SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Offline domain join
Then configure GlobalNames zones on each domain controller.
2. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Folder redirection. Folder redirection is also useful when using roamin profiles.
View properties of %systemroot%ntdsntds.dit
MEDV to deploy virtual desktops
Implement Windows System Resource Manager (WSRM)
3. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Additional DFS Targets
fsconfig on FSSrv2
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
4. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Add the new UPN Suffix to the forest
Administrators is the minimum group membership required to complete this procedure.
Implement Windows System Resource Manager (WSRM)
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
5. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
PowerShell 2.0
Active Directory Users and Computers
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Dsmgmt
6. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Role Separation
Install From Media IFM
Implement the Windows Search Service.
Use the Local Roles options with dsmgmt.
7. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Enable Credential Roaming
Modify the local policy to point to the Internal WSUS server
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Configure folder redirection
8. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Then use Windows Deployment Services (WDS) on DHCP1.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Configure folder redirection
9. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Microsoft System Center Data Protection Manager
A Distributed File System (DFS) namespace
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Create a new Password Settings Object (PSO) for the IT users.
10. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
11. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Disable Site Link Bridging from IP Properties
Win2000 Native
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Add George to the Domain Admins group.
12. You need to relocate an AD LDS instance from C: Drive to D: Drive
Utilize IFM (Install From Media)
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
13. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Modify the local policy to point to the Internal WSUS server
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Implement a domain-based DFS namespace that uses replication
14. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
PDC emulator with w32tm.exe
Implement the Windows Search Service.
net stop ntds
15. If you need to encrypt all data on all disks
Then use Windows BitLocker Drive Encryption
Win2000 Native
Deploy a failover cluster that uses Node and File Share Disk Majority
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
16. Tools to view contents of an OU in an AD snapshot...
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Dsmgmt
Network Load Balancing (NLB) cluster
dsa.msc - dsamain.exe - ntdsutil.exe
17. If subnets are connected by CISCO router that is RFC-1542 compliant
Disable Site Link Bridging from IP Properties
Implement folder redirection by using GPO. Then backup the folder redirection target.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Use CISCO IP Helper command to configure.
18. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
net stop ntds
Microsoft System Center Data Protection Manager
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Certificate Templates
19. FFL is...
Win2000
Software Restriction Polices
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
20. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Then use Windows Deployment Services (WDS)
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Microsoft System Center Data Protection Manager
21. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Configure offline files and enable manual caching
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
22. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Create and deploy a logon script that runs Auditpol.
Create an Active Directory-Integrated zone.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Add the new UPN suffix to the forest.
23. To add a new UPN for all user accounts...
AD Domains and Trusts
Win2000 Native
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Modify zone transfer settings for company.com zone on DCA
24. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
CAPublishGP group should have the Manage CA permission.
DISABLE slow link detection in the GPO
Import-Module
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
25. You need to allow a user to add a single computer to a domain - without any additional rights...
Prestage the computer account in AD
Implement Shadow Copies
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Deploy Microsoft System Center Operations Manager (SCOM)
26. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Test-AppLockerPolicy
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Storage manager for SANs
27. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Implement Windows BitLocker Drive Encryption (BitLocker)
A Distributed File System (DFS) namespace
28. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Windows XP Mode
Certificate Templates
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
29. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Event Viewer
Implement Network Access Protection (NAP) that uses 802.1x enforcement
30. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Your machine and remote desktops
Disable Site Link Bridging from IP Properties
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Implement Network Access Protection (NAP)
31. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Dfsrdiag
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
32. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Dfsrdiag
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Disable Site Link Bridging from IP Properties
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
33. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Create a standard secondary of domain and create standard secondary of other domain.
Test-AppLockerPolicy
Use a GPO to configure device installation restrictions
34. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Administrative Role Separation
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
35. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
Active Directory snapshots and Tombstone reanimation
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Incoming external trust
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
36. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Dfsrdiag
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
37. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Create a Network Load Balancing cluster.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
38. DFL is...
Win2000 Native
NOT be able to store that data on an iSCSI SAN
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
39. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Utilize IFM (Install From Media)
Dsmgmt
Modify the local policy to point to the Internal WSUS server
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
40. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Win2000 Native
Create a MEDV workspace
PowerShell 2.0
41. You need to ensure that the guest account on all servers is disabled to
Then configure GlobalNames zones on each domain controller.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Assign the application to all client computers by using a GPO.
42. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Microsoft System Center Data Protection Manager
Then configure GlobalNames zones on each domain controller.
43. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
44. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
Microsoft SharePoint Foundation 2010
Creating a data collector set that kick off a scritp that either move or delete files.
Win2000 Native
An Active Directory subnet object needs to be created.
45. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Administrative Role Separation
Install Windows Server Backup and modify the Windows firewall settings
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Domain based DFS namespace and configure a DFS replication group
46. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Enable Credential Roaming
Modify the GPO to include folder redirection
Incoming external trust
47. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Create a standard secondary of domain and create standard secondary of other domain.
IIS Manager user account
Modify the local policy to point to the Internal WSUS server
Service user account for AD LDS
48. What GPO setting should be configured to prevent all users from running an application?
Software Restriction Polices
Create a MEDV workspace
Raise the DFL to Windows Server 2008 R2.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
49. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Active Directory Users and Computers
Create a new Password Settings Object (PSO) for the IT users.
802.1.x NAP
Multipath I/O feature
50. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Ntdsutil
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
