SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
IIS Chared Configuration
Add-ADFineGrainedPasswordPolicySubject cmdlet
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Use CISCO IP Helper command to configure.
2. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
dnscmd
Then configure auto enrollment of certificates and Credential Roaming.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Administrative Role Separation
3. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Disable Site Link Bridging from IP Properties
Discover the run Microsoft Baseline Security Analyzer (MBSA)
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Improve the performance of File Servers
4. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
5. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Additional DFS Targets
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
6. To add a new UPN for all user accounts...
AD Domains and Trusts
Administrators is the minimum group membership required to complete this procedure.
Raise the DFL to Windows Server 2008 R2.
Implement a domain-based DFS namespace that uses replication
7. You need to design your WSUS infrastructure so that updates are highly available. To do so
Execute the Set-ADServiceAccount cmdlet
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
8. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Service user account for AD LDS
Execute the Set-ADServiceAccount cmdlet
Recommend Active Directory delegation
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
9. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Windows BitLocker Drive Encryption (Bit Locker)
Share and Storage Management
Then use Windows Deployment Services (WDS)
10. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
WDS
Raise the DFL to Windows Server 2008 R2.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Create a standard secondary of domain and create standard secondary of other domain.
11. You need to recommend a BitLocker recovery method you should recommend this.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Data Recovery Agent
Additional DFS Targets
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
12. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Active Directory snapshots and Tombstone reanimation
Install From Media IFM
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Implement the Windows Search Service.
13. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Configure the zone as an Activde Directory-Integrated zone.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Incoming external trust
14. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Add the Windows Server Backup feature and Windows System Image recovery.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
15. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
dsa.msc - dsamain.exe - ntdsutil.exe
Then use Windows Deployment Services (WDS) on DHCP1.
Implement a domain-based DFS namespace that uses replication
16. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Assign the application to computers in the PC OU
Create an e-mail account in AD DS for your RMS users.
Windows XP Mode
17. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Multipath I/O feature
Modify the schema of LDSInst1
18. Jack and Jill go up the hill - both with a buck and a quarter
Group Policy Preferences
Jill came down with 2.50.
Domain based Distributed File System (DFS) will reduce network traffic
Modify the schema of LDSInst1
19. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Install the RSAT tool on their workstation to provide for more efficient network management
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Deploy a failover cluster that uses Node and File Share Disk Majority
Implement File Server Resource Manager (FSRM) quotas on the desired servers
20. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Event Viewer
Dfsrdiag
AD Rights Management Services
21. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
802.1.x NAP
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Implement Shadow Copies
22. What role to keep same time as an external server?
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
MEDV to deploy virtual desktops
PDC emulator with w32tm.exe
23. To join a server/PC outside of the domain to the network...
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Microsoft Application Virtualization (AppV)
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Install Hyper-V role and convert physical machines into virtual machines
24. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Install From Media IFM
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Use a GPO to configure device installation restrictions
25. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
fsconfig on FSSrv2
Configure the zone as an Activde Directory-Integrated zone.
Microsoft Application Virtualization (AppV)
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
26. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Deploy the Root CA certificate to the external computers.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Win2000
27. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
MEDV to deploy virtual desktops
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
28. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Test-AppLockerPolicy
Network Load Balancing (NLB) cluster
Microsoft System Center Data Protection Manager 2010
Distributed File System (DFS) Replication
29. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Configure offline files and enable manual caching
Authorization Manager
Configure an audit policy by editing the default domain policy and configure Event Forwarding
30. Capture all replication errors from all your DCs to a central location...
Configure event log subscriptions
Microsoft System Center Data Protection Manager
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Win2000 Native
31. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Additional DFS Targets
dnscmd
Incoming external trust
32. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Repadmin
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Disable Site Link Bridging from the IP properties
Add the new UPN Suffix to the forest
33. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
The Group Policy Management console
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Distributed File System (DFS) Replication
34. When one needs to audit files - folders - printers and the registry enable
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Active Directory Users and Computers utility
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
35. Enables you to receive emails when domain users locked out of accounts...
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Event Viewer
Software Restriction Polices
Windows BitLocker Drive Encryption (Bit Locker)
36. File that contains the last logon time and custom attributes values for each user in your forest.
Restore-ADObject cmdlet
Get-ADUser cmdlet
Additional DFS Targets
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
37. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Properties of PSO need modified
Ntdsutil
Then use Windows Deployment Services (WDS) on DHCP1.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
38. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Active Directory snapshots and Tombstone reanimation
Implement Network Access Protection (NAP)
Windows BitLocker Drive Encryption (Bit Locker)
Upgrading DFS to Windows Server 2008 R2
39. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Then install new Server 2008 R2 Enterprise subordinate CA.
Subnet object needs to be created
Implement a GPO for each domain
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
40. to make shares at a remote location available to users you should implement this.
Configure caching on the shared folder (offline files)
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Prestage the computer account in AD
Domain based Distributed File System (DFS) namespace and DFS Replication.
41. If you need to minimize the bandwidth for installation
Recommend GPT and basic disks
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Utilize IFM (Install From Media)
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
42. To allow connection to a 256 Kbps ISDN...
DISABLE slow link detection in the GPO
Event Log Subscriptions
The Group Policy Management console
Execute the Set-ADServiceAccount cmdlet
43. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Install and share a printer on a server and then enable printer pooling.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Microsoft SharePoint Foundation 2010
Ntfrsutil
44. The Computer Management snap-in allows you to create shares both on...
Install the RSAT tool on their workstation to provide for more efficient network management
Subnet object needs to be created
Active Directory snapshots and Tombstone reanimation
Your machine and remote desktops
45. To recover objects deleted from Active Directory you should recommend
Active Directory snapshots and Tombstone reanimation
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Microsoft System Center Data Protection Manager
46. You need a solution that meets policy while minimizing hardware and software costs
Add the new UPN suffix to the forest.
Passive file screens
Create a new Password Settings Object (PSO) for the IT users.
Test-AppLockerPolicy
47. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Implement GPO for all client computers
Run adprep /forestprep and adprep /domainprep
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
48. To allow a user to administer Active Directory
Implement Distributed File System Replication (DFSR) on both servers
Certificate Templates
Add the user to the Domain Admins global group
Role Separation
49. What GPO setting should be configured to prevent all users from running an application?
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Software Restriction Polices
A relying party trust should be created.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
50. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Implement GPO for all client computers
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
