SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If you need secure method to verify validity of individual certificates and minimize network bandwidth
WDS
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Then use on install image file that contains a single install image.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
2. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Implement GPO for all client computers
Ldp
Assign the application to computers in the PC OU
3. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Zone transfer settings
Then install new Server 2008 R2 Enterprise subordinate CA.
Ntfrsutil
Authorization Manager role assignment
4. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Configure folder redirection
Raise the DFL to Windows Server 2008 R2.
Configure event log subscriptions
5. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Microsoft Application Virtualization (AppV)
MEDV to deploy virtual desktops
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
6. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Domain based Distributed File System (DFS) namespace and DFS Replication.
7. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
File Server Resource Manager (FSRM) quotas and file screens
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Deploy a GPO to the WebSrvOU
Configure RODC for Administrator Role Separation
8. If you need to minimize the bandwidth for installation
Utilize IFM (Install From Media)
Attach VHD file created by Windows server backup
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Properties of PSO need modified
9. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Deploy Microsoft System Center Operations Manager (SCOM)
Configure caching on the shared folder (offline files)
Windows XP Mode
Then install new Server 2008 R2 Enterprise subordinate CA.
10. To defragment and AD database...
Create an e-mail account in AD DS for your RMS users
net stop ntds
Recommend GPT and basic disks
Then use Windows BitLocker Drive Encryption
11. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
An Active Directory subnet object needs to be created.
Run net stop ntds
Dsmgmt
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
12. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Implement Network Access Protection (NAP)
Microsoft Desktop Optimization Pack (MDOP) to your company
Configure the zone as an Activde Directory-Integrated zone.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
13. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Event Viewer
Create a Central Store
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
14. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
15. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Use CISCO IP Helper command to configure.
MEDV to deploy virtual desktops
The Group Policy Management console
16. GPO setting to prevent all users from running an application
The Group Policy Management Console
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Install and share a printer on a server and then enable printer pooling.
Software Restriction Polices
17. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Configure caching on the shared folder and configure offline files to use encryption
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Enable Windows Remote Management (WinRM) on each server.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
18. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Recommend Active Directory delegation
Implement Network Access Protection (NAP)
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
19. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Create a Central Store
Modify properties of RODC server computer account.
Winrm quickconfig
20. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Test-AppLockerPolicy
Utilize IFM (Install From Media)
21. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Zone transfer settings
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Dsmgmt
Install From Media IFM
22. To modify several user accounts to a new UPN suffix
Additional DFS Targets
Active Directory Users and Computers utility
Jill came down with 2.50.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
23. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Purchase one additional Enterprise License
24. UPN Suffix xxxx.com needs to be available for user accounts...
Dynamically expanding VHD's
Group Policy Preferences
Add the new UPN Suffix to the forest
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
25. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Configure caching on the shared folder (offline files)
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Implement a GPO for each domain
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
26. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Win2000
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
28. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Add the new UPN suffix to the forest.
Subnet object needs to be created
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Basic Authentication and SSL
29. DFL is...
Configure block inheritance on the IT OU
Upgrading DFS to Windows Server 2008 R2
Win2000 Native
Domain based Distributed File System (DFS) namespace and DFS Replication.
30. What GPO setting should be configured to prevent all users from running an application?
Software Restriction Polices
Folder redirection. Folder redirection is also useful when using roamin profiles.
Add the Windows Server Backup feature and Windows System Image recovery.
View properties of %systemroot%ntdsntds.dit
31. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Recommend GPT and basic disks
Add the new UPN suffix to the forest.
Incoming external trust
Add the new UPN Suffix to the forest
32. The Computer Management snap-in allows you to create shares both on...
Certificate Templates
Storage manager for SANs
Your machine and remote desktops
Configure separate application pools for each application
33. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Autonomous mode...This allows the local administrator to approve their own updates.
Group Policy Preferences
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
34. If you need to ensure that data is protected by BitLocker then you will...
Configure Audit Special Logon and define Special Groups
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
NOT be able to store that data on an iSCSI SAN
35. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Creating a data collector set that kick off a scritp that either move or delete files.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Implement Network Access Protection (NAP) that uses 802.1x enforcement
36. To build a highly secure server cluster with a reduced attack surface area
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
37. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Modify the schema of LDSInst1
An Active Directory subnet object needs to be created.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Import-Module
38. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
ntdsutil
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
39. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Implement a domain-based DFS namespace that uses replication
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Run net stop ntds
40. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Dfsrdiag
Deploy the Root CA certificate to the external computers.
Windows XP Mode
41. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Deploy Microsoft System Center Operations Manager (SCOM)
Distributed File System (DFS) Replication
AD Domains and Trusts
Implement a domain-based DFS namespace that uses replication
42. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Dfsrdiag
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Configure event log subscriptions
Windows BitLocker Drive Encryption (Bit Locker)
43. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
44. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
An Active Directory subnet object needs to be created.
45. To replicate SYSVOL using Distributed File System Replication (DFSR)...
DFL needs to be Windows Server 2008
Improve the performance of File Servers
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
46. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Configure block inheritance on the IT OU
Then install new Server 2008 R2 Enterprise subordinate CA.
Implement the Windows Search Service.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
47. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Network Load Balancing (NLB) cluster
Offline domain join
Repadmin
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
48. Striped volumes
Use a GPO to configure device installation restrictions
Improve the performance of File Servers
Passive file screens
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
49. To prevent account password from being cached on RODC server...
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Use Netsh tool from administrator's computer.
Modify properties of RODC server computer account.
50. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Modify the GPO to include folder redirection
Creating a data collector set that kick off a scritp that either move or delete files.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
An Active Directory subnet object needs to be created.
