SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Then install new Server 2008 R2 Enterprise subordinate CA.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Create a MEDV workspace
2. What should be done to resolve names by using GlobalNames zone?
Microsoft Desktop Optimization Pack (MDOP)
Active Directory Users and Computers utility
dnscmd tool
The Group Policy Management console
3. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
PDC emulator with w32tm.exe
Domain based DFS namespace and configure a DFS replication group
Set-ADServiceAccount cmdlet
Service user account for AD LDS
4. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
5. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Create an Active Directory-Integrated zone.
File Server Resource Manager (FSRM) quotas and file screens
Configure caching on the shared folder and configure offline files to use encryption
Assign the application to computers in the PC OU
6. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
Add the new UPN suffix to the forest.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Deploy a failover cluster that uses Node and File Share Disk Majority
7. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
FILES option within Ntdsutil
Configure offline files and enable manual caching
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
8. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Prestage the computer account in AD
Use local roles options within "dsmgmt"
Configure event log subscriptions
FFL Windows Server 2008 R2
9. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Then use Windows BitLocker Drive Encryption
Windows BitLocker Drive Encryption (Bit Locker)
Deploy Microsoft System Center Operations Manager (SCOM)
Refresh the zone on DNS2
10. If you want to allow single-label name resolution
Then configure GlobalNames zones on each domain controller.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Execute the Set-ADServiceAccount cmdlet
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
11. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Recommend Active Directory delegation
Modify zone transfer settings for company.com zone on DCA
djoin /requesteodj from internal server - djoin /provision from outside server/PC
12. To restore deleted user account from AD Recycle Bin...
Restore-ADObject cmdlet
Subnet object needs to be created
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
13. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Deploy a failover cluster that contains one node in each office.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
WSUS server in the branch office in replica mode.
Implement folder redirection by using GPO. Then backup the folder redirection target.
14. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
The Group Policy Management console
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Dsmgmt
15. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Implement one LUN for the quorum and another LUN for the data
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Modify zone transfer settings for company.com zone on DCA
Disable Site Link Bridging from IP Properties
16. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
17. Need to access some resources in another domain that is part of another forest...What trust is created?
Folder redirection. Folder redirection is also useful when using roamin profiles.
Enable Credential Roaming
Autonomous mode...This allows the local administrator to approve their own updates.
Incoming external trust
18. If you need to minimize the bandwidth for installation
Printer driver isolation
Utilize IFM (Install From Media)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Software Restriction Polices
19. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Then use on install image file that contains a single install image.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Active Directory Right Management Services (AD RMS)
20. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
21. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Deploy a GPO for the Sales OU
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Domain based Distributed File System (DFS) namespace and DFS Replication.
22. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
The Group Policy Management console
DISABLE slow link detection in the GPO
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
23. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Storage manager for SANs
Create a MEDV workspace
Create a Central Store
24. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Dynamically expanding VHD's
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Administrators is the minimum group membership required to complete this procedure.
25. To allow a user to administer Active Directory
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Implement Windows BitLocker Drive Encryption (BitLocker)
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Add the user to the Domain Admins global group
26. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Active Directory Domains and Trusts
Deploy the Root CA certificate to the external computers.
Storage manager for SANs
Ensure your account - or the group is a member of the local Administrators group for that specific server.
27. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Administrative Role Separation
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Add the new UPN suffix to the forest.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
28. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
Configure block inheritance on the IT OU
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Modify the GPO to include folder redirection
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
29. If you need to allow an external partner's computer to access internal network resources by using SSTP
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Deploy the Root CA certificate to the external computers.
Microsoft System Center Data Protection Manager 2010
30. to make shares at a remote location available to users you should implement this.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Implement folder redirection by using GPO. Then backup the folder redirection target.
31. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Create and deploy a logon script that runs Auditpol.
32. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Subnet object needs to be created
Implement Windows System Resource Manager (WSRM) and configure user policies
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
33. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Domain based Distributed File System (DFS) will reduce network traffic
Then use Windows Deployment Services (WDS)
Run the Delegation of Control Wizard on the Staff OU
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
34. If subnets are connected by CISCO router that is RFC-1542 compliant
Windows System Resource Manager (WSRM)
Disable Site Link Bridging from the IP properties
Use CISCO IP Helper command to configure.
Assign the application to all client computers by using a GPO.
35. If users complain that it is hard to find the shared folders on the network implement
Configure RODC for Administrator Role Separation
Changed manually
Additional DFS Targets
Passive file screens
36. To make deploying the custom Word dictionary easy
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Disable Site Link Bridging from IP Properties
Recommend Group Policy preferences
37. The strongest form of NAP is
Configure caching on the shared folder (offline files)
dnscmd
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Configure folder redirection
38. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Execute the Set-ADServiceAccount cmdlet
MEDV to deploy virtual desktops
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
40. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Add the new UPN Suffix to the forest
Refresh the zone on DNS2
Configure offline files and enable manual caching
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
41. If you need to be able to create shared folders on Server 2008 R2
A Distributed File System (DFS) namespace
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Use a GPO to configure device installation restrictions
42. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
43. To create and additional AD LDS applicaiton directory partition in existing instance...
Set-ADServiceAccount cmdlet
Ldp
Win2000
Back up to an external USB drive by using Windows Server Backup
44. To defragment and AD database...
Install From Media IFM
dnscmd tool
Configure block inheritance on the IT OU
net stop ntds
45. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Passive file screens
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
46. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Create a MEDV workspace
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
DSMOD - ADUC
47. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Add the Windows Server Backup feature and Windows System Image recovery.
Deploy Microsoft System Center Operations Manager (SCOM)
48. To delegate authority to users to manage only certain areas in Hyper-V use the
Incoming external trust
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Authorization Manager role assignment
Add the new UPN Suffix to the forest
49. Auditing the deletion of Registry keys on all Domain Controllers
Deploy a failover cluster that uses Node and File Share Disk Majority
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Enable Windows Remote Management (WinRM) on each server.
50. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Import-Module
Use CISCO IP Helper command to configure.
Windows XP Mode
dnscmd tool
