Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Modify zone transfer settings for company.com zone on DCA
AD Domains and Trusts
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)

2. To backup to tape/robotic tape and to backup VMs you must use...
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Microsoft System Center Data Protection Manager 2010
AD Rights Management Services
Implement a domain-based DFS namespace that uses replication

3. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Autonomous mode...This allows the local administrator to approve their own updates.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.

4. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Deploy it by using Group Policy Software Installation method
Use a GPO to configure device installation restrictions
Subnet object needs to be created
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.

5. GPO setting to prevent all users from running an application
Deploy a failover cluster that contains one node in each office.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Active Directory Right Management Services (AD RMS)
Software Restriction Polices

6. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Zone transfer settings
FFL Windows Server 2008 R2
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.

7. When recommending a monitoring solution for an application so that it's events can be stored in a central
Event Subscriptions
Install Hyper-V role and convert physical machines into virtual machines
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
From Server1 - run the Create Basic Task Wizard

8. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Raise the DFL to Windows Server 2008 R2.
Event Subscriptions
Active Directory Right Management Services (AD RMS)
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

9. To make deploying the custom Word dictionary easy
Purchase one additional Enterprise License
Recommend Group Policy preferences
Implement GPO for all client computers
Configure authorization rules for Web developers on each web server

10. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Disable Site Link Bridging from the IP properties

11. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Test-AppLockerPolicy
Implement Windows System Resource Manager (WSRM)
File Server Resource Manager (FSRM) quotas and file screens

12. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Recommend GPT and basic disks
Set-ADServiceAccount cmdlet
Active Directory Domains and Trusts
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.

13. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Configure caching on the shared folder (offline files)
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise

14. To allow a specifc user or group to manage the address information for the user accounts...
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Recommend Active Directory delegation
PowerShell 2.0
Create a new Password Settings Object (PSO) for the IT users.

15. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Service user account for AD LDS
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Offline domain join
802.1.x NAP

16. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Network Load Balancing (NLB)
DSMOD
Certificate Templates
Domain based Distributed File System (DFS) namespace and DFS Replication.

17. To restore previous version of script without taking up too much of time...
Dfsrdiag
Authorization Manager
Attach VHD file created by Windows server backup
Deploy a GPO for the Sales OU

18. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Then configure GlobalNames zones on each domain controller.
Authorization Manager
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.

19. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Enable Credential Roaming
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop

20. If you want to implement BitLocker and store recovery informaiton in a central location
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Implement Windows BitLocker Drive Encryption (BitLocker)
Run adprep /forestprep and adprep /domainprep

21. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Modify properties of RODC server computer account.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Active Directory Right Management Services (AD RMS)

22. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
From Server1 - run the Create Basic Task Wizard
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Microsoft System Center Data Protection Manager

23. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Upgrading DFS to Windows Server 2008 R2

24. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Network Load Balancing (NLB) cluster
dnscmd tool
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO

25. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Then use Windows Deployment Services (WDS)
Perform an authoritative restore
Enable - ADoptionalFeature cmdlet
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.

26. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Implement GPO for all client computers
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Discover the run Microsoft Baseline Security Analyzer (MBSA)

27. To backup Virtual Machines
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
DSMOD - ADUC
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.

28. You need to recommend a BitLocker recovery method you should recommend this.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Create a standard secondary of domain and create standard secondary of other domain.
Include a server that runs Microsoft Office SharePoint Server 2010
Data Recovery Agent

29. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Configure RODC for Administrator Role Separation
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library

30. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Repadmin
Back up to an external USB drive by using Windows Server Backup
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management

31. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Purchase one additional Enterprise License
Create an Active Directory-Integrated zone.
Install From Media IFM
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up

32. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Share and Storage Management
Autonomous mode...This allows the local administrator to approve their own updates.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Enable Windows Remote Management (WinRM) on the servers.

33. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Your machine and remote desktops
Microsoft SharePoint Foundation 2010
Then configure auto enrollment of certificates and Credential Roaming.

34. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Software Restriction Polices
Create a Network Load Balancing cluster.
Windows XP Mode

35. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Registry on users computer needs to be modified
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Deploy a failover cluster that contains one node in each office.

36. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Install From Media IFM
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Event Subscriptions
Disable Site Link Bridging from IP Properties

37. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Winrm quickconfig
PowerShell 2.0
Dfsrdiag
Role Separation

38. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Install Windows Server Backup and modify the Windows firewall settings
DSMOD
An Active Directory subnet object needs to be created.
Implement Shadow Copies

39. What should be done first to defragment the AD database?
Add the user to the Domain Admins global group
Authorization Manager
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Run net stop ntds

40. to make shares at a remote location available to users you should implement this.
Domain based Distributed File System (DFS) namespace and DFS Replication.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Create a Network Load Balancing cluster.

41. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Printer driver isolation
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Deploy the Root CA certificate to the external computers.

42. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Certificate Templates
802.1.x NAP
Import-Module

43. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Domain based DFS namespace and configure a DFS replication group
Use Netsh tool from administrator's computer.
dnscmd
Configure offline files and enable manual caching

44. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Test-AppLockerPolicy
Add the new UPN suffix to the forest.

45. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Dsmgmt
Run net stop ntds
Implement Windows System Resource Manager (WSRM)

46. To configure AD FS so tokens contain information from Active Directory domain...
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Implement Shadow Copies
Incoming external trust
New ACCOUNT STORE should be added and configured

47. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Import-Module
Recommend GPT and basic disks
Create a GPO and link the GPO to the domain then configure the GPO to be enforced

48. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Administrators is the minimum group membership required to complete this procedure.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.

49. To add a server with AD FS 2.0 role to an existing AD FS farm...
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
fsconfig on FSSrv2
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.

50. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183