SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Implement File Server Resource Manager (FSRM) quotas on the desired servers
DSMOD - ADUC
Deploy a GPO to the WebSrvOU
Test-AppLockerPolicy
2. If you need to be able to create shared folders on Server 2008 R2
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Configure Audit Special Logon and define Special Groups
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Ensure your account - or the group is a member of the local Administrators group for that specific server.
3. A specific application requires registry modifications to be in place before installing; you should use
Group Policy Preferences
Run the Delegation of Control Wizard on the Staff OU
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Then use Windows Deployment Services (WDS)
4. PowerShell script to create user accounts with passwords from a file called password.csv
Recommend GPT and basic disks
Create an Active Directory-Integrated zone.
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
5. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Configure caching on the shared folder (offline files)
Disable Site Link Bridging from the IP properties
Event Viewer
6. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Configure the zone as an Activde Directory-Integrated zone.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Install Windows Server Backup and modify the Windows firewall settings
7. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Modify zone transfer settings for company.com zone on DCA
Test-AppLockerPolicy
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
The Group Policy Management console
8. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Assign the application to all client computers by using a GPO.
Implement one LUN for the quorum and another LUN for the data
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Implement Windows System Resource Manager (WSRM)
9. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Implement a domain-based DFS namespace that uses replication
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Then configure auto enrollment of certificates and Credential Roaming.
Add the Windows Server Backup feature and Windows System Image recovery.
10. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
11. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Changed manually
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
12. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Use the Local Roles options with dsmgmt.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Then use Windows Deployment Services (WDS) on DHCP1.
13. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Ntdsutil
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Configure caching on the shared folder and configure offline files to use encryption
Add the new UPN suffix to the forest.
14. GPO setting to prevent all users from running an application
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
802.1.x NAP
Software Restriction Polices
Storage manager for SANs
15. What should be done to ensure changes made to AD objects can be logged?
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Microsoft Desktop Optimization Pack (MDOP)
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
View properties of %systemroot%ntdsntds.dit
16. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Autonomous mode...This allows the local administrator to approve their own updates.
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Run adprep /forestprep and adprep /domainprep
Create ADMX and ADML files. Configure the GPO and link it to the domain.
17. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Run adprep /forestprep and adprep /domainprep
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Create a Central Store
Use the Local Roles options with dsmgmt.
18. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
DFL needs to be Windows Server 2008
DSMOD - ADUC
19. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Enable Windows Remote Management (WinRM) on each server.
Modify zone transfer settings for company.com zone on DCA
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
20. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Windows Deployment Services (WDS)
Administrative Role Separation
Implement folder redirection by using GPO. Then backup the folder redirection target.
Modify the GPO to include folder redirection
21. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Group Policy Preferences
IIS Chared Configuration
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
An Active Directory subnet object needs to be created.
22. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
dnscmd
Run adprep /forestprep and adprep /domainprep
Improve the performance of File Servers
23. to protect file servers and hard disks that may be at risk of being accessed or stolen
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
FFL Windows Server 2008 R2
Win2000 Native
Implement Windows BitLocker Drive Encryption (BitLocker)
24. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Test-AppLockerPolicy
25. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Incoming external trust
IIS Chared Configuration
26. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Network Load Balancing (NLB)
Enable Credential Roaming
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
27. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Attach VHD file created by Windows server backup
ntdsutil
Use local roles options within "dsmgmt"
Add the new UPN suffix to the forest.
28. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Disable Site Link Bridging from IP Properties
Then install new Server 2008 R2 Enterprise subordinate CA.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
29. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
WDS
Dfsrdiag
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Multipath I/O feature
30. The Computer Management snap-in allows you to create shares both on...
Zone transfer settings
Your machine and remote desktops
Prestage the computer account in AD
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
31. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Configure offline files and enable manual caching
Jill came down with 2.50.
Dsmgmt
Implement a Remote Desktop Connection Broker (RD Connection Broker)
32. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Passive file screens
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Dfsrdiag
AD RMS
33. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Use local roles options within "dsmgmt"
Implement a GPO for each domain
AD Rights Management Services
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
34. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Then configure auto enrollment of certificates and Credential Roaming.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Enable - ADoptionalFeature cmdlet
35. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Install and share a printer on a server and then enable printer pooling.
Your machine and remote desktops
Deploy a failover cluster that uses Node and File Share Disk Majority
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
36. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Upgrading DFS to Windows Server 2008 R2
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
An Active Directory subnet object needs to be created.
37. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Autonomous mode...This allows the local administrator to approve their own updates.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Event Viewer
Configure event log subscriptions
38. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Include a server that runs Microsoft Office SharePoint Server 2010
Certificate Templates
Add the new UPN Suffix to the forest
39. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Create an e-mail account in AD DS for your RMS users
Windows System Resource Manager (WSRM)
Configure caching on the shared folder and configure offline files to use encryption
Active Directory Users and Computers utility
40. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Use the Local Roles options with dsmgmt.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
41. If you need to ensure that data is protected by BitLocker then you will...
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
NOT be able to store that data on an iSCSI SAN
The Group Policy Management console
42. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Configure caching on the shared folder and configure offline files to use encryption
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
43. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Restore-ADObject cmdlet
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Recommend Active Directory delegation
44. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Event Viewer
Increase the tombstone lifetime for the forest.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
45. New password settings object (PSO) created and needs to be applied to user
Properties of PSO need modified
Dfsrdiag
Win2000 Native
Recommend Offline Files
46. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
PowerShell 2.0
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Create a Network Load Balancing cluster.
47. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Jill came down with 2.50.
Create an Active Directory-Integrated zone.
48. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Event Log Subscriptions
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
49. To defragment and AD database...
Enable Windows Remote Management (WinRM) on each server.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Then configure auto enrollment of certificates and Credential Roaming.
net stop ntds
50. Jack and Jill go up the hill - both with a buck and a quarter
Domain based DFS namespace and configure a DFS replication group
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Jill came down with 2.50.
Group Policy Preferences