SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Microsoft System Center Data Protection Manager
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
WSUS server in the branch office in replica mode.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
2. If users complain that it is hard to find the shared folders on the network implement
Run net stop ntds
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Additional DFS Targets
3. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Deploy a failover cluster that uses Node and File Share Disk Majority
Ldp
Create an e-mail account in AD DS for your RMS users.
fsconfig on FSSrv2
4. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
CAPublishGP group should have the Manage CA permission.
Repadmin
5. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
IIS Manager user account
Win2000
Administrative Role Separation
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
6. What should be done first to defragment the AD database?
Configure authorization rules for Web developers on each web server
Run net stop ntds
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
7. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
The Group Policy Management console
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Subnet object needs to be created
8. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Then configure GlobalNames zones on each domain controller.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
9. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Implement a GPO for each domain
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Disable Site Link Bridging from the IP properties
Refresh the zone on DNS2
10. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Modify the schema of LDSInst1
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Software Restriction Polices
11. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Your machine and remote desktops
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Microsoft Desktop Optimization Pack (MDOP)
Configure caching on the shared folder and configure offline files to use encryption
12. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Your machine and remote desktops
Changed manually
Create ADMX and ADML files. Configure the GPO and link it to the domain.
13. When one needs to audit files - folders - printers and the registry enable
Configure Firewall Group Policies and link them at the Domain level
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Dsmgmt
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
14. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Use the Local Roles options with dsmgmt.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Ntfrsutil
Administrators is the minimum group membership required to complete this procedure.
15. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Dsmgmt
Repadmin
Configure block inheritance on the IT OU
16. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Implement Windows System Resource Manager (WSRM)
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
17. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Deploy a GPO to the WebSrvOU
Authorization Manager
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
18. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
The Group Policy Management console
Winrm quickconfig
Get-ADUser cmdlet
19. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Import-Module
dnscmd tool
Microsoft SharePoint Foundation 2010
20. FFL is...
Configure block inheritance on the IT OU
Microsoft System Center Data Protection Manager 2010
Win2000
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
21. Auditing the deletion of Registry keys on all Domain Controllers
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Back up to an external USB drive by using Windows Server Backup
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Deploy a failover cluster that contains one node in each office.
22. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Active Directory Right Management Services (AD RMS)
Modify zone transfer settings for company.com zone on DCA
Create a Central Store
Domain based Distributed File System (DFS) namespace and DFS Replication.
23. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Execute the Set-ADServiceAccount cmdlet
Ldp
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
24. To ensure that a file on a file server do not leave the organization you must implement this.
AD RMS
Deploy it by using Group Policy Software Installation method
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
25. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Active Directory Users and Computers
Test-AppLockerPolicy
Install Hyper-V role and convert physical machines into virtual machines
Install Windows Server Backup and modify the Windows firewall settings
26. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Printer driver isolation
Microsoft System Center Data Protection Manager 2010
Deploy Microsoft System Center Operations Manager (SCOM)
27. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Create an Active Directory-Integrated zone.
Prestage the computer account in AD
28. To update ADRMS password...
AD Rights Management Services
Site
New ACCOUNT STORE should be added and configured
Implement Windows BitLocker Drive Encryption (BitLocker)
29. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Offline domain join
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Create an Active Directory-Integrated zone.
Role Separation
30. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
DFL needs to be Windows Server 2008
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Microsoft System Center Data Protection Manager
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
31. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Repadmin
Configure caching on the shared folder (offline files)
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
32. If you need to minimize the bandwidth for installation
Utilize IFM (Install From Media)
Your machine and remote desktops
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Data Recovery Agent
33. To recover objects deleted from Active Directory you should recommend
Create an e-mail account in AD DS for your RMS users
Assign the application to all client computers by using a GPO.
dnscmd
Active Directory snapshots and Tombstone reanimation
34. New Password Policy needs to be created for OU different from domain password policy
Distributed File System (DFS) Replication
Restore-ADObject cmdlet
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
35. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Active Directory Right Management Services (AD RMS)
Deploy a GPO to the WebSrvOU
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
IIS Manager user account
36. If you need to ensure that data is protected by BitLocker then you will...
NOT be able to store that data on an iSCSI SAN
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Jill came down with 2.50.
Microsoft SharePoint Foundation 2010
37. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
From Server1 - run the Create Basic Task Wizard
Then configure auto enrollment of certificates and Credential Roaming.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Group Policy Preferences
38. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Create a standard secondary of domain and create standard secondary of other domain.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
39. GPO setting to prevent all users from running an application
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Software Restriction Polices
40. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Windows XP Mode
Domain based Distributed File System (DFS) namespace and DFS Replication.
DFL needs to be Windows Server 2008
41. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
From Server1 - run the Create Basic Task Wizard
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
42. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Dfsrdiag
Changed manually
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
43. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Multipath I/O feature
Windows BitLocker Drive Encryption (Bit Locker)
Site
Jill came down with 2.50.
44. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
PDC emulator with w32tm.exe
Configure offline files and enable manual caching
Add George to the Domain Admins group.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
45. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
Install Windows Server Backup and modify the Windows firewall settings
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
46. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Back up to an external USB drive by using Windows Server Backup
Deploy Microsoft System Center Operations Manager (SCOM)
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
From Server A - run Create Basic Task Wizard
47. Can be used to install the Windows RE on existing servers
Deploy Microsoft System Center Operations Manager (SCOM)
Microsoft Desktop Optimization Pack (MDOP)
Raise the DFL to Windows Server 2008 R2.
WDS
48. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Configure separate application pools for each application
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
49. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Printer driver isolation
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Configure the zone as an Activde Directory-Integrated zone.
50. Enables you to receive emails when domain users locked out of accounts...
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Domain based Distributed File System (DFS) will reduce network traffic
Event Viewer
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests