SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To join a server/PC outside of the domain to the network...
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Subnet object needs to be created
Distributed File System (DFS) Replication
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
2. For the users that work remotely that need access to files from the corporate office you should...
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
From Server A - run Create Basic Task Wizard
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Recommend Offline Files
3. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Network Load Balancing (NLB)
Active Directory Right Management Services (AD RMS)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Implement a GPO for each domain
4. UPN Suffix xxxx.com needs to be available for user accounts...
Use local roles options within "dsmgmt"
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Add the new UPN Suffix to the forest
5. Tools to view contents of an OU in an AD snapshot...
Restore-ADObject cmdlet
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
dsa.msc - dsamain.exe - ntdsutil.exe
Event Subscriptions
6. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Authorization Manager
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
7. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
DSMOD
Implement a GPO for each domain
Configure the zone as an Activde Directory-Integrated zone.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
8. To prevent account password from being cached on RODC server...
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
The Group Policy Management console
Modify properties of RODC server computer account.
Role Separation
9. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
net stop ntds
Domain based DFS namespace and configure a DFS replication group
Configure event log subscriptions
10. When one needs to audit files - folders - printers and the registry enable
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Install Windows Server Backup and modify the Windows firewall settings
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
11. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Implement a domain-based DFS namespace that uses replication
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Create an Active Directory-Integrated zone.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
12. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
Implement Windows System Resource Manager (WSRM) and configure user policies
Microsoft Desktop Optimization Pack (MDOP) to your company
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
13. Tool to change Directory Services Restore Mode password on Domain Controller...
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Use Netsh tool from administrator's computer.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
ntdsutil
14. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Microsoft SharePoint Foundation 2010
Incoming external trust
Execute the Set-ADServiceAccount cmdlet
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
15. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Add the new UPN suffix to the forest.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Event Subscriptions
16. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Back up to an external USB drive by using Windows Server Backup
Add George to the Domain Admins group.
17. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Changed manually
IIS Manager user account
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Create an e-mail account in AD DS for your RMS users.
18. To build a highly secure server cluster with a reduced attack surface area
Use CISCO IP Helper command to configure.
Configure event log subscriptions
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Windows Deployment Services (WDS)
19. You need to allow a user to add a single computer to a domain - without any additional rights...
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Set-ADServiceAccount cmdlet
Configure offline files and enable manual caching
Prestage the computer account in AD
20. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Deploy a failover cluster that uses Node and File Share Disk Majority
Configure block inheritance on the IT OU
21. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Use local roles options within "dsmgmt"
Windows Deployment Services (WDS)
Implement Shadow Copies
Create a Network Load Balancing cluster.
22. To restore deleted user account from AD Recycle Bin...
Deploy a GPO to the WebSrvOU
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Restore-ADObject cmdlet
23. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Distributed File System (DFS) Replication
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Import-Module
Deploy a GPO to the WebSrvOU
24. DFL is...
Recommend GPT and basic disks
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Win2000 Native
Include a server that runs Microsoft Office SharePoint Server 2010
25. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
A relying party trust should be created.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Changed manually
26. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
WDS
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
27. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
FFL Windows Server 2008 R2
Upgrading DFS to Windows Server 2008 R2
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
28. 2 ways to relocate user and computer accounts to different OUs
Configure Firewall Group Policies and link them at the Domain level
DSMOD - ADUC
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Software Restriction Polices
29. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Dfsrdiag
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
30. To identify users who bypass the new corporate security policy -
Configure Audit Special Logon and define Special Groups
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
The Group Policy Management Console
Authorization Manager role assignment
31. Need to ensure users receive updated template within five days...
Implement GPO for all client computers
Run the Delegation of Control Wizard on the Staff OU
Registry on users computer needs to be modified
Prestage the computer account in AD
32. In order to manage websites without having to logon you can use
PowerShell 2.0
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
DISABLE slow link detection in the GPO
Printer driver isolation
33. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Domain based Distributed File System (DFS) will reduce network traffic
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Implement Network Access Protection (NAP)
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
34. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Dsmgmt
From Server1 - run the Create Basic Task Wizard
35. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Properties of PSO need modified
36. An AD LDS instance needs to be replicated from one server to another...
Service user account for AD LDS
New ACCOUNT STORE should be added and configured
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
37. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Utilize IFM (Install From Media)
38. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Test-AppLockerPolicy
Winrm quickconfig
Create a MEDV workspace
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
39. FFL is...
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Win2000
ntdsutil
40. If you want to allow single-label name resolution
Get-ADUser cmdlet
Your machine and remote desktops
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Then configure GlobalNames zones on each domain controller.
41. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Software Restriction Polices
Disable Site Link Bridging from IP Properties
43. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Domain based DFS namespace and configure a DFS replication group
Use local roles options within "dsmgmt"
Implement Distributed File System Replication (DFSR) on both servers
Run adprep /forestprep and adprep /domainprep
44. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Configure folder redirection
DSMOD
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
45. To update ADRMS password...
Additional DFS Targets
AD Rights Management Services
Windows XP Mode
Create ADMX and ADML files. Configure the GPO and link it to the domain.
46. In order to ensure highly available Windows Update servers you should create this.
Site
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
47. To add a new UPN for all user accounts...
Implement one LUN for the quorum and another LUN for the data
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Backup operator's domain local group
AD Domains and Trusts
48. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Test-AppLockerPolicy
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
CAPublishGP group should have the Manage CA permission.
Microsoft SharePoint Foundation 2010
49. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Then use Windows BitLocker Drive Encryption
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Certificate Templates
Network Load Balancing (NLB) cluster
50. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Software Restriction Polices
Modify the local policy to point to the Internal WSUS server
Install Hyper-V role and convert physical machines into virtual machines