondary of domain and create standard secondary of other domain.
Enable Windows Remote Management (WinRM) on each server.
Execute the Set-ADServiceAccount cmdlet
24. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Then configure GlobalNames zones on each domain controller.
25. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Use the Local Roles options with dsmgmt.
Increase the tombstone lifetime for the forest.
Role Separation
26. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Use Netsh tool from administrator's computer.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
27. To join a server/PC outside of the domain to the network...
Assign the application to computers in the PC OU
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
28. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Use Netsh tool from administrator's computer.
Event Log Subscriptions
Configure the zone as an Activde Directory-Integrated zone.
Purchase one additional Enterprise License
29. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Win2000
Create an e-mail account in AD DS for your RMS users
Run auditpol and then configure the Security settings of the Domain Controllers OU.
30. to prevent VMs from receiving updats from a group policy
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Dsmgmt
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
31. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Microsoft Application Virtualization (AppV)
Windows Server 2003
Attach VHD file created by Windows server backup
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
32. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Add the new UPN suffix to the forest.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement Windows System Resource Manager (WSRM)
Create an Active Directory-Integrated zone.
33. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Dfsrdiag
MEDV to deploy virtual desktops
The Group Policy Management console
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
34. To add a server with AD FS 2.0 role to an existing AD FS farm...
Enable - ADoptionalFeature cmdlet
fsconfig on FSSrv2
Then use Windows Deployment Services (WDS)
Modify the local policy to point to the Internal WSUS server
35. When deploying an application using the Group Policy distribution method assign the...
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Improve the performance of File Servers
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Create and deploy a logon script that runs Auditpol.
36. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
Configure separate application pools for each application
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
DFL needs to be Windows Server 2008
Recommend Active Directory delegation
37. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Disable Site Link Bridging from the IP properties
38. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Offline domain join
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Add George to the Domain Admins group.
Site
39. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
802.1.x NAP
Windows Deployment Services (WDS)
40. To determine size of AD database file...
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
View properties of %systemroot%ntdsntds.dit
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
41. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Include a server that runs Microsoft Office SharePoint Server 2010
Create an e-mail account in AD DS for your RMS users
42. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Disable Site Link Bridging from the IP properties
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Administrators is the minimum group membership required to complete this procedure.
New ACCOUNT STORE should be added and configured
43. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
IIS Manager user account
FILES option within Ntdsutil
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
44. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
45. If you need to allow an external partner's computer to access internal network resources by using SSTP
IIS Chared Configuration
Modify the GPO to include folder redirection
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Deploy the Root CA certificate to the external computers.
46. If a file server reaches 15% free disk space - you could free up some disk space by
Create an Active Directory-Integrated zone.
Creating a data collector set that kick off a scritp that either move or delete files.
CAPublishGP group should have the Manage CA permission.
Then configure auto enrollment of certificates and Credential Roaming.
47. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Active Directory Domains and Trusts
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Install Hyper-V role and convert physical machines into virtual machines
48. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
A Distributed File System (DFS) namespace
Windows XP Mode
49. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
CAPublishGP group should have the Manage CA permission.
Software Restriction Polices
Deploy it by using Group Policy Software Installation method
50. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Encrypting File System (EFS). This can be enabled locally or through a GPO.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Use the Local Roles options with dsmgmt.
