SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Run the Delegation of Control Wizard on the Staff OU
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
2. To minimize the amount of storage required you should recommend
Share and Storage Management
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Refresh the zone on DNS2
Multipath I/O feature
3. To build a highly secure server cluster with a reduced attack surface area
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Backup operator's domain local group
Create an e-mail account in AD DS for your RMS users
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
4. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Create a Central Store
Create a Network Load Balancing cluster.
Configure authorization rules for Web developers on each web server
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
5. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Raise the DFL to Windows Server 2008 R2.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Add the Windows Server Backup feature and Windows System Image recovery.
6. To recover objects deleted from Active Directory you should recommend
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Use the Local Roles options with dsmgmt.
Active Directory snapshots and Tombstone reanimation
7. To enable the AD Recycle Bin
Enable - ADoptionalFeature cmdlet
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Disable Site Link Bridging from the IP properties
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
8. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Purchase one additional Enterprise License
Winrm quickconfig
MEDV to deploy virtual desktops
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
9. File that contains the last logon time and custom attributes values for each user in your forest.
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Dfsrdiag
Get-ADUser cmdlet
Changed manually
10. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Deploy it by using Group Policy Software Installation method
Active Directory Right Management Services (AD RMS)
Recommend Offline Files
11. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Authorization Manager role assignment
Then configure auto enrollment of certificates and Credential Roaming.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
12. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
dnscmd tool
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Configure caching on the shared folder and configure offline files to use encryption
13. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Deploy a failover cluster that uses Node and File Share Disk Majority
Implement Shadow Copies
Recommend GPT and basic disks
14. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Raise the DFL to Windows Server 2008 R2.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Create and deploy a logon script that runs Auditpol.
15. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
IIS Manager user account
ntdsutil
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
16. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Implement Network Access Protection (NAP)
17. You need to relocate an AD LDS instance from C: Drive to D: Drive
Use CISCO IP Helper command to configure.
Microsoft Application Virtualization (AppV)
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
18. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. To delegate authority to users to manage only certain areas in Hyper-V use the
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Authorization Manager role assignment
Configure separate application pools for each application
20. When recommending a monitoring solution for an application so that it's events can be stored in a central
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Event Subscriptions
Basic Authentication and SSL
Create an e-mail account in AD DS for your RMS users.
21. You need a solution that meets policy while minimizing hardware and software costs
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Create a new Password Settings Object (PSO) for the IT users.
22. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Zone transfer settings
IIS Chared Configuration
An Active Directory subnet object needs to be created.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
23. If you need to allow an external partner's computer to access internal network resources by using SSTP
DSMOD
The Group Policy Management Console
PDC emulator with w32tm.exe
Deploy the Root CA certificate to the external computers.
24. You need to deploy a sales application that only the sales users must have access to
Run net stop ntds
Deploy a GPO for the Sales OU
Raise the DFL to Windows Server 2008 R2.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
25. Tool to change Directory Services Restore Mode password on Domain Controller...
Create a new Password Settings Object (PSO) for the IT users.
Implement Shadow Copies
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
ntdsutil
26. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Dsmgmt
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
27. Auditing the deletion of Registry keys on all Domain Controllers
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Set-ADServiceAccount cmdlet
File Server Resource Manager (FSRM) quotas and file screens
28. In order to manage websites without having to logon you can use
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Purchase one additional Enterprise License
Implement GPO for all client computers
PowerShell 2.0
29. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Basic Authentication and SSL
Configure caching on the shared folder and configure offline files to use encryption
Use Netsh tool from administrator's computer.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
30. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Disable Site Link Bridging from the IP properties
Implement the Windows Search Service.
Install Hyper-V role and convert physical machines into virtual machines
31. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Modify properties of RODC server computer account.
Run the Delegation of Control Wizard on the Staff OU
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
32. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Dsmgmt
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Create a Network Load Balancing cluster.
Ldp
33. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Offline domain join
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Create a new Password Settings Object (PSO) for the IT users.
34. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
Then use Windows BitLocker Drive Encryption
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
35. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Test-AppLockerPolicy
Improve the performance of File Servers
Deploy a GPO for the Sales OU
Implement Distributed File System Replication (DFSR) on both servers
36. If you need to delegate control of server to remote admins group
Add the Windows Server Backup feature and Windows System Image recovery.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Configure RODC for Administrator Role Separation
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
37. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Repadmin
Utilize IFM (Install From Media)
CAPublishGP group should have the Manage CA permission.
Microsoft SharePoint Foundation 2010
38. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Use a GPO to configure device installation restrictions
39. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
net stop ntds
Subnet object needs to be created
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
40. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Administrators is the minimum group membership required to complete this procedure.
Configure Firewall Group Policies and link them at the Domain level
AD Domains and Trusts
41. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Add the user to the Domain Admins global group
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
MEDV to deploy virtual desktops
Then use Windows BitLocker Drive Encryption
42. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Create a Network Load Balancing cluster.
Use local roles options within "dsmgmt"
Administrators is the minimum group membership required to complete this procedure.
Recommend GPT and basic disks
43. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Microsoft System Center Data Protection Manager
Configure caching on the shared folder (offline files)
44. FFL is...
Recommend Active Directory delegation
Win2000
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Attach VHD file created by Windows server backup
45. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Incoming external trust
46. When deploying an application using the Group Policy distribution method assign the...
Create and deploy a logon script that runs Auditpol.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
AD Domains and Trusts
Include a server that runs Microsoft Office SharePoint Server 2010
47. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
dnscmd
Modify the schema of LDSInst1
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
48. If subnets are connected by CISCO router that is RFC-1542 compliant
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Use CISCO IP Helper command to configure.
Ntdsutil
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
49. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
50. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Implement GPO for all client computers
Add the new UPN Suffix to the forest
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
