SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Test-AppLockerPolicy
AD Rights Management Services
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
IIS Chared Configuration
2. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Configure event log subscriptions
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
New ACCOUNT STORE should be added and configured
3. To modify several user accounts to a new UPN suffix
Active Directory Users and Computers utility
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
DISABLE slow link detection in the GPO
Active Directory Right Management Services (AD RMS)
4. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Configure RODC for Administrator Role Separation
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Administrators is the minimum group membership required to complete this procedure.
Get-ADUser cmdlet
5. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Active Directory snapshots and Tombstone reanimation
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
ntdsutil
6. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Set-ADServiceAccount cmdlet
Create ADMX and ADML files. Configure the GPO and link it to the domain.
New ACCOUNT STORE should be added and configured
Implement a GPO for each domain
7. to increase the reliability of the print server - configure...
Incoming external trust
Printer driver isolation
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
fsconfig on FSSrv2
8. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Run net stop ntds
Properties of PSO need modified
From Server1 - run the Create Basic Task Wizard
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
9. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
10. Need to access some resources in another domain that is part of another forest...What trust is created?
Incoming external trust
Add the new UPN Suffix to the forest
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
net stop ntds
11. To restore deleted user account from AD Recycle Bin...
Restore-ADObject cmdlet
Set-ADServiceAccount cmdlet
Deploy a GPO to the WebSrvOU
Microsoft SharePoint Foundation 2010
12. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Administrators is the minimum group membership required to complete this procedure.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Storage manager for SANs
13. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Dsmgmt
Test-AppLockerPolicy
Deploy a GPO to the WebSrvOU
Then use Windows Deployment Services (WDS)
14. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Execute the Set-ADServiceAccount cmdlet
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
15. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Jill came down with 2.50.
Domain based Distributed File System (DFS) will reduce network traffic
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
16. To ensure that recovery is possible if a file on a file server is deleted accidentally
Implement Shadow Copies
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Utilize IFM (Install From Media)
17. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Ntfrsutil
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Implement Windows System Resource Manager (WSRM) and configure user policies
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
18. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Implement one LUN for the quorum and another LUN for the data
Add the new UPN suffix to the forest.
Create an e-mail account in AD DS for your RMS users.
19. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Win2000
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Domain based Distributed File System (DFS) will reduce network traffic
Deploy a failover cluster that contains one node in each office.
20. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Printer driver isolation
Configure the zone as an Activde Directory-Integrated zone.
MEDV to deploy virtual desktops
Ntfrsutil
21. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Active Directory Right Management Services (AD RMS)
Restore-ADObject cmdlet
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
22. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Configure separate application pools for each application
23. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Printer driver isolation
Enable Windows Remote Management (WinRM) on each server.
Create and deploy a logon script that runs Auditpol.
Increase the tombstone lifetime for the forest.
24. To determine size of AD database file...
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Registry on users computer needs to be modified
Your machine and remote desktops
View properties of %systemroot%ntdsntds.dit
25. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
FILES option within Ntdsutil
Upgrading DFS to Windows Server 2008 R2
dnscmd tool
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
26. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Active Directory snapshots and Tombstone reanimation
Registry on users computer needs to be modified
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Domain based Distributed File System (DFS) namespace and DFS Replication.
27. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Add George to the Domain Admins group.
Windows System Resource Manager (WSRM)
Winrm quickconfig
Additional DFS Targets
28. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Implement a GPO for each domain
Dsmgmt
From Server A - run Create Basic Task Wizard
29. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Then install new Server 2008 R2 Enterprise subordinate CA.
Enable Credential Roaming
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Import-Module
30. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
FFL Windows Server 2008 R2
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
31. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Add the new UPN Suffix to the forest
Purchase one additional Enterprise License
DSMOD - ADUC
Then install new Server 2008 R2 Enterprise subordinate CA.
32. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Dsmgmt
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Configure Firewall Group Policies and link them at the Domain level
Domain based DFS namespace and configure a DFS replication group
33. 2 ways to relocate user and computer accounts to different OUs
Service user account for AD LDS
Perform an authoritative restore
DSMOD - ADUC
Creating a data collector set that kick off a scritp that either move or delete files.
34. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Add the user to the Domain Admins global group
Install Windows Server Backup and modify the Windows firewall settings
Use a GPO to configure device installation restrictions
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
35. To configure Administrator Role Separation for an RODC
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
FILES option within Ntdsutil
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
36. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Network Load Balancing (NLB)
Implement a GPO for each domain
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Install the RSAT tool on their workstation to provide for more efficient network management
37. To add a new UPN for all user accounts...
Implement Windows System Resource Manager (WSRM)
AD Domains and Trusts
MEDV to deploy virtual desktops
Microsoft SharePoint Foundation 2010
38. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
dnscmd tool
Authorization Manager role assignment
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Multipath I/O feature
39. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Prestage the computer account in AD
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
40. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Run adprep /forestprep and adprep /domainprep
41. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
View properties of %systemroot%ntdsntds.dit
Add the new UPN suffix to the forest.
Assign the application to all client computers by using a GPO.
Subnet object needs to be created
42. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Microsoft Desktop Optimization Pack (MDOP)
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
43. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Basic Authentication and SSL
Use a GPO to configure device installation restrictions
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
44. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Include a server that runs Microsoft Office SharePoint Server 2010
Run adprep /forestprep and adprep /domainprep
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Service user account for AD LDS
45. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Install Hyper-V role and convert physical machines into virtual machines
Domain based Distributed File System (DFS) namespace and DFS Replication.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
46. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Add the new UPN Suffix to the forest
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
47. To recover objects deleted from Active Directory you should recommend
Active Directory snapshots and Tombstone reanimation
Microsoft System Center Data Protection Manager
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Folder redirection. Folder redirection is also useful when using roamin profiles.
48. to protect file servers and hard disks that may be at risk of being accessed or stolen
Autonomous mode...This allows the local administrator to approve their own updates.
Include a server that runs Microsoft Office SharePoint Server 2010
Implement Windows BitLocker Drive Encryption (BitLocker)
Domain based Distributed File System (DFS) namespace and DFS Replication.
49. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
50. To identify users who bypass the new corporate security policy -
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Configure Audit Special Logon and define Special Groups
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Test-AppLockerPolicy
